LeakIX - Host 99.83.217.1

Host 99.83.217.1

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Heroku

tcp/443 tcp/80

heroku-router

tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.fisify.com
Port: 443
URL: https://api.fisify.com

First seen 2025-11-12 02:43
Last seen 2026-01-12 01:35
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-12 01:35
- Severity: info
  Fingerprint: 5733ddf49ff49cd1d83dc3bfd83dc3bfd83dc3bfd83dc3bfd83dc3bfd83dc3bf
```
Public Swagger UI/API detected at path: /swagger/swagger-ui.html
```
  Found on 2025-12-21 02:51
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.vinylreleases.app
Port: 443
URL: https://api.vinylreleases.app

First seen 2025-11-12 01:43
Last seen 2026-01-12 00:45
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e5dafd755f05379338cef506f3099d6fcd39a5fb

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /posts/unparsed/{logId}
DELETE /subscriptions/keywords/unsubscribe/{subscriptionId}
GET /analytics
GET /android/oauth/apple
GET /backdoor/post-processor/image
GET /common/artists
GET /config/common
GET /posts
GET /posts/popular
GET /posts/popular/management
GET /posts/subscriptions
GET /posts/unparsed
GET /subscriptions
GET /subscriptions/artists
GET /subscriptions/keywords
GET /subscriptions/settings
POST /analytics/v2
POST /backdoor/android-push/{token}
POST /backdoor/reddit-post-text
POST /common/artists/search/by-names
POST /common/feedback
POST /common/users
POST /config/android-device-token
POST /config/apple-device-token
POST /config/user
POST /config/user/countries
POST /config/user/email
POST /operational/email/open
POST /operational/email/unsubscribe
POST /posts/subscriptions/all/set-as-not-new
POST /posts/subscriptions/set-as-not-new
POST /subscriptions/artists/subscribe
POST /subscriptions/artists/subscribe/bulk
POST /subscriptions/artists/unsubscribe
POST /subscriptions/keywords/search/by-artists
POST /subscriptions/keywords/subscribe
POST /subscriptions/keywords/subscribe/bulk
POST /user/auth/apple
POST /user/auth/exchange/apple
POST /user/auth/exchange/google
POST /user/auth/google
POST /user/auth/refresh-token
PUT /common/artists/{artistId}
PUT /common/users/{userId}
PUT /posts/popular/{postId}
PUT /posts/{releaseId}
PUT /subscriptions/keywords/{subscriptionId}

Found on 2026-01-12 00:45

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e5dafd755f05379338cef506f3099d6f9353246e

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /posts/unparsed/{logId}
DELETE /subscriptions/keywords/unsubscribe/{subscriptionId}
GET /analytics
GET /android/oauth/apple
GET /backdoor/post-processor/image
GET /common/artists
GET /config/common
GET /posts
GET /posts/subscriptions
GET /posts/unparsed
GET /subscriptions
GET /subscriptions/artists
GET /subscriptions/keywords
GET /subscriptions/settings
POST /analytics/v2
POST /backdoor/android-push/{token}
POST /backdoor/reddit-post-text
POST /common/artists/search/by-names
POST /common/feedback
POST /common/users
POST /config/android-device-token
POST /config/apple-device-token
POST /config/user
POST /config/user/countries
POST /config/user/email
POST /operational/email/open
POST /operational/email/unsubscribe
POST /posts/subscriptions/all/set-as-not-new
POST /posts/subscriptions/set-as-not-new
POST /subscriptions/artists/subscribe
POST /subscriptions/artists/subscribe/bulk
POST /subscriptions/artists/unsubscribe
POST /subscriptions/keywords/search/by-artists
POST /subscriptions/keywords/subscribe
POST /subscriptions/keywords/subscribe/bulk
POST /user/auth/apple
POST /user/auth/exchange/apple
POST /user/auth/exchange/google
POST /user/auth/google
POST /user/auth/refresh-token
PUT /common/artists/{artistId}
PUT /common/users/{userId}
PUT /posts/{releaseId}
PUT /subscriptions/keywords/{subscriptionId}

Found on 2025-12-26 12:00

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e5dafd755f05379338cef506f3099d6fe1962bd8

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /posts/unparsed/{logId}
DELETE /subscriptions/keywords/unsubscribe/{subscriptionId}
GET /analytics
GET /android/oauth/apple
GET /common/artists
GET /config/common
GET /posts
GET /posts/subscriptions
GET /posts/unparsed
GET /subscriptions
GET /subscriptions/artists
GET /subscriptions/keywords
GET /subscriptions/settings
POST /analytics/v2
POST /backdoor/android-push/{token}
POST /backdoor/reddit-post-text
POST /common/artists/search/by-names
POST /common/feedback
POST /common/users
POST /config/android-device-token
POST /config/apple-device-token
POST /config/user
POST /config/user/countries
POST /config/user/email
POST /operational/email/open
POST /operational/email/unsubscribe
POST /posts/subscriptions/all/set-as-not-new
POST /posts/subscriptions/set-as-not-new
POST /subscriptions/artists/subscribe
POST /subscriptions/artists/subscribe/bulk
POST /subscriptions/artists/unsubscribe
POST /subscriptions/keywords/search/by-artists
POST /subscriptions/keywords/subscribe
POST /subscriptions/keywords/subscribe/bulk
POST /user/auth/apple
POST /user/auth/exchange/apple
POST /user/auth/exchange/google
POST /user/auth/google
POST /user/auth/refresh-token
PUT /common/artists/{artistId}
PUT /common/users/{userId}
PUT /posts/{releaseId}
PUT /subscriptions/keywords/{subscriptionId}

Found on 2025-12-22 18:38

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api-stage.wayflow-hub.com
Port: 443
URL: https://api-stage.wayflow-hub.com

First seen 2025-11-05 00:02
Last seen 2026-01-12 00:08
Open for 68 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839680286c20

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /overview/monthly-vehicle-reports
GET /overview/stats
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-12 00:08

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839695fa1cc9

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-04 00:19

Create report

Finds vulnerable Vite development environment

ViteJS development environment found and vulnerable to CVE-2025-30208

IP: 15.197.129.158
Domain: www.apolonekretnine.rs
Port: 443
URL: https://www.apolonekretnine.rs

First seen 2025-04-26 00:04
Last seen 2026-01-11 21:29
Open for 260 days

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109911db8cb9

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=52436
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-11 21:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099791d4c53

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=31921
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-10 21:23

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993369090d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33693
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-09 21:36

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109916fd2b3b

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=34661
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-08 21:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d69ec2ee

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=45680
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-07 21:30

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099c5664d06

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33120
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-06 21:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993afc3e3c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=37610
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-05 21:22

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099db7dd3ed

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=50225
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-03 21:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099dd9e07a1

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=53343
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-02 21:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a4a62e46

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=28933
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-01 21:40

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a89935d2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17117
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-31 21:40

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099626edccf

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=23676
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-30 21:32

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109958c62e9e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=16693
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-27 06:12

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d27d07f2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48768
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-24 21:01

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099f8f15f30

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=22494
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-23 00:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099eaf1add2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17306
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-20 16:45

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510999e2d4df4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=57061
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-18 12:14

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997a66e6e3

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=47223
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-16 08:30

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099b321bcad

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=13996
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-14 01:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099db9b795d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=31310
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-12 07:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a3728745

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=15756
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-01 01:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a755feaf

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35983
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-29 01:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099921b8637

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=29146
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-27 12:22

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510996526c348

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=22160
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-23 15:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109929b7a0b0

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=36316
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-20 23:23

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099bffb4743

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=20462
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-16 09:55

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a288b0ee

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=37678
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-12 08:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a58c33ef

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=50384
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-11 05:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099f9c64d5c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=22292
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-08 21:13

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099530b2045

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=21377
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-04 22:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109916f1d901

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=12568
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-02 23:45

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993850ed07

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33138
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-01 21:45

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510994bf10233

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=11307
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-31 03:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109951c3abff

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35770
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-29 05:13

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099cee7f7c8

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=22278
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-27 03:48

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510998fd010fb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=40954
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-24 22:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993f215f4e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=31610
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-22 23:51

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997a866445

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=11572
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-20 11:01

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109941b7051a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=18053
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-18 12:34

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099e8bf1be2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48180
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-16 13:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099ac810346

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33458
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-14 12:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d5088297

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=4749
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-12 13:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510996630a6c0

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=45343
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-10 19:19

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099bc3cf539

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33954
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-08 22:45

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109917d2afd8

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=25402
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-06 14:36

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099aef4969b

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=46398
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-04 14:47

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510991b5dc0a3

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=57873
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-02 14:50

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510995fdf4638

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=5714
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-30 18:44

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109900439dc6

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=39669
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-28 15:02

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109954132e9f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=25731
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-26 00:04

Create report

Finds vulnerable Vite development environment

ViteJS development environment found and vulnerable to CVE-2025-30208

IP: 75.2.43.161
Domain: www.apolonekretnine.rs
Port: 80
URL: http://www.apolonekretnine.rs

First seen 2025-04-26 00:04
Last seen 2026-01-11 21:25
Open for 260 days

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109911db8cb9

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=52436
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-11 21:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099791d4c53

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=31921
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-10 21:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993369090d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33693
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-09 21:19

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109916fd2b3b

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=34661
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-08 21:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d69ec2ee

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=45680
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-07 21:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099c5664d06

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33120
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-06 21:16

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993afc3e3c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=37610
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-05 21:18

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099db7dd3ed

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=50225
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-03 21:20

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099dd9e07a1

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=53343
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-02 21:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a4a62e46

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=28933
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2026-01-01 21:34

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a89935d2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17117
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-31 21:20

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099626edccf

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=23676
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-30 21:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109958c62e9e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=16693
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-27 04:00

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d27d07f2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48768
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-24 19:23

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099f8f15f30

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=22494
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-23 01:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099eaf1add2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17306
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-20 14:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510999e2d4df4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=57061
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-18 15:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997a66e6e3

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=47223
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-16 11:35

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099db22135f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48019
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-12-12 22:02

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a3728745

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=15756
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-30 23:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a755feaf

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35983
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-28 14:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109932fa21c0

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=59232
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-26 12:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109906f1a89d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=54593
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-22 17:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109989ded47c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=13964
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-20 19:47

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099f305e9c5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=14210
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-11-16 03:07

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099a288b0ee

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=37678
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-12 14:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109936d5ea99

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=36449
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-10 07:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d5977ec0

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=49246
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-08 05:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099da588117

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=17198
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-06 04:50

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099530b2045

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=21377
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-04 22:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109916f1d901

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=12568
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-02 23:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510993850ed07

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33138
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-06-01 20:58

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099c25359de

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=12594
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-30 21:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099dcf2e26a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35012
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-28 14:15

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510994fe799cc

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=49750
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-26 19:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510998fd010fb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=40954
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-24 15:57

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099de250609

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=18269
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-22 20:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997a866445

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=11572
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-20 21:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109941b7051a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=18053
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-18 12:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099e8bf1be2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=48180
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-16 19:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099ac810346

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33458
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-14 09:26

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d5088297

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=4749
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-12 12:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb6510997fef12b8

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=6782
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-10 07:29

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099bc3cf539

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33954
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-08 08:56

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109965c839c7

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=33174
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-06 06:18

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099aa1a7c29

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=35264
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-04 04:39

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099d19c434f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=3902
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-05-02 02:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109925704d76

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=44755
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-30 02:23

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb651099eba1684f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=39819
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-28 02:41

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e09224558ba090edb65109954132e9f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_config_user_agent=npm/10.5.0 node/v20.12.2 linux x64 workspaces/false
npm_node_execpath=/app/.heroku/node/bin/node
SHLVL=0
npm_config_noproxy=
PORT=25731
HOME=/app
npm_package_json=/app/package.json
npm_package_engines_node=20.12.2
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_config_userconfig=/app/.npmrc
npm_config_local_prefix=/app
COLOR=0
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
_=/app/.heroku/node/bin/npm
npm_config_prefix=/app/.heroku/node
npm_config_npm_version=10.5.0
WEB_CONCURRENCY=1
npm_config_cache=/app/.npm
COREPACK_HOME=/app/.heroku/corepack
npm_config_node_gyp=/app/.heroku/node/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
PATH=/app/node_modules/.bin:/node_modules/.bin:/app/.heroku/node/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/.heroku/node/bin/node
npm_package_name=realestaterentalfrontend
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
npm_lifecycle_script=vite
npm_package_version=1.0.0
npm_lifecycle_event=start
VITE_MAP_KEY=AIzaSyDFuInuyXsCD3db8M0I1TwRgsseD6cmq4E
npm_config_globalconfig=/app/.heroku/node/etc/npmrc
npm_config_init_module=/app/.npm-init.js
PWD=/app
npm_execpath=/app/.heroku/node/lib/node_modules/npm/bin/npm-cli.js
npm_config_global_prefix=/app/.heroku/node
npm_package_engines_npm=10.5.0
VITE_BACKEND_URL=https://apolone-backend-ad2a562adf05.herokuapp.com
npm_command=run-script
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app
EDITOR=vi

Found on 2025-04-26 00:04

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api-staging.pilgrim.club
Port: 80
URL: http://api-staging.pilgrim.club

First seen 2025-11-12 00:04
Last seen 2026-01-11 02:59
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-11 02:59
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: next.tmstudios.com
Port: 443
URL: https://next.tmstudios.com

First seen 2025-11-26 11:15
Last seen 2026-01-11 02:19
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-11 02:19
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dashboard-auth.getsauce.com
Port: 443
URL: https://dashboard-auth.getsauce.com

First seen 2025-11-11 03:36
Last seen 2026-01-11 02:18
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-11 02:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: test.home.friendsta.tech
Port: 443
URL: https://test.home.friendsta.tech

First seen 2025-11-16 01:44
Last seen 2026-01-10 02:27
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 02:27
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: annuaire-demo.devbox-sante.fr
Port: 80
URL: http://annuaire-demo.devbox-sante.fr

First seen 2025-11-09 00:31
Last seen 2026-01-10 02:14
Open for 62 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5babc16345a8b7bf5b18295c6dd88cc1337322243

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /annuaire/finess
GET /annuaire/finess/byDenominationOrFiness/{valeur}
GET /annuaire/finess/{id}
GET /annuaire/professionnels
GET /annuaire/professionnels/fullTextSearch/all/{value}
GET /annuaire/professionnels/fullTextSearch/nomComplet/{nomComplet}
GET /annuaire/professionnels/{id}
GET /api/lastUpdated
GET /nomenclatures
GET /nomenclatures/{nomenclature}
GET /nomenclatures/{nomenclature}/findByLibelle/{libelle}
GET /nomenclatures/{nomenclature}/findByLibelleOrCode/{texte}
GET /nomenclatures/{nomenclature}/fullTextSearch/{texte}
GET /nomenclatures/{nomenclature}/{valeur}
GET /statistiques/activities
GET /statistiques/currentMonth
GET /statistiques/previousMonth
POST /annuaire/finess/search
POST /annuaire/mssante/search
POST /annuaire/professionnels/search

Found on 2026-01-10 02:14

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: evobot.myfunc.io
Port: 443
URL: https://evobot.myfunc.io

First seen 2025-11-03 01:18
Last seen 2026-01-10 01:52
Open for 68 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035494046a9d18aebeda059a9c3714290f54fcc9db69f
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /legacy/kick/channel/{channelName}
GET /partner-api/channel/info
GET /partner-api/channel/status
GET /partner-api/viewer/balance
GET /partner-api/viewer/info
POST /partner-api/channel/give
POST /partner-api/channel/message/send
POST /partner-api/connection
POST /partner-api/viewer/balance/add
POST /partner-api/viewer/balance/sub
POST /partner-api/viewer/reset-balances
```
  Found on 2026-01-10 01:52
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.dev.akorno.com
Port: 80
URL: http://api.dev.akorno.com

First seen 2025-12-09 01:31
Last seen 2026-01-10 01:39
Open for 32 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-10 01:39

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-17 01:20

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba032fa7527

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/carl/ussd
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-09 01:31

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bokslink-api.boks.app
Port: 443
URL: https://bokslink-api.boks.app

First seen 2025-10-21 01:10
Last seen 2026-01-10 01:36
Open for 81 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035495dcf96021d090d403dc8079fd32fc6e13295f002

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/click-and-collect/pre-bookings/{preBookingId}
DELETE /api/sites/{siteId}/configurations/{key}
GET /api/boks
GET /api/boks/single
GET /api/boks/{boksId}
GET /api/boks/{boksId}/keyboard-code
GET /api/click-and-collect/locate
GET /api/click-and-collect/pre-bookings
GET /api/parcel-deliveries
GET /api/parcel-deliveries/canceled
GET /api/parcel-deliveries/retrieved
GET /api/pcbs/single
GET /api/sites/group-names
GET /api/sites/{siteId}
GET /api/user-boks-associations
GET /api/users
GET /api/users/{userId}
POST /api/boks/disassemble
POST /api/click-and-collect/carrier-loadings/{operationId}/drop
POST /api/meta-sites
POST /api/parcel-deliveries/click-and-collect/carrier-loading-operations
POST /api/parcel-deliveries/retrieve
POST /api/parcel-deliveries/{parcelDeliveryId}/cancel
POST /api/parcel-deliveries/{parcelDeliveryId}/deliver
POST /api/parcel-deliveries/{parcelDeliveryId}/drop
POST /api/parcel-deliveries/{parcelDeliveryId}/retrieve
POST /api/remote-ble-deliveries
POST /api/sites
POST /api/sites/{siteId}/configurations
POST /api/sites/{siteId}/manager-invitations
POST /api/support-tickets
POST /api/support-tickets/{supportTicketId}/maintenance-actions
POST /api/support-tickets/{supportTicketId}/return-actions
POST /api/support-tickets/{supportTicketId}/shipping-actions
POST /your-configured-webhook-path-on-your-server-for-cell-loading
POST /your-configured-webhook-path-on-your-server-for-cell-retrieved
PUT /api/parcel-deliveries/{parcelDeliveryId}
PUT /api/user-boks-associations/{userBoksAssociationId}

Found on 2026-01-10 01:36

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: backend.harvest.graindata.com
Port: 443
URL: https://backend.harvest.graindata.com

First seen 2025-11-18 00:08
Last seen 2026-01-10 01:09
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f61fc931f61fc931f61fc931f61fc931f61fc931f61fc931
```
Public Swagger UI/API detected at path: /api/swagger.json
```
  Found on 2026-01-10 01:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.hvemsahva.no
Port: 80
URL: http://api.hvemsahva.no

First seen 2025-11-25 01:15
Last seen 2026-01-10 01:02
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b2794c2a810f3f43235126058cb038b70115bdc2a
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /game/id
GET /game/ranking
GET /game/score
GET /games
GET /me
GET /rank
POST /auth/refresh-token
POST /auth/register
POST /auth/signin
```
  Found on 2026-01-10 01:02
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: overeni-bankou.accept.skippay.dev
Port: 443
URL: https://overeni-bankou.accept.skippay.dev

First seen 2025-10-17 00:01
Last seen 2026-01-10 00:51
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd18553ecf761b3804c143bd68f31952d69b506847c5f7120c4
```
Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /connect/{providerId}/{providerUserId}
GET /
GET /api/businesscard/banks
GET /api/businesscard/export
GET /api/businesscard/id
GET /connect
GET /connect/{providerId}
GET /redirect/connect
GET /saml/SSO
GET /saml/connect/{provider}
GET /saml/metadata
GET /service/banks
GET /service/clean
GET /service/hello
GET /service/statistics
POST /api/businesscard/bank/delete
POST /api/businesscard/delete
```
  Found on 2026-01-10 00:51
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: experiments.phywe.com
Port: 443
URL: https://experiments.phywe.com

First seen 2025-11-23 02:02
Last seen 2026-01-10 00:36
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-10 00:36
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.tokoro.space
Port: 80
URL: http://api.tokoro.space

First seen 2025-10-21 02:42
Last seen 2026-01-10 00:28
Open for 80 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b28aed0a834897a8e6d405fb20ed7175d39b9e8fc

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /collections/{collectionId}/places/{placeId}
DELETE /users/history/rollback
DELETE /users/history/rollback/action/{action}
DELETE /users/history/rollback/timestamp-range
GET /about
GET /blogs
GET /blogs/
GET /blogs/{id}
GET /chat-histories/users/me
GET /chat-histories/users/{userId}
GET /chat-histories/{id}
GET /collections/me
GET /collections/search
GET /collections/users/{userId}
GET /collections/{collectionId}
GET /error
GET /features
GET /features/
GET /features/{id}
GET /places
GET /places/
GET /places/batch
GET /places/nearby
GET /places/random/{count}
GET /places/{id}
GET /privacy
GET /ratings
GET /ratings/
GET /ratings/{id}
GET /reviews
GET /reviews/
GET /reviews/place/{placeId}
GET /reviews/user/{userId}
GET /reviews/{id}
GET /testimonials
GET /testimonials/
GET /testimonials/by-status
GET /testimonials/random/{count}
GET /testimonials/user/{userId}
GET /testimonials/{id}
GET /users
GET /users/
GET /users/history
GET /users/history/action/{action}
GET /users/history/as-places
GET /users/history/count
GET /users/history/establishment-id/{establishmentId}
GET /users/history/exists/timestamp
GET /users/history/search/action
GET /users/history/search/establishment-id
GET /users/history/sort/timestamp
GET /users/history/sort/timestamp-desc
GET /users/history/timestamp
GET /users/me
GET /users/preferences
GET /users/{id}
GET /users/{id}/is-blocked
PATCH /testimonials/{id}/status
PATCH /users/{id}/metadata
PATCH /users/{id}/name
PATCH /users/{id}/nickname
POST /about/
POST /collections
POST /collections/
POST /collections/{collectionId}/places
POST /places/search
POST /privacy/
POST /users/{id}/avatar
POST /users/{id}/block
POST /users/{id}/roles
POST /users/{id}/unblock
PUT /users/preferences/categories
PUT /users/preferences/language
PUT /users/preferences/notifications-enabled
PUT /users/preferences/timezone

Found on 2026-01-10 00:28

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.rentpetal.com
Port: 443
URL: https://api.rentpetal.com

First seen 2025-12-09 05:57
Last seen 2026-01-09 23:58
Open for 31 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e56080eb7b1958d1133359da07bd5526168e0c7974

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/delivery/{deliveryId}/arrangement/{arrangementId}
DELETE /api/v1/migration/delete-changelog
GET /api/v1/arrangement
GET /api/v1/arrangement/get_list_of_arrangement
GET /api/v1/arrangement/search_arrangement
GET /api/v1/auth/business-types
GET /api/v1/auth/countries
GET /api/v1/auth/ping
GET /api/v1/customer/customers/search
GET /api/v1/customer/filter
GET /api/v1/customer/{customerId}
GET /api/v1/delivery/deliveries
GET /api/v1/delivery/get_all_deliveries
GET /api/v1/delivery/monthly-summary
GET /api/v1/delivery/search
GET /api/v1/delivery/{deliveryId}
GET /api/v1/file
GET /api/v1/file/list
GET /api/v1/material/colours
GET /api/v1/material/export-materials
GET /api/v1/material/flowers
GET /api/v1/material/list
GET /api/v1/migration/apply-changelog
GET /api/v1/migration/initialize-schema/{orgId}
GET /api/v1/plan
GET /api/v1/plan/validate-plan/{tenantId}
GET /api/v1/plan/{id}
GET /api/v1/subscription/customer/{customerId}
GET /api/v1/subscription/{id}
GET /api/v1/tenant
GET /api/v1/tenant/team
GET /api/v1/tenant/team/get_all_tenant_team_without_pagination
GET /api/v1/tenant/team/tenant-team/search
GET /api/v1/tenant/team/tenant-team/{id}
GET /api/v1/tenant/tenant/{tenantId}/plan-history
GET /api/v1/tenant/{id}
PATCH /api/v1/delivery/{deliveryId}/add-arrangements
PATCH /api/v1/tenant/deactivateTenant/{id}
PATCH /api/v1/tenant/team/{id}
POST /api/v1/arrangement/filter
POST /api/v1/auth/auth/send-otp
POST /api/v1/auth/auth/verify-otp
POST /api/v1/auth/change-password
POST /api/v1/auth/forgot-password
POST /api/v1/auth/general-registration
POST /api/v1/auth/login
POST /api/v1/auth/register
POST /api/v1/auth/register-role
POST /api/v1/auth/reset-password
POST /api/v1/customer
POST /api/v1/delivery/complete
POST /api/v1/delivery/list
POST /api/v1/email/send-delivery-arrangements/{deliveryId}
POST /api/v1/file/upload
POST /api/v1/material/upload
POST /api/v1/subscription/
POST /api/v1/tenant/register
PUT /api/v1/customer/{customerId}/deactivate
PUT /api/v1/delivery/{deliveryId}/restock
PUT /api/v1/file/update
PUT /api/v1/migration/apply-changelog-file/{orgId}
PUT /api/v1/subscription/update/{customerId}

Found on 2026-01-09 23:58

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e56080eb7b1958d1133359da07bd552616b3a16a81

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/delivery/{deliveryId}/arrangement/{arrangementId}
DELETE /api/v1/migration/delete-changelog
GET /api/v1/arrangement
GET /api/v1/arrangement/get_list_of_arrangement
GET /api/v1/arrangement/search_arrangement
GET /api/v1/auth/business-types
GET /api/v1/auth/countries
GET /api/v1/auth/ping
GET /api/v1/customer/customers/search
GET /api/v1/customer/filter
GET /api/v1/customer/{customerId}
GET /api/v1/delivery/deliveries
GET /api/v1/delivery/get_all_deliveries
GET /api/v1/delivery/search
GET /api/v1/delivery/{deliveryId}
GET /api/v1/file
GET /api/v1/file/list
GET /api/v1/material/colours
GET /api/v1/material/export-materials
GET /api/v1/material/flowers
GET /api/v1/material/list
GET /api/v1/migration/apply-changelog
GET /api/v1/migration/initialize-schema/{orgId}
GET /api/v1/plan
GET /api/v1/plan/validate-plan/{tenantId}
GET /api/v1/plan/{id}
GET /api/v1/subscription/customer/{customerId}
GET /api/v1/subscription/{id}
GET /api/v1/tenant
GET /api/v1/tenant/team
GET /api/v1/tenant/team/get_all_tenant_team_without_pagination
GET /api/v1/tenant/team/tenant-team/search
GET /api/v1/tenant/team/tenant-team/{id}
GET /api/v1/tenant/tenant/{tenantId}/plan-history
GET /api/v1/tenant/{id}
PATCH /api/v1/delivery/{deliveryId}/add-arrangements
PATCH /api/v1/tenant/deactivateTenant/{id}
PATCH /api/v1/tenant/team/{id}
POST /api/v1/arrangement/filter
POST /api/v1/auth/auth/send-otp
POST /api/v1/auth/auth/verify-otp
POST /api/v1/auth/change-password
POST /api/v1/auth/forgot-password
POST /api/v1/auth/general-registration
POST /api/v1/auth/login
POST /api/v1/auth/register
POST /api/v1/auth/register-role
POST /api/v1/auth/reset-password
POST /api/v1/customer
POST /api/v1/delivery/complete
POST /api/v1/delivery/list
POST /api/v1/email/send-delivery-arrangements/{deliveryId}
POST /api/v1/file/upload
POST /api/v1/material/upload
POST /api/v1/subscription/
POST /api/v1/tenant/register
PUT /api/v1/customer/{customerId}/deactivate
PUT /api/v1/delivery/{deliveryId}/restock
PUT /api/v1/file/update
PUT /api/v1/migration/apply-changelog-file/{orgId}
PUT /api/v1/subscription/update/{customerId}

Found on 2026-01-02 21:20

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dev.api.chat.hotlens.com
Port: 80
URL: http://dev.api.chat.hotlens.com

First seen 2025-11-14 04:22
Last seen 2026-01-09 23:48
Open for 56 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549099cc8413e6ac1c6e62ae0ed215387de2c8e719f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/player-chat/backoffice/bulk-player-message
DELETE /api/player-chat/backoffice/player-message
GET /api/chat/backoffice/messages
GET /api/chat/backoffice/players
GET /api/chat/channels
GET /api/chat/messages
HEAD /api/chat/backoffice/health-check
HEAD /api/chat/health-check
HEAD /api/player-chat/backoffice/health-check
HEAD /api/player-chat/health-check
POST /api/chat/backoffice/channel
POST /api/player-chat/send-message
PUT /api/player-chat/backoffice/player-block-chat
PUT /api/player-chat/backoffice/player-unblock-chat
PUT /api/player-chat/like-message

Found on 2026-01-09 23:48

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549301589181ba61714bc9181fa0124065a4316daea

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/PlayerChat/backoffice/bulk-player-message
DELETE /api/PlayerChat/backoffice/player-message
GET /api/Chat
GET /api/Chat/backoffice
GET /api/Chat/backoffice/players
GET /api/Chat/channels
HEAD /api/Chat/health-check
HEAD /api/PlayerChat/health-check
POST /api/Chat/backoffice/channel
POST /api/PlayerChat/send-message
PUT /api/PlayerChat/backoffice/player-block-chat
PUT /api/PlayerChat/backoffice/player-unblock-chat
PUT /api/PlayerChat/like-message

Found on 2025-11-16 04:39

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: togetherfirstcic.htech.app
Port: 443
URL: https://togetherfirstcic.htech.app

First seen 2025-11-27 00:18
Last seen 2026-01-09 23:38
Open for 43 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: app.sportio.sk
Port: 80
URL: http://app.sportio.sk

First seen 2025-10-31 00:40
Last seen 2026-01-09 23:33
Open for 70 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 23:33
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bookings.sloanesquaremedical.co.uk
Port: 443
URL: https://bookings.sloanesquaremedical.co.uk

First seen 2025-11-08 01:32
Last seen 2026-01-09 23:27
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 23:27
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.fantati.it
Port: 443
URL: https://api.fantati.it

First seen 2025-11-28 01:42
Last seen 2026-01-09 23:11
Open for 42 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3dfad9413d

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/contents/news
POST /api/contents/sponsor
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase
POST /api/shops/redeem/{playerId}/{shopItemId}
POST /api/teams
PUT /api/contents/news/{id}
PUT /api/contents/sponsor/{id}
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}
PUT /api/goals/daily/players/{playerId}

Found on 2026-01-09 23:11

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3df651b8a2

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/contents/news
POST /api/contents/sponsor
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase
POST /api/shops/redeem/{playerId}/{shopItemId}
POST /api/teams
PUT /api/contents/news/{id}
PUT /api/contents/sponsor/{id}
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}

Found on 2026-01-02 20:27

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3d9f360cf6

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/contents/news
POST /api/contents/sponsor
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase/{playerId}/{shopItemId}
POST /api/teams
PUT /api/contents/news/{id}
PUT /api/contents/sponsor/{id}
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}

Found on 2025-12-27 04:11

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3de295a10a

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase/{playerId}/{shopItemId}
POST /api/teams
PUT /api/forms/{id}
PUT /api/goals/collect/{goalId}/players/{playerId}

Found on 2025-12-10 13:24

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bc2656850b401c04af7bb586a5a515f3d2ffc59c5

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/leagues/{leagueId}/exit/players/{playerId}
DELETE /api/points/{id}
GET /api/achievements/bonus
GET /api/achievements/malus
GET /api/characters
GET /api/characters/leaderboards
GET /api/contents
GET /api/forms
GET /api/forms/active
GET /api/forms/leaderboards
GET /api/forms/players/{playerId}
GET /api/forms/{id}/answers
GET /api/goals/players/{playerId}
GET /api/leagues
GET /api/leagues/players/{playerId}
GET /api/leagues/{leagueId}
GET /api/leagues/{leagueId}/leaderboards
GET /api/leagues/{leagueId}/partecipants
GET /api/leagues/{leagueId}/players/{playerId}
GET /api/login/build
GET /api/players/count
GET /api/players/count/today
GET /api/players/{playerId}
GET /api/points
GET /api/rewards/players/{playerId}
GET /api/rules
GET /api/seasons/current/episode
GET /api/seasons/next/episode
GET /api/shops
GET /api/shops/players/{playerId}/purchases
GET /api/teams/{id}
PATCH /api/players/{playerId}/img
POST /api/forms/{id}/active
POST /api/forms/{id}/inactive
POST /api/leagues/{leagueId}/active
POST /api/leagues/{leagueId}/inactive
POST /api/login
POST /api/login/admin
POST /api/login/tokens
POST /api/notifications
POST /api/notifications/tokens
POST /api/notifications/{playerId}
POST /api/players
POST /api/players/{playerId}/logout
POST /api/shops/purchase/{playerId}/{shopItemId}
POST /api/teams
PUT /api/forms/{id}

Found on 2025-12-02 05:43

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.everrest.educata.dev
Port: 443
URL: https://api.everrest.educata.dev

First seen 2025-12-11 00:35
Last seen 2026-01-09 22:44
Open for 29 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 22:44
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bigle-email-serve.biglelegal.com
Port: 80
URL: http://bigle-email-serve.biglelegal.com

First seen 2025-11-18 01:28
Last seen 2026-01-09 22:08
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 22:08
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: prod-cmd-pem.kenetto.com
Port: 443
URL: https://prod-cmd-pem.kenetto.com

First seen 2025-11-03 01:28
Last seen 2026-01-09 22:06
Open for 67 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b971511079c47070e854a03255229fc5aa8ed4b00
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /rnu/{id}
GET /rnu2/{sns}
GET /v2/rnu/{id}
POST /auth/authenticate
POST /auth/token
POST /cmd/
POST /cmd/getCertificate
POST /cmd/otp
POST /mcdt
POST /mcdt/exam
POST /pem/
POST /pem/signed
POST /pem2/
POST /pem2/addSignature
POST /pem2/annull
POST /pem2/annullment
POST /pem2/prescribe
POST /pem3/
POST /pem3/addSignature
POST /pem3/annull
POST /pem3/annullment
POST /pem3/prescribe
POST /rnt/
```
  Found on 2026-01-09 22:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.recruit.cliniscout.com
Port: 443
URL: https://api.recruit.cliniscout.com

First seen 2025-11-16 01:54
Last seen 2026-01-09 21:31
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 21:31
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.milling.cadcam.energy
Port: 443
URL: https://api.milling.cadcam.energy

First seen 2025-11-16 01:04
Last seen 2026-01-09 21:21
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 21:21
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: pos.api.akorno.dbytel.com
Port: 443
URL: https://pos.api.akorno.dbytel.com

First seen 2025-12-05 00:27
Last seen 2026-01-09 21:17
Open for 35 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-09 21:17

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-17 00:41

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-05 00:27

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: loenberegner.dora-apps.com
Port: 443
URL: https://loenberegner.dora-apps.com

First seen 2025-12-01 08:41
Last seen 2026-01-09 20:06
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549382a10ba889058dd781bb1940e538662307fe334
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /teams
GET /teams/stats
GET /teams/{id}
GET /teams/{id}/users
POST /api/v1/auth/forgot-password
POST /api/v1/auth/reset-password
POST /api/v1/auth/verify-reset-token
```
  Found on 2026-01-09 20:06
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-12-09 19:20
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: test.discovery.friendsta.tech
Port: 80
URL: http://test.discovery.friendsta.tech

First seen 2025-10-17 22:44
Last seen 2026-01-09 19:51
Open for 83 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 19:51
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dev.instantpdf.eu
Port: 443
URL: https://dev.instantpdf.eu

First seen 2025-10-31 01:10
Last seen 2026-01-09 19:28
Open for 70 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e592cd2916728dca27f0df528e42b1141cad4a11da
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /sign-box/{actionId}/get-document
GET /sign-box/{flowId}/get-original-document
GET /ui/sessions/{session-id}/sign-box/{flow-id}/get-last-document
GET /v2/documents/{document-id}/get-pdf
POST /v2/documents
POST /v2/templates/{template-id}/create-and-store-document
POST /v2/templates/{template-id}/create-document
POST /v2/test-callback
```
  Found on 2026-01-09 19:28
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: app.termedisirmione.com
Port: 443
URL: https://app.termedisirmione.com

First seen 2025-11-14 01:34
Last seen 2026-01-09 19:24
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 19:24
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: taurushealthcarelimited.htech.app
Port: 443
URL: https://taurushealthcarelimited.htech.app

First seen 2025-12-07 00:34
Last seen 2026-01-09 18:56
Open for 33 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 18:56
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: enlight.apptoku.com
Port: 443
URL: https://enlight.apptoku.com

First seen 2025-10-17 00:31
Last seen 2026-01-09 18:48
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff431ce6ac208ff9edfad6c4ca4fb986a8a6cb87b40b
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /events/
GET /events/archive/
GET /events/filter_options/
GET /events/{slug}/{id}/
GET /ideas/
GET /ideas/{id}/
GET /logout/
GET /user/
POST /events/{id}/attachments/
POST /events/{id}/participate/
POST /events/{id}/vote/
POST /ideas/{id}/vote/
POST /token/refresh/
```
  Found on 2026-01-09 18:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: suiker.jan-eric.duden.nl
Port: 443
URL: https://suiker.jan-eric.duden.nl

First seen 2025-11-20 01:02
Last seen 2026-01-09 18:46
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43a0a0e27f0caf932a9a8a33844143bc8a7d7a85ff
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /devicestatus/{spec}
DELETE /treatments/{spec}
GET /devicestatus/
GET /echo/{storage}/{spec}
GET /entries
GET /entries/{spec}
GET /profile
GET /slice/{storage}/{field}/{type}/{prefix}/{regex}
GET /status
GET /times/echo/{prefix}/{regex}
GET /times/{prefix}/{regex}
GET /treatments
```
  Found on 2026-01-09 18:46
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.dev.gocore.gg
Port: 443
URL: https://api.dev.gocore.gg

First seen 2025-11-15 01:00
Last seen 2026-01-09 18:45
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d6006cde513cfebdf72fb36fb0daa678bcd5d625e14

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/BackOfficeCommon/dashboard
GET /api/BackOfficeGocoreCustomers
GET /api/BackOfficePickemTournamentRewards
GET /api/BackOfficePickemTournaments
GET /api/BackOfficePickemTournaments/{id}
GET /api/BackOfficePickems
GET /api/BackOfficePickems/matches
GET /api/BackOfficePickems/{id}
GET /api/BackOfficePlayers
GET /api/BackOfficePlayers/player-pickems
GET /api/BackOfficeTips
GET /api/BackOfficeTips/{id}
GET /api/BackOfficeTipsters
GET /api/BackOfficeTipsters/id
GET /api/BackOfficeUsers
GET /api/BackOfficeUsers/current-user-detail
GET /api/BackOfficeUsers/fulltext
GET /api/BackOfficeUsers/roles
GET /api/BackOfficeUsers/{id}
GET /api/Matches/match
GET /api/Matches/matches
GET /api/Matches/matches-calendar
GET /api/PandaScore/all-matches
GET /api/Pickems/current-player/all
GET /api/Pickems/current-player/betable
GET /api/Pickems/current-player/history
GET /api/Pickems/player-leaderboards
GET /api/Pickems/player-results
GET /api/Pickems/player-tournament-leaderboards
GET /api/Players
GET /api/Rss/dota-buff
GET /api/Rss/feed
GET /api/Rss/hltv
GET /api/Tips
GET /api/Tips/fulltext
GET /api/Tips/slug/{slug}
GET /api/Tips/slugs
GET /api/Tips/tip-of-day
GET /api/Tips/{id}
GET /api/Tipster/leaderboard
POST /api/BackOfficePickems/create-pickem
POST /api/BackOfficePickems/create-pickems
POST /api/BackOfficePickems/revalidate-pickem
POST /api/Players/email-confirmation
POST /api/Players/send-email-confirmation
POST /api/Users/reset
POST /api/Users/reset-token
PUT /api/BackOfficePickemTournaments/{tournamentId}
PUT /api/BackOfficePickems/adjust-admin-pickems
PUT /api/BackOfficePickems/adjust-bet-pickem
PUT /api/BackOfficePickems/admin-bet-pickem
PUT /api/BackOfficePickems/{pickemId}
PUT /api/BackOfficeTips/admin
PUT /api/BackOfficeUsers/current-user-change-detail
PUT /api/BackOfficeUsers/{id}/lock
PUT /api/BackOfficeUsers/{id}/unlock
PUT /api/Pickems/bet
PUT /api/Pickems/bets
PUT /api/Users/change-password

Found on 2026-01-09 18:45

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: staging-api.migesplus.ch
Port: 80
URL: http://staging-api.migesplus.ch

First seen 2025-11-17 00:57
Last seen 2026-01-09 18:43
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fe

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /search/reindex
GET /{locale}/access-channels
GET /{locale}/access-channels/{slug}
GET /{locale}/adviceCenters
GET /{locale}/adviceCenters/{slug}
GET /{locale}/audiences
GET /{locale}/audiences/{slug}
GET /{locale}/blogs
GET /{locale}/blogs/{slug}
GET /{locale}/featuredBlogs
GET /{locale}/good-practices
GET /{locale}/good-practices/{slug}
GET /{locale}/healthBlogs
GET /{locale}/infobox/{page}
GET /{locale}/infoboxes
GET /{locale}/migesMedia/{slug}
GET /{locale}/migesMedias
GET /{locale}/nonHealthBlogs
GET /{locale}/publications
GET /{locale}/publications/featured
GET /{locale}/publications/{slug}
GET /{locale}/publications/{slug}/related
GET /{locale}/publishers
GET /{locale}/publishers/{slug}
GET /{locale}/publishers/{slug}/publications
GET /{locale}/topics
GET /{locale}/topics/featured
GET /{locale}/topics/pages
GET /{locale}/topics/{slug}
POST /address/search
POST /address/validate
POST /webhooks/contentful
POST /{locale}/publishers/emails
POST /{locale}/publishers/{slug}/email
PUT /topics/updateTopicGroupSlugPath

Found on 2026-01-09 18:43

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.myvisapp.com.ng
Port: 443
URL: https://api.myvisapp.com.ng

First seen 2025-10-27 14:55
Last seen 2026-01-09 18:31
Open for 74 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec33bee70777a3c6e3e883962788c0edafe2ee86fc

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /api/v1/carousel/delete
DELETE /api/v1/header/delete
DELETE /api/v1/other-services/delete
DELETE /api/v1/packages/delete
DELETE /api/v1/user/delete
DELETE /api/v1/visa-country-fees/delete
DELETE /api/v1/visa-country-files/delete
DELETE /api/v1/visa-country-health-insurance/delete
DELETE /api/v1/visa-country-insurance/delete
DELETE /api/v1/visa-country/delete
DELETE /api/v1/visa-purpose/delete
DELETE /api/v1/visa-type/delete
GET /api/v1/auth/active
GET /api/v1/auth/visa-info-status
GET /api/v1/carousel/active
GET /api/v1/carousel/all
GET /api/v1/discounts/all
GET /api/v1/flight/all
GET /api/v1/header/all
GET /api/v1/header/{id}
GET /api/v1/hotel/all
GET /api/v1/other-services/all
GET /api/v1/packages/active
GET /api/v1/packages/all
GET /api/v1/payment/transaction-query
GET /api/v1/report/handler
GET /api/v1/report/last-five-updates
GET /api/v1/report/last-five-visa-outcomes
GET /api/v1/report/latest-visa-staff-assigned
GET /api/v1/report/payment-status
GET /api/v1/report/staff-pending-applications
GET /api/v1/report/staff-upcoming-appointment
GET /api/v1/report/visa-info-status
GET /api/v1/report/visa-outcome
GET /api/v1/role/all
GET /api/v1/transaction-log/all
GET /api/v1/user-details/all
GET /api/v1/user-details/all-info
GET /api/v1/user-details/all-info-get-user-images
GET /api/v1/user-details/get-family-info
GET /api/v1/user-details/get-financial-info
GET /api/v1/user-details/get-other-info
GET /api/v1/user-details/get-previous-visa-application
GET /api/v1/user-details/get-professional-info
GET /api/v1/user-details/get-travel-history
GET /api/v1/user-details/get-user-images
GET /api/v1/user/all
GET /api/v1/user/all-orgs
GET /api/v1/user/all-staff
GET /api/v1/visa-country-fees/all
GET /api/v1/visa-country-fees/all-by-countries
GET /api/v1/visa-country-fees/{visaCountryId}
GET /api/v1/visa-country-files/all
GET /api/v1/visa-country-files/all-by-countries
GET /api/v1/visa-country-files/{visaCountryId}
GET /api/v1/visa-country-health-insurance/all
GET /api/v1/visa-country-health-insurance/all-by-countries
GET /api/v1/visa-country-health-insurance/{visaCountryId}
GET /api/v1/visa-country-insurance/all
GET /api/v1/visa-country-insurance/all-by-countries
GET /api/v1/visa-country-insurance/{visaCountryId}
GET /api/v1/visa-country/all
GET /api/v1/visa-info-status/all
GET /api/v1/visa-info/all
GET /api/v1/visa-info/all-staff-statistics
GET /api/v1/visa-info/visa-info-image
GET /api/v1/visa-purpose/all
GET /api/v1/visa-type/all
PATCH /api/v1/carousel/toggle
PATCH /api/v1/discounts/toggle
PATCH /api/v1/header/toggle
PATCH /api/v1/packages/toggle
PATCH /api/v1/visa-country/toggle
PATCH /api/v1/visa-info/cancel-app
PATCH /api/v1/visa-info/visa-info-reassign
PATCH /api/v1/visa-info/visa-info-status
PATCH /api/v1/visa-info/visa-remark
POST /api/v1/auth/login
POST /api/v1/auth/refreshtoken
POST /api/v1/carousel/add
POST /api/v1/discounts/add
POST /api/v1/discounts/get-discount
POST /api/v1/external/webhook
POST /api/v1/flight/add
POST /api/v1/header/add
POST /api/v1/hotel/add
POST /api/v1/other-services/add
POST /api/v1/packages/add
POST /api/v1/password/complete-sign-up/{recoveryCode}
POST /api/v1/password/forgot-password
POST /api/v1/password/reset-password/{recoveryCode}
POST /api/v1/payment/initiate
POST /api/v1/payment/initiate-other-payments
POST /api/v1/user-details/add-user-image
POST /api/v1/user/add
POST /api/v1/user/sign-up
POST /api/v1/visa-country-fees/add
POST /api/v1/visa-country-files/add
POST /api/v1/visa-country-health-insurance/add
POST /api/v1/visa-country-insurance/add
POST /api/v1/visa-country/add
POST /api/v1/visa-info/add
POST /api/v1/visa-info/add-visa-images
POST /api/v1/visa-purpose/add
POST /api/v1/visa-type/add
PUT /api/v1/carousel/update
PUT /api/v1/discounts/update
PUT /api/v1/header/update
PUT /api/v1/other-services/update
PUT /api/v1/packages/update
PUT /api/v1/user-details/financial-info
PUT /api/v1/user-details/other-info
PUT /api/v1/user-details/previous-visa-application
PUT /api/v1/user-details/professional-info
PUT /api/v1/user-details/travel-history
PUT /api/v1/user-details/update
PUT /api/v1/user-details/update-family-info
PUT /api/v1/user/update
PUT /api/v1/visa-country-fees/update
PUT /api/v1/visa-country-files/update
PUT /api/v1/visa-country-health-insurance/update
PUT /api/v1/visa-country-insurance/update
PUT /api/v1/visa-country/update
PUT /api/v1/visa-info/update
PUT /api/v1/visa-info/update-visa-images
PUT /api/v1/visa-info/visa-info-update-visa-appointment
PUT /api/v1/visa-info/visa-info-update-visa-outcome
PUT /api/v1/visa-purpose/update
PUT /api/v1/visa-type/update

Found on 2026-01-09 18:31

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: spark-whitelist-sandbox.tibaparking.net
Port: 443
URL: https://spark-whitelist-sandbox.tibaparking.net

First seen 2025-11-27 01:18
Last seen 2026-01-09 18:14
Open for 43 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549fbe044dda28986cd8c28ff6f0ba49ef3369c19d3
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/credential/verify/{credentialValue}
GET /api/credential/{credentialValue}
GET /api/lpr/verify/{lprValue}
GET /api/lpr/{lprValue}
POST /api/credential
POST /api/credential/sync
POST /api/lpr
POST /api/lpr/sync
```
  Found on 2026-01-09 18:14
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: herodoctors.com
Port: 443
URL: https://herodoctors.com

First seen 2025-11-08 01:02
Last seen 2026-01-09 17:43
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 17:43
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: wmpeditions.com
Port: 80
URL: http://wmpeditions.com

First seen 2025-11-08 01:12
Last seen 2026-01-09 17:42
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 17:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bookings.chelseageneralpractice.co.uk
Port: 443
URL: https://bookings.chelseageneralpractice.co.uk

First seen 2025-11-09 00:51
Last seen 2026-01-09 17:41
Open for 61 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 17:41
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bakgrunnssjekk.semac.no
Port: 443
URL: https://bakgrunnssjekk.semac.no

First seen 2025-11-23 03:41
Last seen 2026-01-09 17:31
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f5e22fb46b2be8806407db90cc128ed37e411d61a2ad2de0
```
Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /v1/cases/{id}
GET /v1/departments
GET /v1/employers
GET /v1/institutions
GET /v1/invoice_recipients
GET /v1/invoice_references
GET /v1/levels
GET /v1/questionnaires
GET /v1/sources
POST /v1/cases
POST /v1/cases/{id}/documents
```
  Found on 2026-01-09 17:31
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.magic-api.io
Port: 443
URL: https://api.magic-api.io

First seen 2025-11-01 02:07
Last seen 2026-01-09 17:28
Open for 69 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b58e5a75ab96b20cdd7ad782f14a3a391259361a2
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api-key/{id}
GET /api/{subdomain}/**
GET /endpoint/{id}
GET /project/{id}
GET /project/{id}/api-keys
GET /project/{id}/endpoints
GET /project/{id}/subdomain/availability
GET /status
GET /user/me
GET /user/me/projects
GET /user/{id}
GET /version
POST /api-key
POST /auth/firebase
POST /endpoint
POST /project
```
  Found on 2026-01-09 17:28
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: pim.bartsparts.com
Port: 443
URL: https://pim.bartsparts.com

First seen 2025-11-07 00:27
Last seen 2026-01-09 16:36
Open for 63 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-09 16:36

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.gocore.gg
Port: 80
URL: http://api.gocore.gg

First seen 2025-11-15 01:11
Last seen 2026-01-09 16:26
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d6006cde513cfebdf72fb36fb0daa678bcd5d625e14

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/BackOfficeCommon/dashboard
GET /api/BackOfficeGocoreCustomers
GET /api/BackOfficePickemTournamentRewards
GET /api/BackOfficePickemTournaments
GET /api/BackOfficePickemTournaments/{id}
GET /api/BackOfficePickems
GET /api/BackOfficePickems/matches
GET /api/BackOfficePickems/{id}
GET /api/BackOfficePlayers
GET /api/BackOfficePlayers/player-pickems
GET /api/BackOfficeTips
GET /api/BackOfficeTips/{id}
GET /api/BackOfficeTipsters
GET /api/BackOfficeTipsters/id
GET /api/BackOfficeUsers
GET /api/BackOfficeUsers/current-user-detail
GET /api/BackOfficeUsers/fulltext
GET /api/BackOfficeUsers/roles
GET /api/BackOfficeUsers/{id}
GET /api/Matches/match
GET /api/Matches/matches
GET /api/Matches/matches-calendar
GET /api/PandaScore/all-matches
GET /api/Pickems/current-player/all
GET /api/Pickems/current-player/betable
GET /api/Pickems/current-player/history
GET /api/Pickems/player-leaderboards
GET /api/Pickems/player-results
GET /api/Pickems/player-tournament-leaderboards
GET /api/Players
GET /api/Rss/dota-buff
GET /api/Rss/feed
GET /api/Rss/hltv
GET /api/Tips
GET /api/Tips/fulltext
GET /api/Tips/slug/{slug}
GET /api/Tips/slugs
GET /api/Tips/tip-of-day
GET /api/Tips/{id}
GET /api/Tipster/leaderboard
POST /api/BackOfficePickems/create-pickem
POST /api/BackOfficePickems/create-pickems
POST /api/BackOfficePickems/revalidate-pickem
POST /api/Players/email-confirmation
POST /api/Players/send-email-confirmation
POST /api/Users/reset
POST /api/Users/reset-token
PUT /api/BackOfficePickemTournaments/{tournamentId}
PUT /api/BackOfficePickems/adjust-admin-pickems
PUT /api/BackOfficePickems/adjust-bet-pickem
PUT /api/BackOfficePickems/admin-bet-pickem
PUT /api/BackOfficePickems/{pickemId}
PUT /api/BackOfficeTips/admin
PUT /api/BackOfficeUsers/current-user-change-detail
PUT /api/BackOfficeUsers/{id}/lock
PUT /api/BackOfficeUsers/{id}/unlock
PUT /api/Pickems/bet
PUT /api/Pickems/bets
PUT /api/Users/change-password

Found on 2026-01-09 16:26

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: enfieldfederation.htech.app
Port: 443
URL: https://enfieldfederation.htech.app

First seen 2025-10-23 01:12
Last seen 2026-01-09 16:05
Open for 78 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 16:05
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: overeni-bankou.skippay.dev
Port: 80
URL: http://overeni-bankou.skippay.dev

First seen 2025-10-17 00:31
Last seen 2026-01-09 15:45
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd18553ecf761b3804c143bd68f31952d69b506847c5f7120c4
```
Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /connect/{providerId}/{providerUserId}
GET /
GET /api/businesscard/banks
GET /api/businesscard/export
GET /api/businesscard/id
GET /connect
GET /connect/{providerId}
GET /redirect/connect
GET /saml/SSO
GET /saml/connect/{provider}
GET /saml/metadata
GET /service/banks
GET /service/clean
GET /service/hello
GET /service/statistics
POST /api/businesscard/bank/delete
POST /api/businesscard/delete
```
  Found on 2026-01-09 15:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.kora.li
Port: 443
URL: https://api.kora.li

First seen 2025-10-20 00:07
Last seen 2026-01-09 15:30
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 15:30
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.pilgrim.club
Port: 443
URL: https://api.pilgrim.club

First seen 2025-10-21 01:00
Last seen 2026-01-09 15:29
Open for 80 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 15:29
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: pdf.publidata.io
Port: 443
URL: https://pdf.publidata.io

First seen 2025-11-13 01:13
Last seen 2026-01-09 15:11
Open for 57 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 15:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: formation.widget-api.local.fr
Port: 443
URL: https://formation.widget-api.local.fr

First seen 2025-10-28 22:26
Last seen 2026-01-09 15:10
Open for 72 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 15:10
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dev.api.games.hotlens.com
Port: 443
URL: https://dev.api.games.hotlens.com

First seen 2025-11-13 04:33
Last seen 2026-01-09 15:09
Open for 57 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354979cf69f98ed2592ac178f6c7d25355e6fb558d4b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/DataTables/backoffice/bets
GET /api/DataTables/backoffice/refunds
GET /api/DataTables/backoffice/sessions
GET /api/DataTables/backoffice/wins
GET /api/Games/aliases
GET /api/Games/available-game
GET /api/Games/available-games
GET /api/Games/available-providers
GET /api/Games/backoffice/available-categories
GET /api/Games/backoffice/available-game-softswiss
GET /api/Games/backoffice/available-games
GET /api/Games/backoffice/available-provider
GET /api/Games/backoffice/available-providers-softswiss
GET /api/Games/backoffice/mongo-new-games
GET /api/Games/favorite-games
GET /api/Games/favorites-ids
GET /api/Games/games-persistence-history
GET /api/Games/live-bets
GET /api/Games/live-wins
GET /api/Games/live-wins/{id}
GET /api/Games/popular
GET /api/Games/provider-persistence-history
GET /api/Games/provider/{slug}
GET /api/Games/seo-games
GET /api/Games/seo-games-sections
GET /api/Games/seo-providers
GET /api/GamesPlayer/bets-statistics
GET /api/GamesPlayer/statistics-currency
GET /api/GamesPlayer/statistics-games
GET /api/GamesPlayer/statistics-providers
GET /api/GamesPlayer/statistics-summary
GET /api/GamesPlayer/wins-statistics
GET /api/GamesRegions/backoffice
GET /api/GamesRegions/backoffice/available-countries
GET /api/GamesRegions/backoffice/{id}
GET /api/GamesSectionGames/backoffice/search
GET /api/GamesSectionGames/backoffice/section-available-games
GET /api/GamesSectionGames/games
GET /api/GamesSectionGames/search
GET /api/GamesSections/backoffice
GET /api/GamesSections/backoffice/icons
GET /api/GamesSections/backoffice/{id}
GET /api/GamesSections/names
GET /api/GamesSections/{slug}
GET /api/GamesSessions/backoffice/demo-sessions
GET /api/GamesSessions/player-active-session
GET /api/GamesSessions/player-sessions
GET /api/GamesStatistics/backoffice/dashboard-statistics
GET /api/GamesStatistics/game-leaderboard
GET /api/v1/Example/get-string
HEAD /SoftSwissExternal/health-check
HEAD /api/BetbyExternal/health-check
HEAD /api/DataTables/backoffice/health-check
HEAD /api/Games/health-check
HEAD /api/GamesPlayer/health-check
HEAD /api/GamesRegions/backoffice/health-check
HEAD /api/GamesSectionGames/health-check
HEAD /api/GamesSections/health-check
HEAD /api/GamesSessions/health-check
HEAD /api/GamesStatistics/health-check
HEAD /api/v1/Example/health-check
POST /SoftSwissExternal/v2/a8r_casino.Freespins/Finish
POST /SoftSwissExternal/v2/a8r_casino.Player/Balance
POST /SoftSwissExternal/v2/a8r_casino.Round/BetWin
POST /SoftSwissExternal/v2/a8r_casino.Round/Finish
POST /SoftSwissExternal/v2/a8r_casino.Round/Rollback
POST /api/Games/backoffice/add-player-freechips
POST /api/Games/backoffice/add-player-freespins
POST /api/Games/backoffice/add-players-freespins
POST /api/Games/backoffice/remove-player-freechips
POST /api/Games/backoffice/remove-player-freespins
POST /api/Games/backoffice/upload-game-thumbnail
POST /api/Games/backoffice/upload-provider-thumbnail
POST /api/GamesSectionGames/backoffice
POST /api/GamesSectionGames/backoffice/multiselect
POST /api/GamesSectionGames/backoffice/provider
POST /api/GamesSectionGames/backoffice/provider-multiselect
POST /api/GamesSessions/create-session
POST /api/GamesSessions/create-session-demo
PUT /api/Games/backoffice
PUT /api/Games/backoffice/block-game
PUT /api/Games/backoffice/block-gamification-category
PUT /api/Games/backoffice/block-gamification-provider
PUT /api/Games/backoffice/block-provider
PUT /api/Games/backoffice/modify-game-description
PUT /api/Games/backoffice/modify-provider
PUT /api/Games/backoffice/select-game-thumbnail
PUT /api/Games/backoffice/unblock-game
PUT /api/Games/backoffice/unblock-gamification-category
PUT /api/Games/backoffice/unblock-gamification-provider
PUT /api/Games/backoffice/unblock-provider
PUT /api/GamesPlayer/add-favorite-game
PUT /api/GamesPlayer/remove-favorite-game
PUT /api/GamesRegions/backoffice/default
PUT /api/GamesSectionGames/backoffice/move
PUT /api/GamesSectionGames/backoffice/reindex
PUT /api/GamesSectionGames/backoffice/reindex-all
PUT /api/GamesSectionGames/backoffice/replace
PUT /api/GamesSessions/backoffice/end-session
PUT /api/GamesSessions/end-session

Found on 2026-01-09 15:09

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354979cf69f98ed2592ac178f6c7d25355e63eb7998a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/DataTables/backoffice/bets
GET /api/DataTables/backoffice/refunds
GET /api/DataTables/backoffice/sessions
GET /api/DataTables/backoffice/wins
GET /api/Games/aliases
GET /api/Games/available-game
GET /api/Games/available-games
GET /api/Games/available-providers
GET /api/Games/backoffice/available-game-softswiss
GET /api/Games/backoffice/available-games
GET /api/Games/backoffice/available-provider
GET /api/Games/backoffice/available-providers-softswiss
GET /api/Games/backoffice/mongo-new-games
GET /api/Games/favorite-games
GET /api/Games/favorites-ids
GET /api/Games/games-persistence-history
GET /api/Games/live-bets
GET /api/Games/live-wins
GET /api/Games/live-wins/{id}
GET /api/Games/popular
GET /api/Games/provider-persistence-history
GET /api/Games/provider/{slug}
GET /api/Games/seo-games
GET /api/Games/seo-games-sections
GET /api/Games/seo-providers
GET /api/GamesPlayer/bets-statistics
GET /api/GamesPlayer/statistics-currency
GET /api/GamesPlayer/statistics-games
GET /api/GamesPlayer/statistics-providers
GET /api/GamesPlayer/statistics-summary
GET /api/GamesPlayer/wins-statistics
GET /api/GamesRegions/backoffice
GET /api/GamesRegions/backoffice/available-countries
GET /api/GamesRegions/backoffice/{id}
GET /api/GamesSectionGames/backoffice/search
GET /api/GamesSectionGames/backoffice/section-available-games
GET /api/GamesSectionGames/games
GET /api/GamesSectionGames/search
GET /api/GamesSections/backoffice
GET /api/GamesSections/backoffice/icons
GET /api/GamesSections/backoffice/{id}
GET /api/GamesSections/names
GET /api/GamesSections/{slug}
GET /api/GamesSessions/backoffice/demo-sessions
GET /api/GamesSessions/player-active-session
GET /api/GamesSessions/player-sessions
GET /api/GamesStatistics/backoffice/dashboard-statistics
GET /api/GamesStatistics/game-leaderboard
GET /api/v1/Example/get-string
HEAD /SoftSwissExternal/health-check
HEAD /api/BetbyExternal/health-check
HEAD /api/DataTables/backoffice/health-check
HEAD /api/Games/health-check
HEAD /api/GamesPlayer/health-check
HEAD /api/GamesRegions/backoffice/health-check
HEAD /api/GamesSectionGames/health-check
HEAD /api/GamesSections/health-check
HEAD /api/GamesSessions/health-check
HEAD /api/GamesStatistics/health-check
HEAD /api/v1/Example/health-check
POST /SoftSwissExternal/v2/a8r_casino.Freespins/Finish
POST /SoftSwissExternal/v2/a8r_casino.Player/Balance
POST /SoftSwissExternal/v2/a8r_casino.Round/BetWin
POST /SoftSwissExternal/v2/a8r_casino.Round/Finish
POST /SoftSwissExternal/v2/a8r_casino.Round/Rollback
POST /api/Games/backoffice/add-player-freechips
POST /api/Games/backoffice/add-player-freespins
POST /api/Games/backoffice/add-players-freespins
POST /api/Games/backoffice/remove-player-freechips
POST /api/Games/backoffice/remove-player-freespins
POST /api/Games/backoffice/upload-game-thumbnail
POST /api/Games/backoffice/upload-provider-thumbnail
POST /api/GamesSectionGames/backoffice
POST /api/GamesSectionGames/backoffice/multiselect
POST /api/GamesSectionGames/backoffice/provider
POST /api/GamesSectionGames/backoffice/provider-multiselect
POST /api/GamesSessions/create-session
POST /api/GamesSessions/create-session-demo
PUT /api/Games/backoffice
PUT /api/Games/backoffice/block-game
PUT /api/Games/backoffice/block-gamification-provider
PUT /api/Games/backoffice/block-provider
PUT /api/Games/backoffice/modify-game-description
PUT /api/Games/backoffice/modify-provider
PUT /api/Games/backoffice/select-game-thumbnail
PUT /api/Games/backoffice/unblock-game
PUT /api/Games/backoffice/unblock-gamification-provider
PUT /api/Games/backoffice/unblock-provider
PUT /api/GamesPlayer/add-favorite-game
PUT /api/GamesPlayer/remove-favorite-game
PUT /api/GamesRegions/backoffice/default
PUT /api/GamesSectionGames/backoffice/move
PUT /api/GamesSectionGames/backoffice/reindex
PUT /api/GamesSectionGames/backoffice/reindex-all
PUT /api/GamesSectionGames/backoffice/replace
PUT /api/GamesSessions/backoffice/end-session
PUT /api/GamesSessions/end-session

Found on 2025-12-14 12:18

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354979cf69f98ed2592ac178f6c7d25355e6f17953ff

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/DataTables/backoffice/bets
GET /api/DataTables/backoffice/refunds
GET /api/DataTables/backoffice/sessions
GET /api/DataTables/backoffice/wins
GET /api/Games/aliases
GET /api/Games/available-game
GET /api/Games/available-games
GET /api/Games/available-providers
GET /api/Games/backoffice/available-game-softswiss
GET /api/Games/backoffice/available-games
GET /api/Games/backoffice/available-provider
GET /api/Games/backoffice/available-providers-softswiss
GET /api/Games/backoffice/mongo-new-games
GET /api/Games/favorite-games
GET /api/Games/favorites-ids
GET /api/Games/games-persistence-history
GET /api/Games/live-bets
GET /api/Games/live-wins
GET /api/Games/live-wins/{id}
GET /api/Games/popular
GET /api/Games/provider-persistence-history
GET /api/Games/provider/{slug}
GET /api/Games/seo-games
GET /api/Games/seo-games-sections
GET /api/Games/seo-providers
GET /api/GamesPlayer/bets-statistics
GET /api/GamesPlayer/statistics-currency
GET /api/GamesPlayer/statistics-games
GET /api/GamesPlayer/statistics-providers
GET /api/GamesPlayer/statistics-summary
GET /api/GamesPlayer/wins-statistics
GET /api/GamesRegions/backoffice
GET /api/GamesRegions/backoffice/available-countries
GET /api/GamesRegions/backoffice/{id}
GET /api/GamesSectionGames/backoffice/search
GET /api/GamesSectionGames/backoffice/section-available-games
GET /api/GamesSectionGames/games
GET /api/GamesSectionGames/search
GET /api/GamesSections/backoffice
GET /api/GamesSections/backoffice/icons
GET /api/GamesSections/backoffice/{id}
GET /api/GamesSections/names
GET /api/GamesSections/{slug}
GET /api/GamesSessions/backoffice/demo-sessions
GET /api/GamesStatistics/backoffice/dashboard-statistics
GET /api/GamesStatistics/game-leaderboard
GET /api/v1/Example/get-string
HEAD /SoftSwissExternal/health-check
HEAD /api/BetbyExternal/health-check
HEAD /api/DataTables/backoffice/health-check
HEAD /api/Games/health-check
HEAD /api/GamesPlayer/health-check
HEAD /api/GamesRegions/backoffice/health-check
HEAD /api/GamesSectionGames/health-check
HEAD /api/GamesSections/health-check
HEAD /api/GamesSessions/health-check
HEAD /api/GamesStatistics/health-check
HEAD /api/v1/Example/health-check
POST /api/Games/backoffice/add-player-freechips
POST /api/Games/backoffice/add-player-freespins
POST /api/Games/backoffice/add-players-freespins
POST /api/Games/backoffice/remove-player-freechips
POST /api/Games/backoffice/remove-player-freespins
POST /api/Games/backoffice/upload-game-thumbnail
POST /api/Games/backoffice/upload-provider-thumbnail
POST /api/GamesSectionGames/backoffice
POST /api/GamesSectionGames/backoffice/multiselect
POST /api/GamesSectionGames/backoffice/provider
POST /api/GamesSectionGames/backoffice/provider-multiselect
POST /api/GamesSessions/create-session
POST /api/GamesSessions/create-session-demo
PUT /api/Games/backoffice
PUT /api/Games/backoffice/block-game
PUT /api/Games/backoffice/block-gamification-provider
PUT /api/Games/backoffice/block-provider
PUT /api/Games/backoffice/modify-provider
PUT /api/Games/backoffice/select-game-thumbnail
PUT /api/Games/backoffice/unblock-game
PUT /api/Games/backoffice/unblock-gamification-provider
PUT /api/Games/backoffice/unblock-provider
PUT /api/GamesPlayer/add-favorite-game
PUT /api/GamesPlayer/remove-favorite-game
PUT /api/GamesRegions/backoffice/default
PUT /api/GamesSectionGames/backoffice/move
PUT /api/GamesSectionGames/backoffice/reindex
PUT /api/GamesSectionGames/backoffice/reindex-all
PUT /api/GamesSectionGames/backoffice/replace
PUT /api/GamesSessions/end-session

Found on 2025-12-01 07:55

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354979cf69f98ed2592ac178f6c7d25355e6e3f70665

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/DataTables/backoffice/bets
GET /api/DataTables/backoffice/refunds
GET /api/DataTables/backoffice/sessions
GET /api/DataTables/backoffice/wins
GET /api/Games/aliases
GET /api/Games/available-game
GET /api/Games/available-games
GET /api/Games/available-providers
GET /api/Games/backoffice/available-game-softswiss
GET /api/Games/backoffice/available-games
GET /api/Games/backoffice/available-provider
GET /api/Games/backoffice/available-providers-softswiss
GET /api/Games/backoffice/mongo-new-games
GET /api/Games/favorite-games
GET /api/Games/favorites-ids
GET /api/Games/live-bets
GET /api/Games/live-wins
GET /api/Games/live-wins/{id}
GET /api/Games/popular
GET /api/Games/provider/{slug}
GET /api/Games/seo-games
GET /api/Games/seo-games-sections
GET /api/Games/seo-providers
GET /api/GamesPlayer/bets-statistics
GET /api/GamesPlayer/statistics-currency
GET /api/GamesPlayer/statistics-games
GET /api/GamesPlayer/statistics-providers
GET /api/GamesPlayer/statistics-summary
GET /api/GamesPlayer/wins-statistics
GET /api/GamesRegions/backoffice
GET /api/GamesRegions/backoffice/available-countries
GET /api/GamesRegions/backoffice/{id}
GET /api/GamesSectionGames/backoffice/search
GET /api/GamesSectionGames/backoffice/section-available-games
GET /api/GamesSectionGames/games
GET /api/GamesSectionGames/search
GET /api/GamesSections/backoffice
GET /api/GamesSections/backoffice/icons
GET /api/GamesSections/backoffice/{id}
GET /api/GamesSections/names
GET /api/GamesSections/{slug}
GET /api/GamesSessions/backoffice/demo-sessions
GET /api/GamesStatistics/backoffice/dashboard-statistics
GET /api/GamesStatistics/game-leaderboard
GET /api/v1/Example/get-string
HEAD /SoftSwissExternal/health-check
HEAD /api/BetbyExternal/health-check
HEAD /api/DataTables/backoffice/health-check
HEAD /api/Games/health-check
HEAD /api/GamesPlayer/health-check
HEAD /api/GamesRegions/backoffice/health-check
HEAD /api/GamesSectionGames/health-check
HEAD /api/GamesSections/health-check
HEAD /api/GamesSessions/health-check
HEAD /api/GamesStatistics/health-check
HEAD /api/v1/Example/health-check
POST /api/Games/backoffice/add-player-freechips
POST /api/Games/backoffice/add-player-freespins
POST /api/Games/backoffice/add-players-freespins
POST /api/Games/backoffice/remove-player-freechips
POST /api/Games/backoffice/remove-player-freespins
POST /api/Games/backoffice/upload-game-thumbnail
POST /api/Games/backoffice/upload-provider-thumbnail
POST /api/GamesSectionGames/backoffice
POST /api/GamesSectionGames/backoffice/multiselect
POST /api/GamesSectionGames/backoffice/provider
POST /api/GamesSectionGames/backoffice/provider-multiselect
POST /api/GamesSessions/create-session
POST /api/GamesSessions/create-session-demo
PUT /api/Games/backoffice
PUT /api/Games/backoffice/block-game
PUT /api/Games/backoffice/block-gamification-provider
PUT /api/Games/backoffice/block-provider
PUT /api/Games/backoffice/modify-provider
PUT /api/Games/backoffice/select-game-thumbnail
PUT /api/Games/backoffice/unblock-game
PUT /api/Games/backoffice/unblock-gamification-provider
PUT /api/Games/backoffice/unblock-provider
PUT /api/GamesPlayer/add-favorite-game
PUT /api/GamesPlayer/remove-favorite-game
PUT /api/GamesRegions/backoffice/default
PUT /api/GamesSectionGames/backoffice/move
PUT /api/GamesSectionGames/backoffice/reindex
PUT /api/GamesSectionGames/backoffice/reindex-all
PUT /api/GamesSectionGames/backoffice/replace
PUT /api/GamesSessions/end-session

Found on 2025-11-23 17:15

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: doctorcall.herohealth.net
Port: 443
URL: https://doctorcall.herohealth.net

First seen 2025-11-26 00:31
Last seen 2026-01-09 15:07
Open for 44 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 15:07
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: tau-factor.com
Port: 443
URL: https://tau-factor.com

First seen 2025-11-04 11:11
Last seen 2026-01-09 14:53
Open for 66 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff4383559d6324b54acb3102ab8bde5751b3904475dd
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /comments/
GET /comments/{comment_id}/
GET /courses/
GET /courses/{course_id}/
GET /courses/{course_id}/latest_exam/
GET /courses_instances/
GET /courses_instances/{course_instance_id}/
GET /grades/
GET /grades/{exam_id}/
GET /ratings/
GET /ratings/{course_rating_id}/
```
  Found on 2026-01-09 14:53
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: builder-api.local.fr
Port: 443
URL: https://builder-api.local.fr

First seen 2025-10-25 13:26
Last seen 2026-01-09 14:50
Open for 76 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 14:50
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: app.dryklin.com
Port: 443
URL: https://app.dryklin.com

First seen 2025-10-19 00:49
Last seen 2026-01-09 14:33
Open for 82 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b51d51f2c6e85ed1225dfb559ea4846bae8d070d3

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /api/v1/auth/delete
DELETE /api/v1/{customerId}/delete-location
GET /
GET /api/agents/get-all
GET /api/item-types/get-all
GET /api/item-types/get-by-service-type
GET /api/item-types/{id}
GET /api/referrals/bonus-history/{referrerId}
GET /api/referrals/count/{code}
GET /api/referrals/guest/{email}
GET /api/referrals/total-bonus/{referrerId}
GET /api/referrals/user/{userId}
GET /api/service-partners/get-all
GET /api/service-types/get-all
GET /api/service-types/{id}
GET /api/user-stats/cancelled-orders
GET /api/user-stats/completed-orders
GET /api/user-stats/monthly-logins
GET /api/user-stats/new-users-per-month
GET /api/user-stats/orders-placed-per-month
GET /api/user-stats/profile-updates-per-month
GET /api/v1/auth/email
GET /api/v1/auth/get-all-subadmins
GET /api/v1/auth/get-all-users
GET /api/v1/auth/get-registration-level
GET /api/v1/auth/get-user
GET /api/v1/auth/username/{username}
GET /api/v1/auth/{id}
GET /api/v1/in-app-notifications/get-all/{userId}
GET /api/v1/laundry/get-all-orders
GET /api/v1/laundry/my-order-history
GET /api/v1/laundry/my-pending-orders
GET /api/v1/laundry/quick-pickup/all-orders
GET /api/v1/laundry/quick-pickup/orders-by-status/{status}
GET /api/v1/{customerId}/get-locations
GET /dashboard/get-account-details
GET /dashboard/get-wallet-details
GET /dashboard/get-wallet-details-by-id
PATCH /api/v1/{customerId}/location
POST /api/agents/add
POST /api/item-types/addItem
POST /api/notifications/send-test
POST /api/referrals/generate/guest
POST /api/referrals/generate/user/{userId}
POST /api/referrals/use
POST /api/service-partners/add
POST /api/service-types/add-service-type
POST /api/v1/auth/admin/register
POST /api/v1/auth/create
POST /api/v1/auth/create-subadmin
POST /api/v1/auth/filter
POST /api/v1/auth/initiate-password-reset
POST /api/v1/auth/login
POST /api/v1/auth/logout
POST /api/v1/auth/register
POST /api/v1/auth/reset-password
POST /api/v1/auth/resetTransactionPin
POST /api/v1/auth/save-username
POST /api/v1/auth/send-otp
POST /api/v1/auth/subadmins/deactivate
POST /api/v1/auth/subadmins/suspend
POST /api/v1/auth/upload-document
POST /api/v1/auth/upload-image
POST /api/v1/auth/upload-to-cloudinary
POST /api/v1/auth/validate-otp
POST /api/v1/auth/validate-transaction-pin
POST /api/v1/checkout-laundry-order
POST /api/v1/fcm/token
POST /api/v1/laundry/place-order
POST /api/v1/laundry/place-quick-pick-up-order
POST /api/v1/laundry/quick-pickup/calculate-bill
POST /api/v1/laundry/quick-pickup/confirm-pickup
POST /api/v1/laundry/quick-pickup/notify-customer/{orderId}
POST /api/v1/ledger/get
POST /api/v1/ledger/get-csv
POST /api/v1/ledger/get-excel
POST /api/v1/notifications/test-welcome
POST /dashboard/get-transaction-history
POST /payment/bill/initialize-payment
POST /payment/bill/verify-transaction
POST /payment/debit-wallet-complete-order
POST /payment/fund-wallet-with-card
POST /payment/webhook
PUT /api/v1/auth/{customerId}
PUT /api/v1/auth/{userId}/deactivate
PUT /api/v1/auth/{userId}/suspend
PUT /api/v1/in-app-notifications/markAsRead/{id}/{userId}
PUT /api/v1/laundry/cancel-order/{orderId}
PUT /api/v1/laundry/complete-order/{orderId}
PUT /api/v1/laundry/confirm-order/{orderId}
PUT /api/v1/laundry/quick-pickup/mark-at-facility/{orderId}
PUT /api/v1/{customerId}/add-location

Found on 2026-01-09 14:33

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: admin-new.yapu.solutions
Port: 80
URL: http://admin-new.yapu.solutions

First seen 2025-11-18 01:08
Last seen 2026-01-09 14:17
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 14:17
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.visitgreenland.com
Port: 80
URL: http://api.visitgreenland.com

First seen 2025-12-06 00:48
Last seen 2026-01-09 14:11
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 14:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: carelessapi.staging.sakur.se
Port: 80
URL: http://carelessapi.staging.sakur.se

First seen 2025-11-19 00:22
Last seen 2026-01-09 14:11
Open for 51 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 14:11
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: ccapi-staging.constructioncure.com
Port: 80
URL: http://ccapi-staging.constructioncure.com

First seen 2025-11-30 22:24
Last seen 2026-01-09 13:53
Open for 39 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d6079859ea4f

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/stats/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/stats/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/members/{id}/stats/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/stats/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/stats/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/unpaid-time/stats/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/stats/paid/
GET /me/stats/time/
GET /me/stats/unpaid/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2026-01-09 13:53

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d607380e60c8

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2025-12-20 19:51

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.staging.gocore.gg
Port: 80
URL: http://api.staging.gocore.gg

First seen 2025-11-15 00:50
Last seen 2026-01-09 13:03
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d6006cde513cfebdf72fb36fb0daa678bcd5d625e14

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/BackOfficeCommon/dashboard
GET /api/BackOfficeGocoreCustomers
GET /api/BackOfficePickemTournamentRewards
GET /api/BackOfficePickemTournaments
GET /api/BackOfficePickemTournaments/{id}
GET /api/BackOfficePickems
GET /api/BackOfficePickems/matches
GET /api/BackOfficePickems/{id}
GET /api/BackOfficePlayers
GET /api/BackOfficePlayers/player-pickems
GET /api/BackOfficeTips
GET /api/BackOfficeTips/{id}
GET /api/BackOfficeTipsters
GET /api/BackOfficeTipsters/id
GET /api/BackOfficeUsers
GET /api/BackOfficeUsers/current-user-detail
GET /api/BackOfficeUsers/fulltext
GET /api/BackOfficeUsers/roles
GET /api/BackOfficeUsers/{id}
GET /api/Matches/match
GET /api/Matches/matches
GET /api/Matches/matches-calendar
GET /api/PandaScore/all-matches
GET /api/Pickems/current-player/all
GET /api/Pickems/current-player/betable
GET /api/Pickems/current-player/history
GET /api/Pickems/player-leaderboards
GET /api/Pickems/player-results
GET /api/Pickems/player-tournament-leaderboards
GET /api/Players
GET /api/Rss/dota-buff
GET /api/Rss/feed
GET /api/Rss/hltv
GET /api/Tips
GET /api/Tips/fulltext
GET /api/Tips/slug/{slug}
GET /api/Tips/slugs
GET /api/Tips/tip-of-day
GET /api/Tips/{id}
GET /api/Tipster/leaderboard
POST /api/BackOfficePickems/create-pickem
POST /api/BackOfficePickems/create-pickems
POST /api/BackOfficePickems/revalidate-pickem
POST /api/Players/email-confirmation
POST /api/Players/send-email-confirmation
POST /api/Users/reset
POST /api/Users/reset-token
PUT /api/BackOfficePickemTournaments/{tournamentId}
PUT /api/BackOfficePickems/adjust-admin-pickems
PUT /api/BackOfficePickems/adjust-bet-pickem
PUT /api/BackOfficePickems/admin-bet-pickem
PUT /api/BackOfficePickems/{pickemId}
PUT /api/BackOfficeTips/admin
PUT /api/BackOfficeUsers/current-user-change-detail
PUT /api/BackOfficeUsers/{id}/lock
PUT /api/BackOfficeUsers/{id}/unlock
PUT /api/Pickems/bet
PUT /api/Pickems/bets
PUT /api/Users/change-password

Found on 2026-01-09 13:03

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dgshealth.htech.app
Port: 443
URL: https://dgshealth.htech.app

First seen 2025-11-26 00:01
Last seen 2026-01-09 12:56
Open for 44 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 12:56
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: poc-insi-proxy-soap.devbox-sante.fr
Port: 80
URL: http://poc-insi-proxy-soap.devbox-sante.fr

First seen 2025-10-14 15:05
Last seen 2026-01-09 12:47
Open for 86 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e52b06faba2d5d5adc8fd672142ce7e24883d1467f
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /cnda/insi/clear
GET /cnda/insi/inject/{resource}
GET /insi/v2/exchanges/{exchangeId}/b64
GET /insi/v2/exchanges/{exchangeId}/download
GET /insi/v2/lastExchanges
GET /insi/v2/rechercheAvecVitale
GET /insi/v2/rechercheAvecVitale/{numSerieCarteVitale}/{indexIndividu}
POST /cnda/insi/inject
POST /insi/v2/rechercheAvecVitalePost
POST /insi/v2/rechercheAvecVitalePost/{numSerieCarteVitale}/{indexIndividu}
POST /insi/v2/rechercheSansVitale
POST /insi/v2/verification
POST /insi/v2/verification/lot/depot
POST /insi/v2/verification/lot/resultat
```
  Found on 2026-01-09 12:47
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: akgida.triomobil.com
Port: 80
URL: http://akgida.triomobil.com

First seen 2025-10-31 00:29
Last seen 2026-01-09 12:29
Open for 70 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035492122137f0ea656aec877d10e66ed016ebc6f4122
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /reports/temperature/measurements/history
GET /reports/temperature/measurements/latest
GET /reports/temperature/measurements/summary
GET /temperatureSensors
PATCH /temperatureSensors/tag
POST /auth
```
  Found on 2026-01-09 12:29
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.terrasense.cloud
Port: 443
URL: https://api.terrasense.cloud

First seen 2025-12-01 01:08
Last seen 2026-01-09 12:07
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 12:07
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: pdf.dechets.publidata.io
Port: 80
URL: http://pdf.dechets.publidata.io

First seen 2025-10-25 14:26
Last seen 2026-01-09 12:06
Open for 75 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 12:06
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.tokoro.space
Port: 443
URL: https://api.tokoro.space

First seen 2025-10-21 02:42
Last seen 2026-01-09 12:00
Open for 80 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b28aed0a834897a8e6d405fb20ed7175d39b9e8fc

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /collections/{collectionId}/places/{placeId}
DELETE /users/history/rollback
DELETE /users/history/rollback/action/{action}
DELETE /users/history/rollback/timestamp-range
GET /about
GET /blogs
GET /blogs/
GET /blogs/{id}
GET /chat-histories/users/me
GET /chat-histories/users/{userId}
GET /chat-histories/{id}
GET /collections/me
GET /collections/search
GET /collections/users/{userId}
GET /collections/{collectionId}
GET /error
GET /features
GET /features/
GET /features/{id}
GET /places
GET /places/
GET /places/batch
GET /places/nearby
GET /places/random/{count}
GET /places/{id}
GET /privacy
GET /ratings
GET /ratings/
GET /ratings/{id}
GET /reviews
GET /reviews/
GET /reviews/place/{placeId}
GET /reviews/user/{userId}
GET /reviews/{id}
GET /testimonials
GET /testimonials/
GET /testimonials/by-status
GET /testimonials/random/{count}
GET /testimonials/user/{userId}
GET /testimonials/{id}
GET /users
GET /users/
GET /users/history
GET /users/history/action/{action}
GET /users/history/as-places
GET /users/history/count
GET /users/history/establishment-id/{establishmentId}
GET /users/history/exists/timestamp
GET /users/history/search/action
GET /users/history/search/establishment-id
GET /users/history/sort/timestamp
GET /users/history/sort/timestamp-desc
GET /users/history/timestamp
GET /users/me
GET /users/preferences
GET /users/{id}
GET /users/{id}/is-blocked
PATCH /testimonials/{id}/status
PATCH /users/{id}/metadata
PATCH /users/{id}/name
PATCH /users/{id}/nickname
POST /about/
POST /collections
POST /collections/
POST /collections/{collectionId}/places
POST /places/search
POST /privacy/
POST /users/{id}/avatar
POST /users/{id}/block
POST /users/{id}/roles
POST /users/{id}/unblock
PUT /users/preferences/categories
PUT /users/preferences/language
PUT /users/preferences/notifications-enabled
PUT /users/preferences/timezone

Found on 2026-01-09 12:00

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: rbce-api-prod.goudsmit.tech
Port: 80
URL: http://rbce-api-prod.goudsmit.tech

First seen 2025-10-23 00:12
Last seen 2026-01-09 11:37
Open for 78 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354920ca566a53247da246553176b986b32f4349d7b1

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Order/{OrderId}
GET /api/Audit/LogsByCompanyId
GET /api/Audit/LogsByUserId
GET /api/Files/DownloadFiles
POST /DocFile
POST /api/Board/AddErrorCode
POST /api/Board/Assignees
POST /api/Board/ChangeStatus
POST /api/Board/DeductPartStock
POST /api/Board/FetchErrorCode
POST /api/Board/FetchOrdersByTimeline
POST /api/Board/FetchOrdersbyStatus
POST /api/Board/OrdersCountByStatus
POST /api/Board/OrdersForNext30Days
POST /api/Board/StockAvailable
POST /api/Board/StockCountForParts
POST /api/Board/StockCountForProducts
POST /api/Board/UpdateIndexPositions
POST /api/Client/AddClients
POST /api/Client/DeleteClients
POST /api/Client/FetchClient
POST /api/Client/FetchClients
POST /api/Client/FetchClientsById
POST /api/Client/SearchClientContacts
POST /api/Client/UpdateClients
POST /api/EC2/start-instance
POST /api/EC2/stop-instance
POST /api/Files/UploadToS3
POST /api/Order/AddComments
POST /api/Order/AddLocation
POST /api/Order/AddWarehouse
POST /api/Order/CreateOrders
POST /api/Order/DeleteComment
POST /api/Order/FetchComments
POST /api/Order/FetchOrderByUser
POST /api/Order/FetchOrdersbyId
POST /api/Order/FetchTeam
POST /api/Order/FetchUserByTeamId
POST /api/Order/FetchWarehouse
POST /api/Order/OrderAwaitingStock
POST /api/Order/SearchContact
POST /api/Order/UpdateOrder
POST /api/Products/ComposeProducts
POST /api/Products/CreatePart
POST /api/Products/DeletePart
POST /api/Products/DeleteProduct
POST /api/Products/FetchParts
POST /api/Products/FetchPartsById
POST /api/Products/FetchProduct
POST /api/Products/FetchProductById
POST /api/Products/FetchProductParts
POST /api/Products/SuggestedPart
POST /api/Products/SuggestedProduct
POST /api/Products/UpdatePart
POST /api/Products/UpdatePartStock
POST /api/Products/UpdateProduct
POST /api/Products/UpdateProductStock
POST /api/Stock/AddPartToPurchaseOrder
POST /api/Stock/AdvisedPartPurchasing
POST /api/Stock/CreatePurchasingOrders
POST /api/Stock/FetchPartsBySupplier
POST /api/Stock/FetchPurchasingOrders
POST /api/Stock/FetchPurchasingOrdersById
POST /api/Stock/LastPurchase
POST /api/Stock/PurchaseOrderDelivered
POST /api/Stock/UpdatePurchasingOrder
POST /api/Stock/UpdateStock
POST /api/Supplier/AddSupplier
POST /api/Supplier/DeleteSupplier
POST /api/Supplier/FetchSuppliers
POST /api/Supplier/FetchSuppliersById
POST /api/Supplier/UpdateSuppliers
POST /api/User/CalendarDataUpdate
POST /api/User/ChangePassword
POST /api/User/Create
POST /api/User/Delete
POST /api/User/FetchProfileById
POST /api/User/FetchRole
POST /api/User/FetchRolemodule
POST /api/User/FetchUserById
POST /api/User/FetchUsers
POST /api/User/ForgotPassword
POST /api/User/Login
POST /api/User/Logout
POST /api/User/SendEmail
POST /api/User/Update
POST /api/User/UpdateProfile
POST /api/User/UpdateRoleAccess
POST /api/User/VerifySignup

Found on 2026-01-09 11:37

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dmcp.vivin.app
Port: 80
URL: http://dmcp.vivin.app

First seen 2025-11-21 05:23
Last seen 2026-01-09 11:32
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43714a58ce1b81d097b49def6bdb8958f86cde37ff
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /
GET /.well-known/oauth-protected-resource
GET /.well-known/openid-configuration
GET /health
GET /mcp
POST /mcp/messages
```
  Found on 2026-01-09 11:32
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: test.gha-embed.herohealth.net
Port: 443
URL: https://test.gha-embed.herohealth.net

First seen 2025-11-05 00:51
Last seen 2026-01-09 11:31
Open for 65 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 11:31
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: demo.apex-crm.xyz
Port: 80
URL: http://demo.apex-crm.xyz

First seen 2025-11-12 04:22
Last seen 2026-01-09 11:27
Open for 58 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 11:27
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: test.gha.herohealth.net
Port: 443
URL: https://test.gha.herohealth.net

First seen 2025-11-06 00:43
Last seen 2026-01-09 11:09
Open for 64 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 11:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: www.api.hazz.co
Port: 80
URL: http://www.api.hazz.co

First seen 2025-11-07 00:26
Last seen 2026-01-09 10:50
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 10:50
Create report
Symfony developement panel enabled
The application has Symfony profiling enabled.

It enables an attacker to access the following sensitive content :

System configuration

Request log, including POST request with credentials and/or api keys
IP: 99.83.217.1
Domain: grenaide.pommegrenade.fr
Port: 443
URL: https://grenaide.pommegrenade.fr/_profiler/empty/search/results

First seen 2025-05-09 12:19
Last seen 2026-01-09 10:50
Open for 244 days
- Fingerprint: 407cf4363b0e62fafca67e077056241470562414705624147056241470562414
```
Symfony profiler enabled:
https://grenaide.pommegrenade.fr/_profiler/empty/search/results
```
  Found on 2026-01-09 10:50
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bart.bartsparts.com
Port: 443
URL: https://bart.bartsparts.com

First seen 2025-11-07 00:46
Last seen 2026-01-09 10:50
Open for 63 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43fb668082a2928e4128ac41da6fe77ac9dcd8427a

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /api/admin/contacts/{contact_id}/dealer/unlink/{dealer_id}
DELETE /api/admin/contacts/{contact_id}/location/unlink/{location_id}
DELETE /api/admin/mapping-fields/{id}
GET /api/admin/contacts
GET /api/admin/contacts/partial-search/{search}
GET /api/admin/contacts/query/dealer/{dealer_id}
GET /api/admin/contacts/query/location/{location_id}
GET /api/admin/contacts/search/{search}
GET /api/admin/contacts/{contact_id}/link-to-dealer/{dealer_id}
GET /api/admin/contacts/{contact_id}/link-to-location/{location_id}
GET /api/admin/contacts/{id}
GET /api/admin/lambda-processes/create-product
GET /api/admin/lambda-processes/create-stock
GET /api/admin/lambda-processes/force-sync/{store}
GET /api/admin/lambda-processes/products
GET /api/admin/lambda-processes/refresh-sync/{store}
GET /api/admin/lambda-processes/stocks
GET /api/admin/lambda-processes/sync
GET /api/admin/lambda-processes/sync-product
GET /api/admin/mapping-fields
GET /api/admin/mapping-fields/set-active/{id}
GET /api/admin/track-processes
GET /api/admin/track-processes/{name}
GET /api/admin/track-stock-processes
GET /api/admin/users
GET /api/admin/users/dealer/{dealerId}/users
GET /api/admin/users/dealer/{name}/locations
GET /api/admin/users/dealers
GET /api/admin/users/roles
GET /api/admin/users/search/{search}
GET /api/admin/users/{login}
GET /api/admin/zoho/charts/last-days-backlog
GET /api/admin/zoho/charts/today-tickets-status
GET /api/admin/zoho/ingest-tickets
GET /api/autofulfillment/test/{orderId}
POST /api/admin/lambda-processes/unify-loading-script
POST /api/admin/mapping-fields-v2
POST /api/admin/mapping-fields-v2/configuration
POST /api/admin/zoho/webhooks/ticket-delete-event
POST /api/admin/zoho/webhooks/ticket-events
POST /api/admin/zoho/webhooks/ticket-update-event
PUT /api/admin/contacts/dealer/updates
PUT /api/admin/contacts/location/updates
PUT /api/dealer/stock/my

Found on 2026-01-09 10:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: repository.phywe.com
Port: 80
URL: http://repository.phywe.com

First seen 2025-11-14 00:04
Last seen 2026-01-09 10:08
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 10:08
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: www.studentdigsgloucestershire.co.uk
Port: 443
URL: https://www.studentdigsgloucestershire.co.uk

First seen 2025-11-21 01:39
Last seen 2026-01-09 10:03
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 10:03
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: ih-five9.ironhack.tech
Port: 80
URL: http://ih-five9.ironhack.tech

First seen 2025-11-25 01:34
Last seen 2026-01-09 09:56
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 09:56
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: login.asapp.tech
Port: 80
URL: http://login.asapp.tech

First seen 2025-11-17 00:14
Last seen 2026-01-09 09:48
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 09:48
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api-v2.staging.searchsmartly.co
Port: 443
URL: https://api-v2.staging.searchsmartly.co

First seen 2025-12-12 00:07
Last seen 2026-01-09 09:41
Open for 28 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff438b93e2adde6a7956dcb1494afcf2f21e311aabdd

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /area-comparison
GET /areas
GET /banners
GET /deals
GET /developments/{id}
GET /developments/{id}/properties
GET /lists
GET /lists/{id}
GET /portal-users/verify-user
GET /portal-users/{id}
GET /properties
GET /properties/{id}
GET /properties/{id}/pin-data
GET /referrals/fetch
GET /requests
GET /requests/{id}
GET /schools
GET /schools/{id}
GET /search-results/{id}/pins
POST /confirm-verification-email/{id}/{token}
POST /feeds/barratt/lead/{vr_id}
POST /isochrones/
POST /lists/add_editor
POST /lists/{id}/add_favourite
POST /lists/{id}/delete_favourite
POST /lists/{id}/remove_editor
POST /lists/{id}/share
POST /portal-users/change-password
POST /portal-users/login
POST /portal-users/logout
POST /portal-users/reset-password/
POST /portal-users/reset-password/confirm/{token}/{email}
POST /portal-users/signup
POST /portal-users/update-notes
POST /portal-users/{id}/update-score
POST /referrals/refer
POST /referrals/validate
POST /referrals/voucher
POST /requests/send-enquiry
POST /requests/{id}/cancel
POST /requests/{id}/resend-event
POST /resend-verification-email/{id}/{token}
POST /send-verification-email
POST /smartscore/
POST /travel-time/
POST /user-country

Found on 2026-01-09 09:41

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: capelfieldsurgery.htech.app
Port: 443
URL: https://capelfieldsurgery.htech.app

First seen 2025-10-22 14:16
Last seen 2026-01-09 08:59
Open for 78 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 08:59
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: eu.api.lendtech.co
Port: 80
URL: http://eu.api.lendtech.co

First seen 2025-12-13 00:10
Last seen 2026-01-09 08:49
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 08:49
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: gha-embed.egov.gi
Port: 443
URL: https://gha-embed.egov.gi

First seen 2025-11-30 00:10
Last seen 2026-01-09 08:01
Open for 40 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 08:01
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: test.discovery.friendsta.tech
Port: 443
URL: https://test.discovery.friendsta.tech

First seen 2025-10-17 22:44
Last seen 2026-01-09 07:41
Open for 83 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 07:41
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.motion.org.uk
Port: 443
URL: https://api.motion.org.uk

First seen 2025-10-20 01:06
Last seen 2026-01-09 06:48
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 06:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: poc-insi-proxy-soap.devbox-sante.fr
Port: 443
URL: https://poc-insi-proxy-soap.devbox-sante.fr

First seen 2025-10-14 15:05
Last seen 2026-01-09 06:37
Open for 86 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e52b06faba2d5d5adc8fd672142ce7e24883d1467f
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /cnda/insi/clear
GET /cnda/insi/inject/{resource}
GET /insi/v2/exchanges/{exchangeId}/b64
GET /insi/v2/exchanges/{exchangeId}/download
GET /insi/v2/lastExchanges
GET /insi/v2/rechercheAvecVitale
GET /insi/v2/rechercheAvecVitale/{numSerieCarteVitale}/{indexIndividu}
POST /cnda/insi/inject
POST /insi/v2/rechercheAvecVitalePost
POST /insi/v2/rechercheAvecVitalePost/{numSerieCarteVitale}/{indexIndividu}
POST /insi/v2/rechercheSansVitale
POST /insi/v2/verification
POST /insi/v2/verification/lot/depot
POST /insi/v2/verification/lot/resultat
```
  Found on 2026-01-09 06:37
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api-saguida.sulcisdrone.it
Port: 443
URL: https://api-saguida.sulcisdrone.it

First seen 2025-10-15 02:44
Last seen 2026-01-09 05:08
Open for 86 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 05:08
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.migesplus.ch
Port: 443
URL: https://api.migesplus.ch

First seen 2025-11-19 00:31
Last seen 2026-01-09 05:00
Open for 51 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fe

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /search/reindex
GET /{locale}/access-channels
GET /{locale}/access-channels/{slug}
GET /{locale}/adviceCenters
GET /{locale}/adviceCenters/{slug}
GET /{locale}/audiences
GET /{locale}/audiences/{slug}
GET /{locale}/blogs
GET /{locale}/blogs/{slug}
GET /{locale}/featuredBlogs
GET /{locale}/good-practices
GET /{locale}/good-practices/{slug}
GET /{locale}/healthBlogs
GET /{locale}/infobox/{page}
GET /{locale}/infoboxes
GET /{locale}/migesMedia/{slug}
GET /{locale}/migesMedias
GET /{locale}/nonHealthBlogs
GET /{locale}/publications
GET /{locale}/publications/featured
GET /{locale}/publications/{slug}
GET /{locale}/publications/{slug}/related
GET /{locale}/publishers
GET /{locale}/publishers/{slug}
GET /{locale}/publishers/{slug}/publications
GET /{locale}/topics
GET /{locale}/topics/featured
GET /{locale}/topics/pages
GET /{locale}/topics/{slug}
POST /address/search
POST /address/validate
POST /webhooks/contentful
POST /{locale}/publishers/emails
POST /{locale}/publishers/{slug}/email
PUT /topics/updateTopicGroupSlugPath

Found on 2026-01-09 05:00

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: qr.puzzliky.sk
Port: 80
URL: http://qr.puzzliky.sk

First seen 2025-10-23 00:12
Last seen 2026-01-09 04:35
Open for 78 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ecff50ed96ef1995eeef1995eeef1995eeef1995ee
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /image
GET /string
```
  Found on 2026-01-09 04:35
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api-car.sakcars.com
Port: 443
URL: https://api-car.sakcars.com

First seen 2025-11-14 00:03
Last seen 2026-01-09 04:25
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e534afab622b9b88394cb0c51d56a9fbb6c3520b82
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /brands
GET /brands/{name}
GET /cars
GET /cars/{vehicleType}/{brandName}/{modelName}/{subModelName}/{releaseMonth}/{releaseYear}
GET /models
GET /models/{name}
GET /months
GET /submodels
GET /submodels/{name}
```
  Found on 2026-01-09 04:25
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: www.jyogui.com
Port: 443
URL: https://www.jyogui.com

First seen 2025-11-17 00:26
Last seen 2026-01-09 04:20
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331eca8e4ca6f39b35c267a2b0ea583a6c8870a0ccea5

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /api/lessons/bulk/{id}
DELETE /api/scheduledtasks/audits
DELETE /api/schools/homeimage/current
DELETE /api/users/not-activated/{createdBeforeNumberOfDays}
GET /api/_search/card-types
GET /api/_search/cards
GET /api/_search/cities
GET /api/_search/class-types
GET /api/_search/count/card-types
GET /api/_search/count/cards
GET /api/_search/count/cities
GET /api/_search/count/class-types
GET /api/_search/count/countries
GET /api/_search/count/document-sequences
GET /api/_search/count/enrollments
GET /api/_search/count/eventreservations
GET /api/_search/count/events
GET /api/_search/count/invoices
GET /api/_search/count/lesson-families
GET /api/_search/count/lessons
GET /api/_search/count/locations
GET /api/_search/count/news-articles
GET /api/_search/count/payment-items
GET /api/_search/count/payments
GET /api/_search/count/reservation-cancellation-reasons
GET /api/_search/count/reservation-families
GET /api/_search/count/reservation-priorities
GET /api/_search/count/reservations
GET /api/_search/count/school-calendars
GET /api/_search/count/schools
GET /api/_search/count/student-comments
GET /api/_search/count/students
GET /api/_search/count/subscription-types
GET /api/_search/count/taxes
GET /api/_search/count/unavailable-dates
GET /api/_search/count/users
GET /api/_search/countries
GET /api/_search/document-sequences
GET /api/_search/enrollments
GET /api/_search/eventreservations
GET /api/_search/events
GET /api/_search/invoices
GET /api/_search/lesson-families
GET /api/_search/lessons
GET /api/_search/locations
GET /api/_search/news-articles
GET /api/_search/payment-items
GET /api/_search/payments
GET /api/_search/reservation-cancellation-reasons
GET /api/_search/reservation-families
GET /api/_search/reservation-priorities
GET /api/_search/reservations
GET /api/_search/school-calendars
GET /api/_search/schools
GET /api/_search/stats/cards
GET /api/_search/student-comments
GET /api/_search/students
GET /api/_search/subscription-types
GET /api/_search/taxes
GET /api/_search/unavailable-dates
GET /api/_search/users
GET /api/account
GET /api/activate
GET /api/authenticate
GET /api/background-jobs/reservation-families/{idempotencyKey}/status
GET /api/card-types
GET /api/card-types/{id}
GET /api/cards
GET /api/cards/student/{id}/latest
GET /api/cards/{id}
GET /api/cities
GET /api/cities/{id}
GET /api/class-types
GET /api/class-types/{id}
GET /api/countries
GET /api/countries/{id}
GET /api/document-sequences
GET /api/document-sequences/{id}
GET /api/elasticsearch/elasticsearch/stats
GET /api/enrollments
GET /api/enrollments/{id}
GET /api/eventreservations
GET /api/eventreservations/{id}
GET /api/events
GET /api/events/{id}
GET /api/invoices
GET /api/invoices/{id}
GET /api/lesson-families
GET /api/lesson-families/{id}
GET /api/lessons
GET /api/lessons/{id}
GET /api/lessons/{id}/next
GET /api/lessons/{id}/previous
GET /api/lessons/{id}/reservations
GET /api/locations
GET /api/locations/{id}
GET /api/news-articles
GET /api/news-articles/{id}
GET /api/no-auth/_search/card-types
GET /api/no-auth/_search/cities
GET /api/no-auth/_search/lessons
GET /api/no-auth/_search/online-catalog/card-types
GET /api/no-auth/_search/schools
GET /api/no-auth/countries
GET /api/no-auth/events/{id}
GET /api/no-auth/online-catalog/schools/{schoolId}/card-types
GET /api/online-catalog/free-trial/student/{studentId}/card-types
GET /api/online-catalog/schools/{schoolId}/student/{studentId}/card-types
GET /api/payment-items
GET /api/payment-items/{id}
GET /api/payments
GET /api/payments/virtual-invoice
GET /api/payments/{id}
GET /api/profile-info
GET /api/reservation-cancellation-reasons
GET /api/reservation-cancellation-reasons/{id}
GET /api/reservation-families
GET /api/reservation-families/{id}
GET /api/reservation-priorities
GET /api/reservation-priorities/{id}
GET /api/reservations
GET /api/reservations/count/from-reservation-family/{id}
GET /api/reservations/from-reservation-family/{id}
GET /api/reservations/{id}
GET /api/scheduledtasks/card/{cardId}/sendExpiredByReservationNotification
GET /api/scheduledtasks/card/{cardId}/sendPaymentReminderNotification
GET /api/scheduledtasks/lesson/{lessonId}/sendreminders
GET /api/scheduledtasks/lesson/{lessonId}/user/{userId}/sendreminder
GET /api/scheduledtasks/school/{schoolId}/card/sendpaymentreminders
GET /api/scheduledtasks/school/{schoolId}/lesson/sendreminders
GET /api/school-calendars
GET /api/school-calendars/{id}
GET /api/schools
GET /api/schools/current
GET /api/schools/{id}
GET /api/schools/{id}/configuration
GET /api/settings/mail/resend
GET /api/settings/maintenance
GET /api/student-comments
GET /api/student-comments/{id}
GET /api/students
GET /api/students/current
GET /api/students/with-teacher-authorities
GET /api/students/{id}
GET /api/students/{id}/financial-status
GET /api/subscription-types
GET /api/subscription-types/{id}
GET /api/taxes
GET /api/taxes/{id}
GET /api/timezones
GET /api/timezones/current
GET /api/unavailable-dates
GET /api/unavailable-dates/{id}
GET /api/users
GET /api/users/from-student/{id}
GET /api/users/unmanaged
GET /api/users/{login}
POST /api/account/change_password
POST /api/account/reset_password/finish
POST /api/account/reset_password/init
POST /api/background-jobs/reservation-families
POST /api/backoffice/accounts/{schoolId}
POST /api/backoffice/accounts/{schoolId}/resume
POST /api/backoffice/schools/{schoolId}/card-types/{cardTypeId}/students/{studentId}/checkout
POST /api/backoffice/schools/{schoolId}/events/{eventId}/students/{studentId}/checkout
POST /api/backoffice/schools/{schoolId}/lessons/{lessonId}/students/{studentId}/checkout
POST /api/backoffice/schools/{schoolId}/reservations/{reservationId}/checkout
POST /api/backoffice/schools/{schoolId}/reservations/{reservationId}/prices/{backofficePriceId}/checkout
POST /api/elasticsearch/elasticsearch/index
POST /api/elasticsearch/elasticsearch/index/{type}
POST /api/elasticsearch/elasticsearch/index/{type}/{id}
POST /api/elasticsearch/elasticsearch/stats/send
POST /api/elasticsearch/elasticsearch/stats/withids/send
POST /api/elasticsearch/elasticsearch/stats/{type}/withids/send
POST /api/eventreservations/{id}/notifications/new
POST /api/events/notifications
POST /api/invoices/by-student
POST /api/invoices/generate-pdf
POST /api/lessons/bulk
POST /api/lessons/notifications
POST /api/no-auth/backoffice/webhook/checkout
POST /api/online-catalog/free-trial/card
POST /api/register
POST /api/reservations/assign/card
POST /api/reservations/assign/card/student/{id}
POST /api/reservations/pay
POST /api/reservations/{id}/assign/card
POST /api/settings/mail/resend/disable
POST /api/settings/mail/resend/enable
POST /api/settings/maintenance/disable
POST /api/settings/maintenance/enable
PUT /api/events/{id}/image
PUT /api/scheduledtasks/school/{schoolId}/student/sendpaymentreminder/{value}
PUT /api/schools/current/homeimage
PUT /api/schools/{id}/homeimage

Found on 2026-01-09 04:20

Severity: info
Fingerprint: 5733ddf49ff49cd110a331eca8e4ca6f39b35c267a2b0ea583a6c887b2690b76

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /api/lessons/bulk/{id}
DELETE /api/scheduledtasks/audits
DELETE /api/schools/homeimage/current
DELETE /api/users/not-activated/{createdBeforeNumberOfDays}
GET /api/_search/card-types
GET /api/_search/cards
GET /api/_search/cities
GET /api/_search/class-types
GET /api/_search/count/card-types
GET /api/_search/count/cards
GET /api/_search/count/cities
GET /api/_search/count/class-types
GET /api/_search/count/countries
GET /api/_search/count/document-sequences
GET /api/_search/count/enrollments
GET /api/_search/count/eventreservations
GET /api/_search/count/events
GET /api/_search/count/invoices
GET /api/_search/count/lesson-families
GET /api/_search/count/lessons
GET /api/_search/count/locations
GET /api/_search/count/news-articles
GET /api/_search/count/payment-items
GET /api/_search/count/payments
GET /api/_search/count/reservation-cancellation-reasons
GET /api/_search/count/reservation-families
GET /api/_search/count/reservation-priorities
GET /api/_search/count/reservations
GET /api/_search/count/school-calendars
GET /api/_search/count/schools
GET /api/_search/count/student-comments
GET /api/_search/count/students
GET /api/_search/count/subscription-types
GET /api/_search/count/taxes
GET /api/_search/count/unavailable-dates
GET /api/_search/count/users
GET /api/_search/countries
GET /api/_search/document-sequences
GET /api/_search/enrollments
GET /api/_search/eventreservations
GET /api/_search/events
GET /api/_search/invoices
GET /api/_search/lesson-families
GET /api/_search/lessons
GET /api/_search/locations
GET /api/_search/news-articles
GET /api/_search/payment-items
GET /api/_search/payments
GET /api/_search/reservation-cancellation-reasons
GET /api/_search/reservation-families
GET /api/_search/reservation-priorities
GET /api/_search/reservations
GET /api/_search/school-calendars
GET /api/_search/schools
GET /api/_search/stats/cards
GET /api/_search/student-comments
GET /api/_search/students
GET /api/_search/subscription-types
GET /api/_search/taxes
GET /api/_search/unavailable-dates
GET /api/_search/users
GET /api/account
GET /api/activate
GET /api/authenticate
GET /api/background-jobs/reservation-families/{idempotencyKey}/status
GET /api/card-types
GET /api/card-types/{id}
GET /api/cards
GET /api/cards/student/{id}/latest
GET /api/cards/{id}
GET /api/cities
GET /api/cities/{id}
GET /api/class-types
GET /api/class-types/{id}
GET /api/countries
GET /api/countries/{id}
GET /api/document-sequences
GET /api/document-sequences/{id}
GET /api/elasticsearch/elasticsearch/stats
GET /api/enrollments
GET /api/enrollments/{id}
GET /api/eventreservations
GET /api/eventreservations/{id}
GET /api/events
GET /api/events/{id}
GET /api/invoices
GET /api/invoices/{id}
GET /api/lesson-families
GET /api/lesson-families/{id}
GET /api/lessons
GET /api/lessons/{id}
GET /api/lessons/{id}/next
GET /api/lessons/{id}/previous
GET /api/lessons/{id}/reservations
GET /api/locations
GET /api/locations/{id}
GET /api/news-articles
GET /api/news-articles/{id}
GET /api/no-auth/_search/card-types
GET /api/no-auth/_search/cities
GET /api/no-auth/_search/lessons
GET /api/no-auth/_search/online-catalog/card-types
GET /api/no-auth/_search/schools
GET /api/no-auth/countries
GET /api/no-auth/events/{id}
GET /api/no-auth/online-catalog/schools/{schoolId}/card-types
GET /api/online-catalog/free-trial/student/{studentId}/card-types
GET /api/online-catalog/schools/{schoolId}/student/{studentId}/card-types
GET /api/payment-items
GET /api/payment-items/{id}
GET /api/payments
GET /api/payments/virtual-invoice
GET /api/payments/{id}
GET /api/profile-info
GET /api/reservation-cancellation-reasons
GET /api/reservation-cancellation-reasons/{id}
GET /api/reservation-families
GET /api/reservation-families/{id}
GET /api/reservation-priorities
GET /api/reservation-priorities/{id}
GET /api/reservations
GET /api/reservations/count/from-reservation-family/{id}
GET /api/reservations/from-reservation-family/{id}
GET /api/reservations/{id}
GET /api/scheduledtasks/card/{cardId}/sendExpiredByReservationNotification
GET /api/scheduledtasks/card/{cardId}/sendPaymentReminderNotification
GET /api/scheduledtasks/lesson/{lessonId}/sendreminders
GET /api/scheduledtasks/lesson/{lessonId}/user/{userId}/sendreminder
GET /api/scheduledtasks/school/{schoolId}/card/sendpaymentreminders
GET /api/scheduledtasks/school/{schoolId}/lesson/sendreminders
GET /api/school-calendars
GET /api/school-calendars/{id}
GET /api/schools
GET /api/schools/current
GET /api/schools/{id}
GET /api/schools/{id}/configuration
GET /api/settings/mail/resend
GET /api/settings/maintenance
GET /api/student-comments
GET /api/student-comments/{id}
GET /api/students
GET /api/students/current
GET /api/students/with-teacher-authorities
GET /api/students/{id}
GET /api/subscription-types
GET /api/subscription-types/{id}
GET /api/taxes
GET /api/taxes/{id}
GET /api/timezones
GET /api/timezones/current
GET /api/unavailable-dates
GET /api/unavailable-dates/{id}
GET /api/users
GET /api/users/from-student/{id}
GET /api/users/unmanaged
GET /api/users/{login}
POST /api/account/change_password
POST /api/account/reset_password/finish
POST /api/account/reset_password/init
POST /api/background-jobs/reservation-families
POST /api/backoffice/accounts/{schoolId}
POST /api/backoffice/accounts/{schoolId}/resume
POST /api/backoffice/schools/{schoolId}/card-types/{cardTypeId}/students/{studentId}/checkout
POST /api/backoffice/schools/{schoolId}/events/{eventId}/students/{studentId}/checkout
POST /api/backoffice/schools/{schoolId}/lessons/{lessonId}/students/{studentId}/checkout
POST /api/backoffice/schools/{schoolId}/reservations/{reservationId}/checkout
POST /api/backoffice/schools/{schoolId}/reservations/{reservationId}/prices/{backofficePriceId}/checkout
POST /api/elasticsearch/elasticsearch/index
POST /api/elasticsearch/elasticsearch/index/{type}
POST /api/elasticsearch/elasticsearch/index/{type}/{id}
POST /api/elasticsearch/elasticsearch/stats/send
POST /api/elasticsearch/elasticsearch/stats/withids/send
POST /api/elasticsearch/elasticsearch/stats/{type}/withids/send
POST /api/eventreservations/{id}/notifications/new
POST /api/events/notifications
POST /api/invoices/by-student
POST /api/invoices/generate-pdf
POST /api/lessons/bulk
POST /api/lessons/notifications
POST /api/no-auth/backoffice/webhook/checkout
POST /api/online-catalog/free-trial/card
POST /api/register
POST /api/reservations/assign/card
POST /api/reservations/assign/card/student/{id}
POST /api/reservations/pay
POST /api/reservations/{id}/assign/card
POST /api/settings/mail/resend/disable
POST /api/settings/mail/resend/enable
POST /api/settings/maintenance/disable
POST /api/settings/maintenance/enable
PUT /api/events/{id}/image
PUT /api/scheduledtasks/school/{schoolId}/student/sendpaymentreminder/{value}
PUT /api/schools/current/homeimage
PUT /api/schools/{id}/homeimage

Found on 2025-12-01 14:36

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: pos.api.dbytel.com
Port: 443
URL: https://pos.api.dbytel.com

First seen 2025-11-09 11:50
Last seen 2026-01-09 03:54
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0d6991b39

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/all
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2026-01-09 03:54

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba01b57a3ff

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /stock/check/item/sufficiency
GET /stock/history/{itemId}
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payment/ussd
POST /payphoney/payments/paystack/refund
POST /payphoney/payments/paystack/ussd/momo/charge
POST /payphoney/payments/paystack/ussd/momo/charge/webhook
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/restock/{addedQuantity}/{itemId}
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-16 19:45

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba07448b15d

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/get/students
POST /payphoney/carl/api/records
POST /payphoney/carl/api/refund
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-12-02 06:16

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec73d7322a15cc2f796bb59c0eb27a3ba0e5955ed1

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
DELETE /company/delete/permanent/{id}
DELETE /company/delete/{id}
DELETE /company/item/delete/{id}
DELETE /courier/delivery/delete/{id}
DELETE /courier/delivery/permanent/delete/{id}
DELETE /file/{key}
DELETE /item/category/delete/permanent/{id}
DELETE /item/category/delete/{id}
DELETE /item/category/v2/delete/permanent/{id}
DELETE /item/category/v2/delete/{id}
DELETE /purchase-details/{id}
DELETE /purchases/{id}
DELETE /store/delete/permanent/{id}
DELETE /store/delete/{id}
DELETE /suppliers/{id}
DELETE /user/profile/customer/{customerId}/delete/permanent
DELETE /user/profile/customer/{customerId}/delete/soft
DELETE /user/profile/delete/{id}
GET /analytics/sales/daysago
GET /analytics/today/sales
GET /auth/delivery/customer/confirm/email
GET /company/fetch/all
GET /company/fetch/{id}
GET /company/item/fetchAll
GET /company/item/no/auth/fetchAll
GET /company/item/no/auth/v2/fetchAll
GET /company/item/v2/fetchAll
GET /company/no/auth/fetch/{id}
GET /courier/delivery/get/couriers
GET /courier/delivery/order/byId
GET /courier/delivery/orders
GET /delivery/orders/recent
GET /delivery/orders/recent/mine
GET /delivery/orders/{id}
GET /delivery/orders/{id}/cancel
GET /delivery/orders/{id}/complete
GET /delivery/orders/{id}/ready
GET /delivery/payment/details/get
GET /delivery/payment/details/paystack/pay/{amount}
GET /delivery/payment/details/paystack/verify/{reference}
GET /employee/fetch
GET /employee/fetchAll
GET /employee/fetchAll/V2
GET /employee/fetchAll/{roleId}
GET /employee/fetchCouriers
GET /employee/info
GET /employee/info/V2
GET /employee/loginFetchAll
GET /employee/resetEmployeePassword
GET /employee/resetMyPassword
GET /error
GET /error/delete/afterdate
GET /error/delete/app/afterdate
GET /error/find/between
GET /error/find/latestbyerrorcode
GET /file/company-files
GET /file/company-latest
GET /file/download
GET /file/item-files
GET /file/item-latest
GET /file/presigned-view-url
GET /file/user-files
GET /file/user-latest
GET /health
GET /item/add
GET /item/category/add
GET /item/category/delivery/fetchAll
GET /item/category/edit
GET /item/category/fetch
GET /item/category/fetchAll
GET /item/category/v2/add
GET /item/category/v2/delivery/fetchAll
GET /item/category/v2/edit
GET /item/category/v2/fetch
GET /item/category/v2/fetchAll
GET /item/delivery/add
GET /item/delivery/edit
GET /item/delivery/fetchAll
GET /item/edit
GET /item/fetchAll
GET /mealplan/students
GET /mealplan/{student_id}
GET /menu/today/fetchAll
GET /notifications/connected-clients
GET /payment/method/fetchAll
GET /payphoney/carl/api/callback
GET /payphoney/carl/api/login
GET /payphoney/payments/ipay/initialize
GET /payphoney/payments/ipay/ipn
GET /payphoney/payments/ipay/ping
GET /payphoney/payments/paystack/pay/{amount}
GET /payphoney/payments/paystack/transactions
GET /payphoney/payments/paystack/verify/{reference}
GET /purchase-details
GET /purchases
GET /report/deliveries
GET /report/sales
GET /store/fetch/all
GET /store/fetch/company/{companyId}
GET /store/fetch/{id}
GET /suppliers
GET /tax/add
GET /tax/edit
GET /tax/fetchAll
GET /tax/fetchAllNew
GET /tax/v2/calculateBaseAmount
GET /tax/v2/calculateTotalAmount
GET /tax/v2/fetchAll
GET /user/profile/info
GET /user/role/view/all
POST /auth/delivery/customer/login
POST /auth/delivery/customer/signup
POST /auth/delivery/password/reset
POST /auth/delivery/request/password/reset
POST /auth/login
POST /auth/resend/confirmation/token
POST /company/create
POST /company/item/add
POST /company/item/v2/add
POST /company/register
POST /courier/delivery/add/courier
POST /courier/delivery/confirmation
POST /delivery/orders/draft
POST /delivery/orders/{id}/assign/courier
POST /delivery/orders/{id}/assign/waiter
POST /delivery/payment/details/add/momo/detail
POST /delivery/payment/details/confirmation
POST /delivery/payment/details/paystack/refund
POST /delivery/payment/details/paystack/refund/reactive
POST /employee/add
POST /employee/add/V2
POST /employee/edit
POST /employee/edit/V2
POST /error/save
POST /file/presigned-url
POST /file/presigned-url-entity
POST /file/upload
POST /mealplan/register
POST /menu/today/add
POST /menu/today/update
POST /notifications/test/order
POST /payphoney/carl/api/records
POST /payphoney/carl/api/send/email
POST /payphoney/carl/api/sync/students
POST /payphoney/carl/api/wallet/balance
POST /payphoney/carl/api/wallet/balance/V2
POST /payphoney/carl/api/wallet/list
POST /payphoney/carl/api/wallet/recharge
POST /payphoney/payments/paystack/refund
POST /sale/create
POST /sale/make
POST /store/create
POST /tax/v2/add
POST /tax/v2/edit
POST /user/role/assign
POST /user/role/create
PUT /company/item/update
PUT /company/update
PUT /courier/delivery/update/courier
PUT /delivery/payment/details/update/momo/detail
PUT /mealplan/update
PUT /store/update
PUT /user/profile/update

Found on 2025-11-12 18:45

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.terrasense.cloud
Port: 80
URL: http://api.terrasense.cloud

First seen 2025-12-01 01:08
Last seen 2026-01-09 02:55
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 02:55
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.enlight.apptoku.com
Port: 443
URL: https://api.enlight.apptoku.com

First seen 2025-10-17 00:31
Last seen 2026-01-09 01:45
Open for 84 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff431ce6ac208ff9edfad6c4ca4fb986a8a6cb87b40b
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /events/
GET /events/archive/
GET /events/filter_options/
GET /events/{slug}/{id}/
GET /ideas/
GET /ideas/{id}/
GET /logout/
GET /user/
POST /events/{id}/attachments/
POST /events/{id}/participate/
POST /events/{id}/vote/
POST /ideas/{id}/vote/
POST /token/refresh/
```
  Found on 2026-01-09 01:45
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.wayflow-hub.com
Port: 443
URL: https://api.wayflow-hub.com

First seen 2025-11-27 16:41
Last seen 2026-01-09 01:40
Open for 42 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839680286c20

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /overview/monthly-vehicle-reports
GET /overview/stats
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2026-01-09 01:40

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b1c5f9de5ad0d6890af025f721bd2839695fa1cc9

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /admin/accounts/{accountId}/users/{userId}/features/commute/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/commutes/{featureId}
DELETE /admin/cooperatives/{cooperativeId}/features/daily-maximum/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/free-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/frequent-driver/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/off-peak-hours/{id}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts/{discountId}
DELETE /admin/cooperatives/{cooperativeId}/features/trip-tier/{id}
DELETE /cache
DELETE /import/onzeauto/imports/{importId}/lines/{lineId}
DELETE /trips/{tripId}
GET /admin/accounts
GET /admin/accounts/owners
GET /admin/accounts/owners/names
GET /admin/accounts/{accountId}/users
GET /admin/cooperatives/{cooperativeId}/features/commutes
GET /admin/cooperatives/{cooperativeId}/features/commutes/users/{userId}
GET /admin/cooperatives/{cooperativeId}/features/daily-maximum
GET /admin/cooperatives/{cooperativeId}/features/free-hours
GET /admin/cooperatives/{cooperativeId}/features/frequent-driver
GET /admin/cooperatives/{cooperativeId}/features/kilometer-tier
GET /admin/cooperatives/{cooperativeId}/features/off-peak-hours
GET /admin/cooperatives/{cooperativeId}/features/trip-tier
GET /admin/pricecategories
GET /admin/pricecategories/categories/{category}
GET /admin/pricecategories/{priceCategoryId}
GET /admin/pricecategories/{priceCategoryId}/prices
GET /admin/pricecategories/{priceCategoryId}/vehicles
GET /admin/users
GET /admin/vehicles
GET /admin/vehicles/{vehicleId}
GET /admin/vehicles/{vehicleId}/pricecategories
GET /audits/events
GET /audits/mailjet/messages
GET /audits/mailjet/messages/problematic
GET /audits/mailjet/messages/status/{status}
GET /audits/mailjet/messages/summary
GET /audits/mailjet/messages/with-contacts
GET /audits/mailjet/messages/{messageId}/history
GET /audits/sendgrid/errors/all
GET /audits/sendgrid/errors/blocked
GET /audits/sendgrid/errors/bounced
GET /audits/sendgrid/errors/invalid
GET /audits/sendgrid/errors/recent
GET /audits/sendgrid/errors/search
GET /audits/sendgrid/errors/spam-reports
GET /audits/sendgrid/errors/summary
GET /cooperatives
GET /cooperatives/{id}
GET /datamanagement/cooperative
GET /datamanagement/cooperatives/{cooperativeId}/accounts
GET /datamanagement/cooperatives/{cooperativeId}/pricecategories
GET /datamanagement/documents
GET /datamanagement/documents/imports
GET /datamanagement/documents/{documentId}
GET /documents
GET /documents/pdf
GET /documents/pdf/{documentId}
GET /documents/{documentId}
GET /emaildispatch/tasks
GET /emaildispatch/tasks/{taskId}
GET /emaildispatch/tasks/{taskId}/items
GET /emaildispatch/tasks/{taskId}/items/{itemId}
GET /import/imports
GET /import/manual/template
GET /import/onzeauto/imports
GET /import/onzeauto/imports/{importId}
GET /tenant/accounts/admin
GET /tenant/cooperatives
GET /trips
GET /trips/{tripId}/changelog
GET /types/audit-logs-categories
GET /types/daily-max-types
GET /types/trip-status-types
GET /types/vehicle-body-types
GET /types/vehicle-fuel-types
GET /types/vehicle-transmission-types
GET /types/vehicle-types
GET /users/profile
PATCH /datamanagement/cooperative/email
POST /admin/accounts/{accountId}/users/{userId}/features/commute
POST /admin/cooperatives/{cooperativeId}/features/frequent-driver/{featureFrequentDriverId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/kilometer-tier/{featureKilometerTierId}/discounts
POST /admin/cooperatives/{cooperativeId}/features/trip-tier/{featureTripTierId}/discounts
POST /auth/login
POST /auth/register
POST /cooperatives/signup
POST /datamanagement/cooperatives/{cooperativeId}/accounts/users
POST /datamanagement/documents/csv
POST /datamanagement/documents/summaries/csv
POST /datamanagement/documents/userdata/csv
POST /datamanagement/documents/vehicledata/csv
POST /emaildispatch/tasks/{taskId}/items/{itemId}/send
POST /emaildispatch/tasks/{taskId}/send
POST /export/csv
POST /export/summaries/csv
POST /export/userdata/csv
POST /export/vehicledata/csv
POST /import/manual
POST /import/mywheels
POST /import/onzeauto/{importId}/process
POST /import/onzeautov2
POST /reports/price
POST /tenant
POST /tenant/users/bulk-create
POST /webhooks/pdf
PUT /admin/accounts/{accountId}
PUT /admin/accounts/{accountId}/users/{userId}
PUT /admin/pricecategories/{priceCategoryId}/prices/{priceId}
PUT /admin/pricecategories/{priceCategoryId}/vehicles/{vehicleId}
PUT /admin/vehicles/{vehicleId}/prices/{priceCategoryId}
PUT /users/profile/change-password

Found on 2025-12-26 11:38

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: ccapi-staging.constructioncure.com
Port: 443
URL: https://ccapi-staging.constructioncure.com

First seen 2025-11-30 22:24
Last seen 2026-01-09 01:31
Open for 39 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d6079859ea4f

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/stats/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/stats/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/members/{id}/stats/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/stats/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/stats/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/unpaid-time/stats/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/stats/paid/
GET /me/stats/time/
GET /me/stats/unpaid/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2026-01-09 01:31

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb44272d9175efb83914c0bc1aafab9d607380e60c8

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /companies/
GET /companies/{company_pk}/billing/invoices/
GET /companies/{company_pk}/billing/payment-methods/
GET /companies/{company_pk}/billing/subscription/
GET /companies/{company_pk}/cis-payments/
GET /companies/{company_pk}/cis-payments/export/
GET /companies/{company_pk}/cis-payments/{id}/
GET /companies/{company_pk}/member-payments/
GET /companies/{company_pk}/member-payments/export/
GET /companies/{company_pk}/member-payments/{id}/
GET /companies/{company_pk}/members/
GET /companies/{company_pk}/members/export/
GET /companies/{company_pk}/members/{id}/
GET /companies/{company_pk}/members/{id}/projects/
GET /companies/{company_pk}/project-roles/
GET /companies/{company_pk}/project-roles/{id}/
GET /companies/{company_pk}/projects/
GET /companies/{company_pk}/projects/export/
GET /companies/{company_pk}/projects/{id}/
GET /companies/{company_pk}/projects/{id}/status/
GET /companies/{company_pk}/projects/{project_pk}/members/
GET /companies/{company_pk}/projects/{project_pk}/members/export/
GET /companies/{company_pk}/projects/{project_pk}/members/{id}/
GET /companies/{company_pk}/roles/
GET /companies/{company_pk}/roles/{id}/
GET /companies/{company_pk}/time-log-events/
GET /companies/{company_pk}/time-log-events/details/
GET /companies/{company_pk}/time-log-events/export/
GET /companies/{company_pk}/time-log-events/{id}/
GET /companies/{company_pk}/time-logs/
GET /companies/{company_pk}/time-logs/export/
GET /companies/{company_pk}/time-logs/{id}/
GET /companies/{company_pk}/unpaid-time/
GET /companies/{company_pk}/unpaid-time/export/
GET /companies/{company_pk}/visitor-logs/
GET /companies/{company_pk}/visitor-logs/export/
GET /companies/{company_pk}/visitor-logs/{id}/
GET /companies/{company_pk}/visitors/
GET /companies/{company_pk}/visitors/export/
GET /companies/{company_pk}/visitors/{id}/
GET /companies/{company_pk}/visitors/{id}/details/
GET /companies/{id}/
GET /companies/{id}/status/
GET /me/company-invitations/
GET /me/profile/
GET /me/project-invitations/
GET /me/time-log-events/{id}/
GET /me/time/last-visitor-event/
GET /me/time/logs/
GET /me/time/status/
GET /otp/email_otp/
GET /otp/sms_otp/
GET /versions/
POST /auth/confirm/
POST /auth/login/
POST /auth/register/
POST /auth/resend/
POST /auth/token/blacklist/
POST /auth/token/refresh/
POST /auth/verify/
POST /companies/{company_pk}/billing/customer-portal-session/
POST /companies/{company_pk}/billing/subscription/cancel/
POST /companies/{company_pk}/cis-payments/{id}/register/
POST /companies/{company_pk}/time-log-events/{id}/overtime/
POST /companies/{company_pk}/unpaid-time/register/
POST /me/company-invitations/{id}/accept/
POST /me/company-invitations/{id}/reject/
POST /me/project-invitations/{id}/accept/
POST /me/project-invitations/{id}/reject/
POST /me/time/arrive/
POST /me/time/check-in/
POST /me/time/check-out/
POST /me/time/clock-in/
POST /me/time/clock-out/
POST /me/time/leave/
POST /me/time/request-overtime/

Found on 2025-12-20 16:56

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: app.appero.co.uk
Port: 443
URL: https://app.appero.co.uk

First seen 2025-10-29 01:18
Last seen 2026-01-09 01:28
Open for 72 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f5e22fb47aa8513b6d2469d46d2469d46d2469d46d2469d4
```
Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
POST /api/v1/experiences
POST /api/v1/feedback
```
  Found on 2026-01-09 01:28
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: www.stant-ad.com
Port: 443
URL: https://www.stant-ad.com

First seen 2025-11-27 17:03
Last seen 2026-01-09 01:24
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 01:24
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: www.wmpeditions.com
Port: 80
URL: http://www.wmpeditions.com

First seen 2025-12-04 17:22
Last seen 2026-01-09 01:10
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 01:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: booking-api.iotee.eu
Port: 443
URL: https://booking-api.iotee.eu

First seen 2025-10-17 01:11
Last seen 2026-01-08 23:47
Open for 83 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-08 23:47
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dev.api.mailer.hotlens.com
Port: 443
URL: https://dev.api.mailer.hotlens.com

First seen 2025-10-17 13:53
Last seen 2026-01-08 23:35
Open for 83 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec0197faf3da10c07fcaed

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
GET /api/backoffice/Mailer/potencional-players-mails
HEAD /api/Sendgrid/health-check
HEAD /api/backoffice/Mailer/health-check
POST /api/Sendgrid/player-open-email
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/change-potencional-player-segment
PUT /api/backoffice/Mailer/edit-player-segment-period
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2026-01-08 23:35

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec0197faf3da10a69516d5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
GET /api/backoffice/Mailer/potencional-players-mails
HEAD /api/Sendgrid/health-check
HEAD /api/backoffice/Mailer/health-check
POST /api/Sendgrid/player-open-email
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/change-potencional-player-segment
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2025-12-16 16:04

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec019740bcc8dfdbbd7c73

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
HEAD /api/backoffice/Mailer/health-check
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2025-10-17 13:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bookings.oxfordlymphoedemapractice.com
Port: 443
URL: https://bookings.oxfordlymphoedemapractice.com

First seen 2025-11-14 03:43
Last seen 2026-01-08 22:22
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-08 22:22
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: bigle-email-serve.biglelegal.com
Port: 443
URL: https://bigle-email-serve.biglelegal.com

First seen 2025-11-18 01:28
Last seen 2026-01-08 22:18
Open for 51 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-08 22:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: widget-api.local.fr
Port: 443
URL: https://widget-api.local.fr

First seen 2025-11-01 07:59
Last seen 2026-01-08 21:01
Open for 68 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-08 21:01
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: demo.apex-crm.xyz
Port: 443
URL: https://demo.apex-crm.xyz

First seen 2025-11-12 04:22
Last seen 2026-01-08 20:30
Open for 57 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-08 20:30
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: events-api.windband.ch
Port: 443
URL: https://events-api.windband.ch

First seen 2025-11-05 01:31
Last seen 2026-01-08 20:24
Open for 64 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e591ce6e6945738491f2f51604699b281e96f8b9b7

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /public/app-page/news
GET /public/app-page/{id}
GET /public/config
GET /public/emergency
GET /public/festprogramm
GET /public/judge
GET /public/location/geojson
GET /public/location/wettspiel
GET /public/location/{identifier}
GET /public/ping
GET /public/ranking
GET /public/ranking/available
GET /public/ranking/verein/{vereinIdentifier}
GET /public/ranking/{rankingId}
GET /public/sponsoring
GET /public/sponsoring/random
GET /public/sponsoring/random/{count}
GET /public/test
GET /public/timetable
GET /public/timetable/flat
GET /public/timetable/preview/{locationIdentifier}
GET /public/timetable/welcome
GET /public/timetable/{locationIdentifier}
GET /public/unterhaltung
GET /public/unterhaltung/band/{identifier}
GET /public/verein
GET /public/verein/member/{identifier}
GET /public/verein/{identifier}
POST /public/location/{id}/distance
POST /public/webhook

Found on 2026-01-08 20:24

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e591ce6e6945738491f2f51604699b281e2733bfd9

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /public/app-page/news
GET /public/app-page/{id}
GET /public/config
GET /public/emergency
GET /public/festprogramm
GET /public/judge
GET /public/location/geojson
GET /public/location/wettspiel
GET /public/location/{identifier}
GET /public/ping
GET /public/ranking
GET /public/ranking/available
GET /public/ranking/verein/{vereinIdentifier}
GET /public/ranking/{rankingId}
GET /public/sponsoring
GET /public/sponsoring/random
GET /public/sponsoring/random/{count}
GET /public/test
GET /public/timetable
GET /public/timetable/preview/{locationIdentifier}
GET /public/timetable/welcome
GET /public/timetable/{locationIdentifier}
GET /public/unterhaltung
GET /public/unterhaltung/band/{identifier}
GET /public/verein
GET /public/verein/member/{identifier}
GET /public/verein/{identifier}
POST /public/location/{id}/distance
POST /public/webhook

Found on 2025-11-16 19:17

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.swimkiddo.cz
Port: 443
URL: https://www.swimkiddo.cz

First seen 2025-11-18 20:34
Last seen 2026-01-03 21:10
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3504af1f44d310a1eefed1e11ea2cac38f46dca2214

GraphQL introspection enabled at /api
Types: 109 (by kind: ENUM: 3, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 28, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUserLanguage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 21:10

59.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dd853796c2d4ee4689188eb1c12fe14a3bf00d96

GraphQL introspection enabled at /api
Types: 111 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 27, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-19 07:47

59.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027ce5e245f8575a8f9122be337d84978b1823dd8

GraphQL introspection enabled at /api
Types: 110 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 26, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-16 22:55

57.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dbdd11618948e1a3729ac8ee86968a411d6ecbdd

GraphQL introspection enabled at /api
Types: 108 (by kind: ENUM: 5, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 25, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-13 05:01

55.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11af48710dc778673a45ee00904

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: courseProgress, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-01 19:28

45.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11a00563df6f79eff2675fded82

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-18 20:34

45.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: swimkiddo.cz
Port: 443
URL: https://swimkiddo.cz

First seen 2025-11-18 20:34
Last seen 2026-01-03 21:04
Open for 46 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3504af1f44d310a1eefed1e11ea2cac38f46dca2214

GraphQL introspection enabled at /api
Types: 109 (by kind: ENUM: 3, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 28, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUserLanguage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-03 21:04

59.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027ce5e245f8575a8f9122be337d84978b1823dd8

GraphQL introspection enabled at /api
Types: 110 (by kind: ENUM: 6, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 26, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-18 15:32

57.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350dbdd11618948e1a3729ac8ee86968a411d6ecbdd

GraphQL introspection enabled at /api
Types: 108 (by kind: ENUM: 5, INPUT_OBJECT: 1, INTERFACE: 2, OBJECT: 25, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: course, courseProgress, courseProgressList, lesson, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, startCourse, updateAccount
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-14 10:45

55.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11af48710dc778673a45ee00904

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: courseProgress, me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-08 14:46

45.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35048ce3d2af2a1d11a00563df6f79eff2675fded82

GraphQL introspection enabled at /api
Types: 103 (by kind: ENUM: 7, INPUT_OBJECT: 1, OBJECT: 20, SCALAR: 73, UNION: 2)
Operations:
- Query: Query | fields: me
- Mutation: Mutation | fields: addAccount, deleteAccount, finishUserActivation, updateAccount, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-18 20:34

45.8 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: beathub.co
Port: 443
URL: https://beathub.co

First seen 2025-02-24 10:01
Last seen 2026-01-03 01:14
Open for 312 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9defb20ff3efb20ff3efb20ff3efb20ff3
```
Found 1 files trough .DS_Store spidering:

/favicon v1
```
  Found on 2026-01-03 01:14
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d1aa48da11aa48da11aa48da11aa48da1
```
Found 1 files trough .DS_Store spidering:

/favicon.ico
```
  Found on 2025-04-14 14:23
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: obchod.stokrle.cz
Port: 80
URL: http://obchod.stokrle.cz

First seen 2025-10-19 22:29
Last seen 2026-01-03 00:32
Open for 75 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595689292b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1243
orders (args: optional/default) : totalCount=1332
returns (args: optional/default) : totalCount=54
orderCounts (args: none) : pendingCount=5 readyCount=3

Found on 2026-01-03 00:32

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59534cb3718

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1233
orders (args: optional/default) : totalCount=1318
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=1

Found on 2025-12-27 07:16

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59565cb1775

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1232
orders (args: optional/default) : totalCount=1317
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=0

Found on 2025-12-25 07:53

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ed97c5be

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1227
orders (args: optional/default) : totalCount=1311
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=5 readyCount=0

Found on 2025-12-21 04:20

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59529391304

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1212
orders (args: optional/default) : totalCount=1296
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=6

Found on 2025-12-19 04:29

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59521f245bb

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1194
orders (args: optional/default) : totalCount=1273
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=5

Found on 2025-12-17 00:12

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953d153e1f

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1162
orders (args: optional/default) : totalCount=1232
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=10

Found on 2025-12-13 19:53

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc2a27d7

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1139
orders (args: optional/default) : totalCount=1206
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=11 readyCount=12

Found on 2025-12-11 14:19

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595effd073d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1049
orders (args: optional/default) : totalCount=1102
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=5 readyCount=5

Found on 2025-12-01 20:23

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59554845a8b

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1035
orders (args: optional/default) : totalCount=1086
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=3

Found on 2025-11-29 13:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59585e8f95c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1029
orders (args: optional/default) : totalCount=1080
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=4

Found on 2025-11-27 12:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9e5ab79

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=20 pendingCount=2

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595c1b2ce33

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=20

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595866240c3

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1011
orders (args: optional/default) : totalCount=1076
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=14 pendingCount=2

Found on 2025-11-23 12:26

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5950de65e0a

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1000
orders (args: optional/default) : totalCount=1064
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=7

Found on 2025-11-21 12:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595e68648c5

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=987
orders (args: optional/default) : totalCount=1049
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=7

Found on 2025-11-16 18:43

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953a7768b2

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=981
orders (args: optional/default) : totalCount=1043
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-14 21:55

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59548893766

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=973
orders (args: optional/default) : totalCount=1034
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=11

Found on 2025-11-12 19:43

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc23607d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=967
orders (args: optional/default) : totalCount=1025
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=4

Found on 2025-11-10 15:37

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc179252

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=962
orders (args: optional/default) : totalCount=1020
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=5

Found on 2025-11-08 13:37

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59557758efe

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=958
orders (args: optional/default) : totalCount=1016
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-07 00:25

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5958d91a35c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=954
orders (args: optional/default) : totalCount=1012
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-04 21:04

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59548c0df42

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=952
orders (args: optional/default) : totalCount=1010
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-02 23:06

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595dfca50a5

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=950
orders (args: optional/default) : totalCount=1008
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-01 15:37

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5956f3571b4

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=943
orders (args: optional/default) : totalCount=1001
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-28 16:35

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595eff96d38

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=999
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=3 pendingCount=2

Found on 2025-10-26 10:16

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fb80c7b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=998
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-24 06:39

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59579b1d7a8

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=939
orders (args: optional/default) : totalCount=994
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-22 07:05

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ee629943

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=8 pendingCount=3

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9ecd561

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=8

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: skyduck.org
Port: 443
URL: https://skyduck.org

First seen 2025-11-21 02:48
Last seen 2026-01-03 00:32
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa32244f898710f067ce131890bf806728b2f6ad8ef
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, OBJECT: 13, SCALAR: 4)
Operations:
- Query: Query | fields: club, clubs, weather
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
```
  Found on 2026-01-03 00:32
  
  29.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.salaries.wei.co.mz
Port: 80
URL: http://api.salaries.wei.co.mz

First seen 2025-11-03 01:18
Last seen 2026-01-03 00:17
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa370ed5a6c46b120f00fc2a9082647f04c9291295c

GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 4, INPUT_OBJECT: 4, OBJECT: 9, SCALAR: 3)
Operations:
- Query: Query | fields: salaries
- Mutation: Mutation | fields: submitSalary
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-03 00:17

26.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa370ed5a6c46b120f00fc2a9082647f04cc86bb31c

GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 4, INPUT_OBJECT: 4, OBJECT: 9, SCALAR: 3)
Operations:
- Query: Query | fields: salaries
- Mutation: Mutation | fields: submitSalary
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-30 14:20

26.5 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging.api.intergasxpert.nl
Port: 443
URL: https://staging.api.intergasxpert.nl

First seen 2025-11-15 00:00
Last seen 2026-01-03 00:05
Open for 49 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa390791a358f929cb7685db2d13acaeabce5cb7398

GraphQL introspection enabled at /graphql
Types: 190 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 117, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2026-01-03 00:05

264.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e41399e61e08b8968a0c3716da7567af6bda3693

GraphQL introspection enabled at /graphql
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-12-01 09:37

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e3500cd15bf189b6d97367b45775da774028f2f4a9b4

GraphQL introspection enabled at /api
Types: 189 (by kind: ENUM: 28, INPUT_OBJECT: 30, INTERFACE: 7, OBJECT: 116, SCALAR: 6, UNION: 2)
Operations:
- Query: Query | fields: faq, getCountries, lookupDutchAddress, randomFaq, searchFaqs
- Mutation: Mutation | fields: addOrUpdateTrainingRelation, deleteTrainingRelation, redeemCoupon, registerForTraining, signUpForTraining
Directives: auth, deprecated, include, oneOf, skip, specifiedBy, trim (total: 7)

Found on 2025-11-15 00:00

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-15 00:00

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: bamafreshcuts.cpms46.se
Port: 443
URL: https://bamafreshcuts.cpms46.se

First seen 2025-11-11 06:51
Last seen 2026-01-02 23:57
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 23:57
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: demo.nyttig-info.dk
Port: 80
URL: http://demo.nyttig-info.dk

First seen 2024-08-15 00:06
Last seen 2026-01-02 23:57
Open for 505 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc837288bff59bf90a4cd9c223b6d9c6c7
```
Found 4 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/offline.html
/vejledninger
```
  Found on 2026-01-02 23:57
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e9775a8c4ec0656fb9a29642268d158f28
```
Found 5 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/offline.html
/vejledninger
/ViewerJS
```
  Found on 2025-09-13 03:42
- Severity: low
  Fingerprint: 5f32cf5d6962f09c2eda814e2eda814e8764e31dd3deabb40695c0f1bb06a4ae
```
Found 6 files trough .DS_Store spidering:

/icons
/manifest.webmanifest
/offline.html
/vejledninger
/ViewerJS
/ViewerJS/images
```
  Found on 2025-04-12 01:03
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.shopunderthedesk.co.uk
Port: 443
URL: https://www.shopunderthedesk.co.uk

First seen 2025-10-31 01:10
Last seen 2026-01-02 23:25
Open for 63 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62dbe43f78c9c39e5c525dee5e3f24b95aa78b05e

GraphQL introspection enabled at /api/graphql
Types: 322 (by kind: ENUM: 4, INPUT_OBJECT: 69, OBJECT: 237, SCALAR: 11, UNION: 1)
Operations:
- Query: Query | fields: categories, categoriesConnection, category, checkoutPageConfig, content
- Mutation: Mutation | fields: createCategory, deleteCategory, deleteCheckoutPageConfig, updateCategory, updateCheckoutPageConfig
- Subscription: Subscription | fields: _id, createdAt, id, plan, updatedAt
Directives: cacheControl, deprecated, include, skip (total: 4)

Found on 2026-01-02 23:25

256.1 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brfvalbehaget.cpms46.se
Port: 443
URL: https://brfvalbehaget.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 23:08
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 23:08
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: logistik-api.saubermacher.at
Port: 80
URL: http://logistik-api.saubermacher.at

First seen 2025-11-07 01:06
Last seen 2026-01-02 23:07
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ce1800f1953c107399f0c342c51119f722e3424f
```
GraphQL introspection enabled at /graphql
Types: 35 (by kind: ENUM: 4, OBJECT: 25, SCALAR: 6)
Operations:
- Query: Query | fields: me, order, user, users, version
- Mutation: Mutation | fields: createUser, deleteUser, logout, signin, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 23:07
  
  65.5 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: karlastaden.park46.se
Port: 443
URL: https://karlastaden.park46.se

First seen 2025-11-07 01:06
Last seen 2026-01-02 23:07
Open for 56 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 23:07
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: dev.cms.catalog.lear.com
Port: 80
URL: http://dev.cms.catalog.lear.com

First seen 2025-11-24 04:16
Last seen 2026-01-02 22:35
Open for 39 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa374f66b2b0e52ab695274e894cff13c2a5d56a49c

GraphQL introspection enabled at /graphql
Types: 493 (by kind: ENUM: 18, INPUT_OBJECT: 143, OBJECT: 317, SCALAR: 11, UNION: 4)
Operations:
- Query: Query | fields: menusMenu, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 22:35

653.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b3563397d505a745ea8f65d08adf3b16f1f364c0

GraphQL introspection enabled at /graphql
Types: 492 (by kind: ENUM: 17, INPUT_OBJECT: 143, OBJECT: 317, SCALAR: 11, UNION: 4)
Operations:
- Query: Query | fields: menusMenu, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-16 20:25

651.7 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: forshagaenergi.park46.se
Port: 443
URL: https://forshagaenergi.park46.se

First seen 2025-10-23 00:32
Last seen 2026-01-02 22:28
Open for 71 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 22:28
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.maximomes.app
Port: 443
URL: https://api.maximomes.app

First seen 2025-10-23 23:49
Last seen 2026-01-02 22:19
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fdfcbd6b4b001829a9433755b1d507f00d51b571

GraphQL introspection enabled at /graphql
Types: 269 (by kind: ENUM: 13, INPUT_OBJECT: 106, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 22:19

265.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e1614c57cd654b85505aab1100a28164d16706a5

GraphQL introspection enabled at /graphql
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-01 09:05

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e3dbe78b4cff82898dba3ef523e55a902b4493d1

GraphQL introspection enabled at /graphql
Types: 265 (by kind: ENUM: 13, INPUT_OBJECT: 102, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-27 08:31

261.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36f747e3dab42d8df2ee822471b1a6e7225b3d99b

GraphQL introspection enabled at /graphql
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-23 16:48

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a120b6f80324881c1acc411cb52239abe473eb1c

GraphQL introspection enabled at /graphql
Types: 259 (by kind: ENUM: 13, INPUT_OBJECT: 98, INTERFACE: 2, OBJECT: 72, SCALAR: 74)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-04 23:01

255.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa316ba1348e34e28ec1ab3ffac77572fbb2b906fcc

GraphQL introspection enabled at /graphql
Types: 254 (by kind: ENUM: 12, INPUT_OBJECT: 97, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-03 15:18

249.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d382c5e09a39156424130573eb8d023b72f7be1a

GraphQL introspection enabled at /graphql
Types: 252 (by kind: ENUM: 12, INPUT_OBJECT: 95, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: checkResetEmailToken, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: createEntry, deleteEntry, refreshToken, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-10-28 16:03

242.9 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: lookups-api.ayamedica.com
Port: 443
URL: https://lookups-api.ayamedica.com

First seen 2025-10-19 22:21
Last seen 2026-01-02 22:17
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec201bc1efe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 22:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c1e9a46e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-27 02:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cd44cbf4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 22:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2966e62f2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-23 06:51

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a6d9452e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e52e80d0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f5a6f2b4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2261ccdb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cb9881cc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-20 23:53

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27a89d40a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 22:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27aff364a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-16 20:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203534222

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-13 07:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cff4a630

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-11 09:12

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2df774d28

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-01 05:22

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec217c05168

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-29 11:50

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d00263de

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-27 06:25

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec242d9453c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-23 05:29

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eef0cb1a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-20 23:15

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28af18d52

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-16 13:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236f12386

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 15:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d2e3927c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-12 14:55

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 18:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f44cb372

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 14:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b2760eaa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-06 18:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-04 14:49

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20168d916

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 03:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ac87ea22

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea87a91a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec255f2cf1e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec224611340

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec293cbf212

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-01 21:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f6a3a19e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 21:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e6325c82

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23ae5b778

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21c58dbc2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b418d948

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 13:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fde024f0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-24 09:59

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db47adb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-22 11:38

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec273afbc8e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec278719574

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20fcf623c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging-ims-proxy-be.kivunova.com
Port: 80
URL: http://staging-ims-proxy-be.kivunova.com

First seen 2025-11-11 02:46
Last seen 2026-01-02 22:05
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa388c0849874618a7c3303b3e942a0936922a85d7f

GraphQL introspection enabled at /graphql
Types: 144 (by kind: ENUM: 9, INPUT_OBJECT: 62, OBJECT: 70, SCALAR: 3)
Operations:
- Query: Query | fields: getStoreDetails, listCompanyUsers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2026-01-02 22:05

112.9 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c13b21bdb2dd8f5f0fdcb528c7fb8328d23e1f78

GraphQL introspection enabled at /graphql
Types: 136 (by kind: ENUM: 9, INPUT_OBJECT: 58, OBJECT: 66, SCALAR: 3)
Operations:
- Query: Query | fields: getStoreDetails, listCompanyUsers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2025-12-24 21:42

106.9 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c13b21bdb2dd8f5fe0268b02b9d9cbe6cb919506

GraphQL introspection enabled at /graphql
Types: 136 (by kind: ENUM: 9, INPUT_OBJECT: 58, OBJECT: 66, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2025-12-18 23:18

105.2 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34788eefed772fe2e231e8b81e3e58811b50691d7

GraphQL introspection enabled at /graphql
Types: 126 (by kind: ENUM: 9, INPUT_OBJECT: 53, OBJECT: 61, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Readable stores: 2
getAllCompaniesSuperAdmin (args: none) : code=UNAUTHORIZED
getCompanyDetails (args: none) : code=UNAUTHORIZED

Found on 2025-12-16 19:41

100.1 kBytes 2 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39b50c385d932d6474a774d0a0a947e3ea252c15b

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 9, INPUT_OBJECT: 53, OBJECT: 59, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Found on 2025-12-02 06:13

98.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3564a0a130a7e5b519628d04c709e2e0c270c3365

GraphQL introspection enabled at /graphql
Types: 120 (by kind: ENUM: 8, INPUT_OBJECT: 51, OBJECT: 58, SCALAR: 3)
Operations:
- Query: Query | fields: listCompanyUsers, listCustomers, listStoreUsers, listStores, listStoresUsers
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Found on 2025-12-01 04:29

95.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31f27e6e9bbee71cbdc682c5520a1bc3526a908f6

GraphQL introspection enabled at /graphql
Types: 90 (by kind: ENUM: 6, INPUT_OBJECT: 43, OBJECT: 35, SCALAR: 3, UNION: 3)
Operations:
- Query: Query | fields: getCustomer, listCompanyUsers, listCustomers, listStoreUsers, validateToken
- Mutation: Mutation | fields: login, logout, resendVerification, updateProfile, verifyEmail
Directives: defer, deprecated, experimental_disableErrorPropagation, include, oneOf, skip, specifiedBy (total: 7)

Found on 2025-11-23 00:01

74.1 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api-server-staging.freelancerepublik.com
Port: 80
URL: http://api-server-staging.freelancerepublik.com

First seen 2025-11-08 00:22
Last seen 2026-01-02 22:00
Open for 55 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33017047b2e9f8f792fc053504ea2bd85cca2615c

GraphQL introspection enabled at /graphql
Types: 194 (by kind: ENUM: 40, INPUT_OBJECT: 63, INTERFACE: 2, OBJECT: 79, SCALAR: 10)
Operations:
- Query: Query | fields: authStats, candidateQualification, clientOpportunities, contractDocuments, contractList
- Mutation: Mutation | fields: acceptTerms, contractMarkAsSent, contractMerge, freelanceExternalDocumentAdd, freelanceExternalDocumentEdit
- Subscription: Subscription | fields: missionUpdated, userNotified, userUpdated
Directives: auth, deprecated, include, oneOf, skip, specifiedBy (total: 6)

Found on 2026-01-02 22:00

215.1 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: participa.sostrecivic.coop
Port: 443
URL: https://participa.sostrecivic.coop

First seen 2025-11-21 00:18
Last seen 2026-01-02 21:59
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350ad137b3032913ab4b8bf18ff857d6519b71dd6c8

GraphQL introspection enabled at /api
Types: 61 (by kind: ENUM: 2, INTERFACE: 8, OBJECT: 44, SCALAR: 7)
Operations:
- Query: Query | fields: assemblies, assembly, commentable, component, decidim
- Mutation: Mutation | fields: comment, commentable
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
decidim (args: none) : version=0.20.0 applicationName=My Application Name rubyVersion=2.6.1
organization (args: none) : name=Sostre Cívic

Found on 2026-01-02 21:59

88.9 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350ad137b3032913ab4b8bf18ff857d6519cdef0af6

GraphQL introspection enabled at /api
Types: 61 (by kind: ENUM: 2, INTERFACE: 8, OBJECT: 44, SCALAR: 7)
Operations:
- Query: Query | fields: assemblies, assembly, commentable, component, decidim
- Mutation: Mutation | fields: comment, commentable
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
decidim (args: none) : applicationName=My Application Name rubyVersion=2.6.1 version=0.20.0
organization (args: none) : name=Sostre Cívic

Found on 2025-12-27 01:14

88.9 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e350ad137b3032913ab4b8bf18ff857d6519d1bf4428

GraphQL introspection enabled at /api
Types: 61 (by kind: ENUM: 2, INTERFACE: 8, OBJECT: 44, SCALAR: 7)
Operations:
- Query: Query | fields: assemblies, assembly, commentable, component, decidim
- Mutation: Mutation | fields: comment, commentable
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
decidim (args: none) : rubyVersion=2.6.1 version=0.20.0 applicationName=My Application Name
organization (args: none) : name=Sostre Cívic

Found on 2025-12-25 04:28

88.9 kBytes 4 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.eishockeyticker.ch
Port: 443
URL: https://www.eishockeyticker.ch

First seen 2025-11-08 01:03
Last seen 2026-01-02 21:53
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 21:53
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.eishockeyticker.ch
Port: 80
URL: http://www.eishockeyticker.ch

First seen 2025-11-08 01:03
Last seen 2026-01-02 21:53
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 21:53
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.smartroute.io
Port: 443
URL: https://www.smartroute.io

First seen 2025-11-22 00:04
Last seen 2026-01-02 21:49
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa363034660c6076ae4ff1c06dd195a0af7cf7fc8c7
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 10, SCALAR: 6)
Operations:
- Query: Query | fields: vehicleByImei
- Mutation: Mutation | fields: createTracker
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 21:49
  
  22.7 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.airsideinsurance4u.co.uk
Port: 80
URL: http://www.airsideinsurance4u.co.uk

First seen 2025-05-21 14:01
Last seen 2026-01-02 21:40
Open for 226 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642f079f9265f554ed45f554ed45f554ed4
```
Found 2 files trough .DS_Store spidering:

/favicon.ico
/robots.txt
```
  Found on 2026-01-02 21:40
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: silviasoftware.org
Port: 443
URL: https://silviasoftware.org

First seen 2024-12-14 21:50
Last seen 2026-01-02 21:35
Open for 383 days
- Severity: medium
  Fingerprint: 5f32cf5d6962f09c2acf29aa2acf29aacbb83818446858bbc4777e9b7940a890
```
Found 33 files trough .DS_Store spidering:

/404.html
/app.py
/css
/css/animate.css
/css/responsive.css
/css/style.css
/css/style2.css
/email.html
/fulfillment-policy.html
/img
/img/1.png
/img/2.png
/img/3.png
/img/4.png
/img/5.png
/img/6.png
/img/discord.png
/img/gym.jpg
/img/logo.jpeg
/img/logo.png
/img/p11.png
/img/p22.png
/index.html
/js
/js/faq.js
/js/main.js
/js/wow.js
/postMail.php
/privacy-policy.html
/Procfile
/products
/requirements.txt
/terms-and-conditions.html
```
  Found on 2026-01-02 21:35
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.meister1.com
Port: 443
URL: https://api.meister1.com

First seen 2025-11-06 01:26
Last seen 2026-01-02 21:26
Open for 57 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33541b8531fe2de114dc724d06dba1ce6c28a1342

GraphQL introspection enabled at /graphql
Types: 282 (by kind: ENUM: 29, INPUT_OBJECT: 101, INTERFACE: 4, OBJECT: 141, SCALAR: 7)
Operations:
- Query: Query | fields: account, orderableProducts, smtpConfigTemplates, viewer, workAccounts
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, openingHourUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 21:26

306.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa324cdecb9b7011ddb6ffde35650105b30f0a7d860

GraphQL introspection enabled at /graphql
Types: 276 (by kind: ENUM: 29, INPUT_OBJECT: 97, INTERFACE: 4, OBJECT: 139, SCALAR: 7)
Operations:
- Query: Query | fields: account, orderableProducts, smtpConfigTemplates, viewer, workAccounts
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, openingHourUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-01 07:29

298.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa369c36065dd47fde723f2fd4ad0c8112467af7e84

GraphQL introspection enabled at /graphql
Types: 270 (by kind: ENUM: 28, INPUT_OBJECT: 94, INTERFACE: 3, OBJECT: 138, SCALAR: 7)
Operations:
- Query: Query | fields: account, orderableProducts, smtpConfigTemplates, viewer, workAccounts
- Mutation: Mutation | fields: account, accountAddressUpdate, accountRegister, openingHourUpdate, userUpdate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-06 01:26

292.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.menu.bigmammagroup.com
Port: 80
URL: http://api.menu.bigmammagroup.com

First seen 2025-11-23 01:11
Last seen 2026-01-02 21:13
Open for 40 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e10f8824569683a81ef3ffe5e73132a3ebae3f0f

GraphQL introspection enabled at /graphql
Types: 138 (by kind: ENUM: 6, INPUT_OBJECT: 39, OBJECT: 79, SCALAR: 11, UNION: 3)
Operations:
- Query: Query | fields: getAllProductsByMenu, getAvailableCategories, i18NLocale, uploadFile, uploadFiles
- Mutation: Mutation | fields: createUploadFile, deleteUploadFile, hideProduct, updateProductAvailablity, updateUploadFile
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 21:13

251.4 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: mandate.o3cards.com
Port: 443
URL: https://mandate.o3cards.com

First seen 2025-10-18 17:47
Last seen 2026-01-02 21:10
Open for 76 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d61428fa16245259c6de5c78ad766d5a6382c8c673
```
GraphQL introspection enabled at /api/graphql
Types: 86 (by kind: ENUM: 2, INPUT_OBJECT: 4, OBJECT: 75, SCALAR: 5)
Operations:
- Query: Query | fields: findOrg, getConfig, getOperationDate, getOrgs, getTransac
- Mutation: Mutation | fields: createAccount, createIcadAccountCif, createOrg, createTransac, updateOrg
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 21:10
  
  158.7 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-10-18 17:47
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: new.duocards.com
Port: 80
URL: http://new.duocards.com

First seen 2025-10-17 00:31
Last seen 2026-01-02 20:48
Open for 77 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3604b202c00d8793009843ffcebc244e91a4677bd

GraphQL introspection enabled at /graphql
Types: 107 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 78, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 20:48

170.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa353df1b225d341c72a9f6110ebfa9c6876c7f05bb

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 77, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-14 11:34

166.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: myrstacken.park46.se
Port: 443
URL: https://myrstacken.park46.se

First seen 2025-11-11 00:37
Last seen 2026-01-02 20:43
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 20:43
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: rails.prod.sonisto.com
Port: 443
URL: https://rails.prod.sonisto.com

First seen 2025-11-22 04:04
Last seen 2026-01-02 20:43
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6d52dd05934867b3b3a07f9bb1971318b1d8566e3
```
GraphQL introspection enabled at /api/graphql
Types: 77 (by kind: ENUM: 6, INPUT_OBJECT: 16, OBJECT: 49, SCALAR: 6)
Operations:
- Query: Query | fields: allCategories, allCurrentPromotions, allOrganizations, cart, category
- Mutation: Mutation | fields: acceptForcedTrial, addToCart, changePassword, createDownload, createFinalOrder
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 20:43
  
  108.6 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.techniquemoto.fr
Port: 443
URL: https://www.techniquemoto.fr

First seen 2025-06-07 01:15
Last seen 2026-01-02 20:42
Open for 209 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 20:42
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: admin.youcare.app
Port: 443
URL: https://admin.youcare.app

First seen 2025-12-09 00:12
Last seen 2026-01-02 20:35
Open for 24 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b6fdd1eea760b11ef9c5b992638fb25cf34122ac

GraphQL introspection enabled at /graphql
Types: 376 (by kind: ENUM: 16, INPUT_OBJECT: 138, OBJECT: 185, SCALAR: 23, UNION: 14)
Operations:
- Query: Query | fields: i18NLocale, i18NLocales_connection, uploadFile, uploadFiles, uploadFiles_connection
- Mutation: Mutation | fields: createReviewWorkflowsWorkflow, createReviewWorkflowsWorkflowStage, deleteReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflow, updateReviewWorkflowsWorkflowStage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 20:35

641.2 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: demo.park46.se
Port: 443
URL: https://demo.park46.se

First seen 2025-11-12 01:03
Last seen 2026-01-02 20:35
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 20:35
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: cms.global-ukraine.com
Port: 443
URL: https://cms.global-ukraine.com

First seen 2025-12-09 01:31
Last seen 2026-01-02 20:35
Open for 24 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa399037156b834bc86629c71e4086a5c64fb4961dd

GraphQL introspection enabled at /graphql
Types: 53 (by kind: ENUM: 3, INPUT_OBJECT: 12, OBJECT: 29, SCALAR: 9)
Operations:
- Query: Query | fields: article, article_aggregated, article_by_id, article_by_version, diaspora
- Mutation: Mutation | fields: create_african_campus_application_item, create_african_campus_application_items, create_subscribers_emails_item, create_subscribers_emails_items
- Subscription: Subscription | fields: article_mutated, diaspora_mutated, directus_files_mutated, languages_mutated
Directives: deprecated, include, skip (total: 3)

Readable stores: 0

Found on 2026-01-02 20:35

86.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: backend.holz-reimann.de
Port: 443
URL: https://backend.holz-reimann.de

First seen 2025-10-22 10:24
Last seen 2026-01-02 20:31
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34f358e3a87bf826ad172aed7f840017a9a01b446

GraphQL introspection enabled at /graphql
Types: 140 (by kind: ENUM: 22, INPUT_OBJECT: 2, INTERFACE: 1, OBJECT: 104, SCALAR: 11)
Operations:
- Query: Query | fields: logLengths, qualityTypes, routes, supplier, timbers
- Mutation: Mutation | fields: checkIn, checkOut, deleteTimesheet, editTimesheet, tokenAuth
Directives: include, skip (total: 2)

Found on 2026-01-02 20:31

273.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-13 17:02

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3948ed0ff3a10ddcd39966034c89474c77c5513eb

GraphQL introspection enabled at /graphql
Types: 139 (by kind: ENUM: 22, INPUT_OBJECT: 2, INTERFACE: 1, OBJECT: 103, SCALAR: 11)
Operations:
- Query: Query | fields: logLengths, qualityTypes, routes, supplier, timbers
- Mutation: Mutation | fields: checkIn, checkOut, deleteTimesheet, editTimesheet, tokenAuth
Directives: include, skip (total: 2)

Found on 2025-12-01 12:49

272.1 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: beraten-aus-daten.de
Port: 80
URL: http://beraten-aus-daten.de

First seen 2025-10-20 00:57
Last seen 2026-01-02 20:18
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34ece4d900a61065440eb28769c198e530ebac5bf

GraphQL introspection enabled at /graphql
Types: 18 (by kind: ENUM: 2, OBJECT: 11, SCALAR: 5)
Operations:
- Query: Query | fields: sdpReportStatistics, sdpReports
- Mutation: Mutation | fields: addAppUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2026-01-02 20:18

24.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34ece4d900a61065440eb28769c198e530db0f47b

GraphQL introspection enabled at /graphql
Types: 18 (by kind: ENUM: 2, OBJECT: 11, SCALAR: 5)
Operations:
- Query: Query | fields: sdpReportStatistics, sdpReports
- Mutation: Mutation | fields: addAppUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-20 04:55

24.7 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: uppvidingehus.park46.se
Port: 443
URL: https://uppvidingehus.park46.se

First seen 2025-12-08 01:09
Last seen 2026-01-02 19:44
Open for 25 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 19:44
  
  23.1 kBytes
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: my.move-o.com
Port: 443
URL: https://my.move-o.com

First seen 2025-12-03 20:27
Last seen 2026-01-02 19:29
Open for 29 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57adf0e4e169b733daecc97d54f7c87926e

Found 19 files trough .DS_Store spidering:

/assets
/assets/assets
/assets/assets/images
/assets/assets/images/icons
/assets/assets/images/round
/assets/assets/js
/assets/assets/translations
/assets/fonts
/assets/packages
/assets/packages/cupertino_icons
/assets/packages/flutter_inappwebview
/assets/packages/flutter_inappwebview_web
/assets/packages/iconsax_flutter
/assets/packages/iconsax_flutter/fonts
/assets/packages/timezone
/assets/packages/wakelock_plus
/assets/shaders
/canvaskit
/icons

Found on 2026-01-02 19:29

Severity: low
Fingerprint: 5f32cf5d6962f09c39aac35b39aac35bf639e88d2aab61ad7914d6680f920eb1

Found 14 files trough .DS_Store spidering:

/assets
/assets/assets
/assets/fonts
/assets/packages
/assets/packages/cupertino_icons
/assets/packages/flutter_inappwebview
/assets/packages/flutter_inappwebview_web
/assets/packages/iconsax_flutter
/assets/packages/iconsax_flutter/fonts
/assets/packages/timezone
/assets/packages/wakelock_plus
/assets/shaders
/canvaskit
/icons

Found on 2025-12-03 20:27

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: cms.catalog.lear.com
Port: 443
URL: https://cms.catalog.lear.com

First seen 2025-10-24 00:33
Last seen 2026-01-02 19:18
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3504c44323ea81bc2b05a8cbf158e5de32319904f

GraphQL introspection enabled at /graphql
Types: 468 (by kind: ENUM: 14, INPUT_OBJECT: 137, OBJECT: 302, SCALAR: 11, UNION: 4)
Operations:
- Query: Query | fields: menusMenu, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 19:18

623.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: content.muenchner-freiheit.de
Port: 80
URL: http://content.muenchner-freiheit.de

First seen 2025-10-29 06:13
Last seen 2026-01-02 19:11
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1959fcb93

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-12-30T10:49:30.817Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2026-01-02 19:11

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b186129fa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-27 05:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1995723af

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-21 01:48

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1e6f8fde7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-12-19 05:02

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1cc966ea7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-12-17 02:18

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1f17be25b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-13 17:19

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b168e2efa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-12-10 22:05

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b123b50381

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1327d55dd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1453d64d3

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-30 16:53

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1034d14cd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-28 13:16

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b115e1536f

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-22 14:31

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1321bac77

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-20 16:46

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1f13c198f

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-16 07:17

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b17a879755

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-12 06:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180c75764

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-10 06:36

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b12dc3d2de

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-08 04:27

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1de647432

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-06 11:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1bccfc226

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-04 05:42

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1263755c8

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-02 10:32

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180916aa4

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1d758e830

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b16c7d2ace

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b17073818a

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.carte-des-pharmacies.com
Port: 80
URL: http://www.carte-des-pharmacies.com

First seen 2025-11-22 02:34
Last seen 2026-01-02 18:53
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36b59a51ebcb9400e22c2226c6543609eb7aa17ee
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, OBJECT: 12, SCALAR: 5)
Operations:
- Query: Query | fields: pharmacies, pharmaciesAround, pharmacy
- Mutation: Mutation | fields: testField
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 18:53
  
  24.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.lacinetek.com
Port: 443
URL: https://api.lacinetek.com

First seen 2025-11-11 01:26
Last seen 2026-01-02 18:52
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b5e77ae85ec5204cc303eccfd129ed7391c25933

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 2, INPUT_OBJECT: 9, OBJECT: 58, SCALAR: 7)
Operations:
- Query: Query | fields: mainCategories, me, pages, prehome, users
- Mutation: Mutation | fields: category, content, cover, login, page
- Subscription: Subscription | fields: festival, id, key, subscriptionId
Directives: adminKinow, authenticated, authenticatedKinow, authenticatedKinowOrAnonymous, deprecated, include, skip (total: 7)

Found on 2026-01-02 18:52

93.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33107111e4a3c640e9432716d39bd029919248d75

GraphQL introspection enabled at /graphql
Types: 73 (by kind: ENUM: 2, INPUT_OBJECT: 7, OBJECT: 57, SCALAR: 7)
Operations:
- Query: Query | fields: mainCategories, me, pages, prehome, users
- Mutation: Mutation | fields: category, content, cover, login, page
- Subscription: Subscription | fields: festival, id, key, subscriptionId
Directives: adminKinow, authenticated, authenticatedKinow, authenticatedKinowOrAnonymous, deprecated, include, skip (total: 7)

Found on 2025-12-20 19:14

88.5 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: vasakronan.park46.se
Port: 443
URL: https://vasakronan.park46.se

First seen 2025-11-17 01:06
Last seen 2026-01-02 18:12
Open for 46 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:12
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brflillsjon.cpms46.se
Port: 443
URL: https://brflillsjon.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 18:08
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:08
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: kokillbacken-kv5.cpms46.se
Port: 443
URL: https://kokillbacken-kv5.cpms46.se

First seen 2025-12-03 10:25
Last seen 2026-01-02 18:07
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 18:07
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: th-apac.smile-view.com
Port: 80
URL: http://th-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 18:05
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f012485b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 18:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751da7809af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 23:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 18:36

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 20:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c4ea55cf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 23:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b8f77893

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 22:14

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775107cb2291

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-16 20:12

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751407da9d5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 07:08

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519b570aa9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-11 09:18

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513c6cf323

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512e06ad15

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515c640d17

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-28 13:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775115320aff

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 15:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775126b21ecb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-20 14:15

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2f08f27d7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:37

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e27647fea7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e23818e5b3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.far.app
Port: 80
URL: http://api.far.app

First seen 2025-11-08 00:12
Last seen 2026-01-02 17:58
Open for 55 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa312e60a1c5c5ae52099d425226724fe47ed1d6066

GraphQL introspection enabled at /graphql
Types: 448 (by kind: ENUM: 3, INPUT_OBJECT: 134, INTERFACE: 1, OBJECT: 304, SCALAR: 6)
Operations:
- Query: Query | fields: activePlayer, activePlayers, node, teamLeagueSearchDto, teamLeagueSearchDtos
- Mutation: Mutation | fields: createTeamLeagueSearchDto, deleteActivePlayer, deleteTeamLeagueSearchDto, updateActivePlayer, updateTeamLeagueSearchDto
- Subscription: Subscription | fields: updateEventNotificationSubscribe, updateGameSubscribe
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 17:58

581.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b953523948a96a5b7e19ee23e8767b061866898b

GraphQL introspection enabled at /graphql
Types: 428 (by kind: ENUM: 3, INPUT_OBJECT: 128, INTERFACE: 1, OBJECT: 290, SCALAR: 6)
Operations:
- Query: Query | fields: activePlayer, activePlayers, node, teamLeagueSearchDto, teamLeagueSearchDtos
- Mutation: Mutation | fields: createTeamLeagueSearchDto, deleteActivePlayer, deleteTeamLeagueSearchDto, updateActivePlayer, updateTeamLeagueSearchDto
- Subscription: Subscription | fields: updateEventNotificationSubscribe, updateGameSubscribe
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-16 08:12

555.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: au-apac.smile-view.com
Port: 80
URL: http://au-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 17:48
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775144ed6943

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 17:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751860630e3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 20:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519c5d7b7f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 21:45

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b95149f7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 03:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775145338651

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 03:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 23:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 19:47

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775162985919

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-13 11:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513d810e9f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775175589607

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a356f487

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775105e6dc39

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 20:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c18765b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 15:11

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751760dab47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 18:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775165621323

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:51

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751db9c2a3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-21 10:24

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2da7af5e7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : skip=0 total=0 limit=100
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : total=34 limit=100 skip=0
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-18 06:21

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2e54fd451

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-16 21:33

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e253367f3b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e251b4a6b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : skip=0 total=0 limit=100
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25885a5d3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : total=3 limit=100 skip=0
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: techeir.shiftstrack.com
Port: 443
URL: https://techeir.shiftstrack.com

First seen 2025-08-16 13:47
Last seen 2026-01-02 17:47
Open for 139 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94de5b8bfb995b8bfb995b8bfb99
```
Found 2 files trough .DS_Store spidering:

/assets
/packs
```
  Found on 2026-01-02 17:47
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: cms.rneventteknik.se
Port: 443
URL: https://cms.rneventteknik.se

First seen 2025-10-21 10:55
Last seen 2026-01-02 17:47
Open for 73 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d66eede3f16ecdb17300838c4158f24dc4dbceb3e4
```
GraphQL introspection enabled at /api/graphql
Types: 891 (by kind: ENUM: 12, INPUT_OBJECT: 171, OBJECT: 698, SCALAR: 8, UNION: 2)
Operations:
- Query: Query | fields: User, Users, countUsers, docAccessUser, meUser
- Mutation: Mutation | fields: createUser, deleteUser, logoutUser, refreshTokenUser, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 17:47
  
  624.2 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: translation.oculera.site
Port: 443
URL: https://translation.oculera.site

First seen 2025-10-19 03:42
Last seen 2026-01-02 17:29
Open for 75 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b235d214d0dda8d8b01bdf0b0dcd4b4a32a36f8b

GraphQL introspection enabled at /graphql
Types: 94 (by kind: ENUM: 12, INPUT_OBJECT: 3, INTERFACE: 2, OBJECT: 72, SCALAR: 5)
Operations:
- Query: RootQueryType | fields: application, authenticationProviders, documentFormats, languages, roles
- Mutation: RootMutationType | fields: correctAllRevision, correctTranslation, createApiToken, createCollaborator, createComment
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 1
application (args: none) : version=1.25.1

Found on 2026-01-02 17:29

123.4 kBytes 1 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: content.muenchner-freiheit.de
Port: 443
URL: https://content.muenchner-freiheit.de

First seen 2025-10-29 06:13
Last seen 2026-01-02 17:13
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b13c44504d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-12-30T10:49:30.817Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2026-01-02 17:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1b04ea211

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-26 21:35

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b10a732e3d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-24 23:18

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1beb9f9ff

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-23 01:43

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b123b50381

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-20 14:49

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1327d55dd

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-18 16:21

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b167cd6b0b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-12-13 02:46

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b186129fa5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 15:12

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1b83f7e17

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b176dfb18b

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b15ecc9cf9

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-12-01 00:28

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b11d32050d

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-29 02:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1cc966ea7

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-22 20:37

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b11b0afd81

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z id=1
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z

Found on 2025-11-20 22:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b135731bb5

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-16 10:09

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1453d64d3

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-11-10T13:44:06.651Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-12 06:14

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b180c75764

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-10 06:36

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1d758e830

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : id=1 created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z

Found on 2025-11-08 04:27

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b147921c8a

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-11-04 05:42

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b1263755c8

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-02 10:32

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19eb96636

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-11-01 04:44

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b12116d430

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b120239506

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : id=1 created_at=2022-10-05T06:19:20.324Z updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z
footer (args: optional/default) : updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z
header (args: optional/default) : updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1 created_at=2022-05-27T15:22:59.974Z

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19104d47c

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH published_at=2022-05-27T15:07:39.973Z
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330a92d1bd1f61c59aa6d4bec6a4b31b19e090134

GraphQL introspection enabled at /graphql
Types: 510 (by kind: ENUM: 10, INPUT_OBJECT: 171, OBJECT: 315, SCALAR: 12, UNION: 2)
Operations:
- Query: Query | fields: allergen, allergens, allergensConnection, cafe, cafes
- Mutation: Mutation | fields: createAllergen, createCafe, deleteAllergen, updateAllergen, updateCafe
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 3
categoryOrder (args: optional/default) : updated_at=2025-03-10T10:31:55.731Z published_at=2022-10-05T06:19:24.129Z id=1 created_at=2022-10-05T06:19:20.324Z
footer (args: optional/default) : published_at=2022-05-27T15:07:39.973Z id=1 created_at=2022-05-27T15:07:18.268Z updated_at=2025-01-04T07:55:46.795Z copyright=Copyright © Münchner Freiheit Eisenrieder GmbH
header (args: optional/default) : created_at=2022-05-27T15:22:59.974Z updated_at=2022-05-27T16:49:18.113Z published_at=2022-05-27T16:39:38.437Z id=1

Found on 2025-10-29 06:13

461.6 kBytes 13 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: kdfparkering.park46.se
Port: 443
URL: https://kdfparkering.park46.se

First seen 2025-10-19 00:19
Last seen 2026-01-02 17:08
Open for 75 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 17:08
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.asapdevlab.com
Port: 443
URL: https://api.asapdevlab.com

First seen 2025-10-24 00:52
Last seen 2026-01-02 16:47
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
Found on 2026-01-02 16:47

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d662fa7cdc7992206000b6e4fedb30877b34f3f063

GraphQL introspection enabled at /api/graphql
Types: 766 (by kind: ENUM: 42, INPUT_OBJECT: 582, OBJECT: 131, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-30 20:19

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d64e72dbecf5c82170347f380e0775264b77300533

GraphQL introspection enabled at /api/graphql
Types: 765 (by kind: ENUM: 42, INPUT_OBJECT: 581, OBJECT: 131, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-16 22:51

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6abc3079984df16fbe6313da7b5b7b12c9cc49062

GraphQL introspection enabled at /api/graphql
Types: 762 (by kind: ENUM: 42, INPUT_OBJECT: 580, OBJECT: 129, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-10 18:50

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6f5d90a751f3661777f65e9db7826f4b895dc28de

GraphQL introspection enabled at /api/graphql
Types: 676 (by kind: ENUM: 33, INPUT_OBJECT: 512, OBJECT: 120, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-10-28 06:50

1.3 MBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.castello.is
Port: 443
URL: https://api.castello.is

First seen 2025-11-13 04:23
Last seen 2026-01-02 16:43
Open for 50 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa30080bac2bb172bd2a03acbea7b2404e0b11bebf8

GraphQL introspection enabled at /graphql
Types: 157 (by kind: ENUM: 2, INPUT_OBJECT: 41, OBJECT: 110, SCALAR: 4)
Operations:
- Query: RootQueryType | fields: adminIndexBranches, adminIndexEmployees, adminIndexToppings, adminSingleBranch, adminSingleEmployee
- Mutation: Mutation | fields: adminCreateEmployee, adminDeleteEmployee, adminGenerateSignature, adminUpdateEmployee, adminUpdateUser
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 16:43

189.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: th-apac.smile-view.com
Port: 443
URL: https://th-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 16:27
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c6d9bb31

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2026-01-02 16:27

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e0a66559

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-30 14:41

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516a8daced

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 13:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377510154fc39

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-25 07:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751233616bb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 09:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d1d8be61

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-21 09:30

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a005f4fd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-19 10:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751415efaef

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-17 01:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516e7df099

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-12 22:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a416a011

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-11 05:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751386a6a2d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751828b9dcf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 14:54

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751544b7517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511549a7d9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775128fec145

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f9d4dd7d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:15

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775132f854fb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 14:10

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513132d4cb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-22 15:46

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775191f64f31

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-20 14:15

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2e33cf079

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:37

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e29c2d1b1b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e267790285

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e220f16517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e28cbd65af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.leasingberegner.com
Port: 443
URL: https://api.leasingberegner.com

First seen 2025-10-31 00:59
Last seen 2026-01-02 16:18
Open for 63 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39fe05c1b5f1181593f8150e32795df9ff72fc9cb
```
GraphQL introspection enabled at /graphql
Types: 31 (by kind: ENUM: 2, OBJECT: 24, SCALAR: 5)
Operations:
- Query: Query | fields: brand, company, me
- Mutation: Mutation | fields: activateUser, changePassword, createOffer, createToken, refreshToken
Directives: deprecated, include, skip (total: 3)

Readable stores: 0
```
  Found on 2026-01-02 16:18
  
  38.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: vasakronanparkando.park46.se
Port: 443
URL: https://vasakronanparkando.park46.se

First seen 2025-10-21 01:01
Last seen 2026-01-02 15:22
Open for 73 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:22
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.lasostenibilitaconta.it
Port: 443
URL: https://www.lasostenibilitaconta.it

First seen 2025-10-22 00:35
Last seen 2026-01-02 15:10
Open for 72 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c89640614e3a46a3456c2d30dd3769f7aef13d4b
```
GraphQL introspection enabled at /graphql
Types: 22 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 13, SCALAR: 6)
Operations:
- Query: Query | fields: getAuthLvl, getCompanies, getConsts, getLook, getProcesses
- Mutation: Mutation | fields: addCompany, addProcess, createUser, editCompany, removeCompany
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 15:10
  
  32.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: ekman.park46.se
Port: 443
URL: https://ekman.park46.se

First seen 2025-10-17 00:21
Last seen 2026-01-02 15:05
Open for 77 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 15:05
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.smartroute.io
Port: 80
URL: http://www.smartroute.io

First seen 2025-11-22 00:04
Last seen 2026-01-02 14:56
Open for 41 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa363034660c6076ae4ff1c06dd195a0af7cf7fc8c7
```
GraphQL introspection enabled at /graphql
Types: 19 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 10, SCALAR: 6)
Operations:
- Query: Query | fields: vehicleByImei
- Mutation: Mutation | fields: createTracker
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 14:56
  
  22.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: gnestahem.park46.se
Port: 443
URL: https://gnestahem.park46.se

First seen 2025-12-07 01:04
Last seen 2026-01-02 14:47
Open for 26 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 14:47
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.portal.citygames.de
Port: 80
URL: http://api.portal.citygames.de

First seen 2025-11-11 03:46
Last seen 2026-01-02 14:39
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3d9181c39a346585bfbe2b3f59676f8159676f815
```
GraphQL introspection enabled at /graphql
Types: 12 (by kind: ENUM: 2, OBJECT: 7, SCALAR: 3)
Operations:
- Query: Query | fields: _empty
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 14:39
  
  17.0 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: get.duocards.com
Port: 443
URL: https://get.duocards.com

First seen 2025-11-01 06:48
Last seen 2026-01-02 14:37
Open for 62 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3604b202c00d8793009843ffcebc244e91a4677bd

GraphQL introspection enabled at /graphql
Types: 107 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 78, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 14:37

170.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa353df1b225d341c72a9f6110ebfa9c6876c7f05bb

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 15, INPUT_OBJECT: 7, INTERFACE: 1, OBJECT: 77, SCALAR: 6)
Operations:
- Query: Query | fields: public, translate, translateBulk, userByName, viewer
- Mutation: Mutation | fields: login, loginAs, loginGuest, oauth, register
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-16 09:56

166.3 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.irondesign.co.za
Port: 80
URL: http://www.irondesign.co.za

First seen 2025-02-26 09:24
Last seen 2026-01-02 14:15
Open for 310 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94ded69a3fbed69a3fbed69a3fbe
```
Found 2 files trough .DS_Store spidering:

/assets
/assets/theme2
```
  Found on 2026-01-02 14:15
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.lacinetek.com
Port: 80
URL: http://api.lacinetek.com

First seen 2025-11-11 01:26
Last seen 2026-01-02 14:08
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b5e77ae85ec5204cc303eccfd129ed7391c25933

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 2, INPUT_OBJECT: 9, OBJECT: 58, SCALAR: 7)
Operations:
- Query: Query | fields: mainCategories, me, pages, prehome, users
- Mutation: Mutation | fields: category, content, cover, login, page
- Subscription: Subscription | fields: festival, id, key, subscriptionId
Directives: adminKinow, authenticated, authenticatedKinow, authenticatedKinowOrAnonymous, deprecated, include, skip (total: 7)

Found on 2026-01-02 14:08

93.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33107111e4a3c640e9432716d39bd029919248d75

GraphQL introspection enabled at /graphql
Types: 73 (by kind: ENUM: 2, INPUT_OBJECT: 7, OBJECT: 57, SCALAR: 7)
Operations:
- Query: Query | fields: mainCategories, me, pages, prehome, users
- Mutation: Mutation | fields: category, content, cover, login, page
- Subscription: Subscription | fields: festival, id, key, subscriptionId
Directives: adminKinow, authenticated, authenticatedKinow, authenticatedKinowOrAnonymous, deprecated, include, skip (total: 7)

Found on 2025-12-22 11:55

88.5 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: infoticker.ch
Port: 443
URL: https://infoticker.ch

First seen 2025-11-08 00:23
Last seen 2026-01-02 14:00
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 14:00
  
  49.4 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-27 06:44
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: comgy-testing.club
Port: 443
URL: https://comgy-testing.club

First seen 2025-11-10 14:42
Last seen 2026-01-02 13:49
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 13:49

123.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: admin.reportsecurely.com
Port: 443
URL: https://admin.reportsecurely.com

First seen 2025-11-28 09:04
Last seen 2026-01-02 13:49
Open for 35 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3924ef5a2969d8ff2194f58348cd805a549d7e8fe

GraphQL introspection enabled at /graphql
Types: 408 (by kind: ENUM: 44, INPUT_OBJECT: 170, INTERFACE: 1, OBJECT: 187, SCALAR: 6)
Operations:
- Query: Query | fields: checkSlug, companies, company, crcPurposes, creditBundles
- Mutation: Mutation | fields: addAccountMember, addTfaPhoneNumber, archiveCheckLists, archiveDocuments, archivePeople
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 10
crcPurposes (args: optional/default) : total=0
creditBundles (args: optional/default) : total=4
creditTransactions (args: optional/default) : total=0
departments (args: optional/default) : total=0
documents (args: optional/default) : total=0
members (args: optional/default) : total=0
paymentMethods (args: optional/default) : total=0
people (args: optional/default) : total=0
phoneNumbers (args: optional/default) : total=0
products (args: optional/default) : total=0

Found on 2026-01-02 13:49

453.1 kBytes 10 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: shop.voetbalstages.be
Port: 443
URL: https://shop.voetbalstages.be

First seen 2025-11-11 00:36
Last seen 2026-01-02 13:31
Open for 52 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661348bf39b88

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7441
_allStudentsMeta (args: optional/default) : count=6604
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=120

Found on 2026-01-02 13:31

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b66134620bc21f

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7439
_allStudentsMeta (args: optional/default) : count=6602
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-12-26 17:29

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661345f78cb89

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7438
_allStudentsMeta (args: optional/default) : count=6601
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-12-24 17:49

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661349331cfe0

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7433
_allStudentsMeta (args: optional/default) : count=6597
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-12-20 23:20

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b66134192385c5

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7432
_allStudentsMeta (args: optional/default) : count=6597
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-12-16 23:43

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661340b4eb575

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7431
_allStudentsMeta (args: optional/default) : count=6594
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-12-12 22:29

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661347d2522e3

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7427
_allStudentsMeta (args: optional/default) : count=6593
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-11-30 22:40

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b6613406871807

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7426
_allStudentsMeta (args: optional/default) : count=6592
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-11-26 19:55

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661343a552982

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7424
_allStudentsMeta (args: optional/default) : count=6591
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-11-23 02:38

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b6613409b4aa39

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7423
_allStudentsMeta (args: optional/default) : count=6591
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-11-21 07:41

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b661344b0dff85

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7421
_allStudentsMeta (args: optional/default) : count=6588
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-11-18 08:30

81.5 kBytes 4 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa387b2c129e46c798bba32abab27b66134ecdb4c86

GraphQL introspection enabled at /graphql
Types: 47 (by kind: ENUM: 6, INPUT_OBJECT: 10, OBJECT: 24, SCALAR: 7)
Operations:
- Query: Query | fields: User, _, _allUsersMeta, allUsers, currentUser
- Mutation: Mutation | fields: _, createStudent, updateCurrentUser, updateStudent, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 4
_allUsersMeta (args: optional/default) : count=7417
_allStudentsMeta (args: optional/default) : count=6584
_allLocationsMeta (args: optional/default) : count=3
_allCampsMeta (args: optional/default) : count=111

Found on 2025-11-14 19:44

81.5 kBytes 4 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: au-apac.smile-view.com
Port: 443
URL: https://au-apac.smile-view.com

First seen 2025-11-15 02:20
Last seen 2026-01-02 13:09
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511b4e4377

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 13:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751760dab47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 18:58

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751453b7333

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-25 01:38

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512c7fdc51

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 16:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751201a4a95

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 18:40

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514eaf432f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 06:41

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751db2f8065

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 06:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377512dd51ca7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519f692aa9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-12 11:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775155c7a92d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775159d666c5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 14:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515a9b7a9f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516cd48f7f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-02 06:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775128767491

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751acdaa877

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:16

981.0 kBytes 30 rows

Severity: medium
Fingerprint: c2db3a1c40d490dbaf340e11af340e11af340e11af340e11af340e11af340e11
```
GraphQL introspection enabled at /api/gql
```
Found on 2025-12-01 04:16

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d9cba587

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-30 20:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 15:11

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519f82d4e1

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-26 18:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:51

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751f628c2ad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-21 10:24

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e23a68196b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : total=3 limit=100 skip=0
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-18 06:21

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2f5128399

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 21:33

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2d1c85db3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e20aff96eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e27108de7b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b2ede85f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:20

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: api.dev.loop-aero.com
Port: 443
URL: https://api.dev.loop-aero.com

First seen 2025-12-01 00:59
Last seen 2026-01-02 13:07
Open for 32 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 13:07
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3af54412400a716a8db0d566e819396dbd8e14373
```
GraphQL introspection enabled at /graphql
Types: 1160 (by kind: ENUM: 25, INPUT_OBJECT: 954, OBJECT: 175, SCALAR: 6)
Operations:
- Query: Query | fields: airlineCompanies, airlineCompany, airlineStaff, airlineStaffs, airport
- Mutation: Mutation | fields: acknowledgeNotification, createFlight, createUserComment, createUserSearch, deleteUserComment
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-01 00:59
  
  1.7 MBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: lookups-api.ayamedica.com
Port: 80
URL: http://lookups-api.ayamedica.com

First seen 2025-10-19 22:21
Last seen 2026-01-02 12:37
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203d01296

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 12:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22e47b134

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 18:30

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2772c7ed6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 16:04

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27834748c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 20:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23b1593d4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec209fadd96

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21eea699a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a5a9d2c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:31

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec251fb6dce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-20 19:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 15:14

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec253e015b4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-16 12:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22cd7cff6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-14 05:15

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fc56e7a4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-12 18:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec277395a5e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-30 13:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26a23a37a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-28 12:49

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2750cafdc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-26 19:30

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2374976c8

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-24 14:33

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25f8bc5a6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-22 12:35

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db01bd1a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-20 13:58

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2aa81f690

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-16 07:00

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eccd148a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 06:45

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2514c01aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-12 14:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec27236ebaa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-10 14:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec203d8f790

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 12:56

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-06 21:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e82052a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-04 19:29

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2686bfabe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 02:57

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec257acf1f4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2cd3c56e0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-02 09:26

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2efe7e250

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-01 21:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e065d30a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 17:17

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28c4320ce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2515c0f76

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec24eaf1170

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e4c25c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 18:08

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2361210a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-26 11:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25fb8f51e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-24 10:25

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f4d9aa58

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-22 11:41

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20849f93a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20f604baa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec214598374

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ae854e78

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-19 22:21

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: vehobil.cpms46.se
Port: 443
URL: https://vehobil.cpms46.se

First seen 2025-12-03 10:23
Last seen 2026-01-02 12:37
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:37
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brfgraberget.cpms46.se
Port: 443
URL: https://brfgraberget.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 12:28
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:28
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: eishockeyticker.ch
Port: 443
URL: https://eishockeyticker.ch

First seen 2025-11-08 00:02
Last seen 2026-01-02 12:15
Open for 55 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 12:15
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: xn--byensngle-q8a.crowdfundinghub.dk
Port: 443
URL: https://xn--byensngle-q8a.crowdfundinghub.dk

First seen 2025-12-13 00:12
Last seen 2026-01-02 12:13
Open for 20 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 12:13
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.innogate.fi
Port: 443
URL: https://www.innogate.fi

First seen 2025-04-24 10:20
Last seen 2026-01-02 12:08
Open for 253 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2026-01-02 12:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: itbizz.shiftstrack.com
Port: 443
URL: https://itbizz.shiftstrack.com

First seen 2025-08-16 13:54
Last seen 2026-01-02 11:57
Open for 138 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94de5b8bfb995b8bfb995b8bfb99
```
Found 2 files trough .DS_Store spidering:

/assets
/packs
```
  Found on 2026-01-02 11:57
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.airsideinsurance4u.co.uk
Port: 443
URL: https://www.airsideinsurance4u.co.uk

First seen 2025-05-21 14:01
Last seen 2026-01-02 11:56
Open for 225 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642f079f9265f554ed45f554ed45f554ed4
```
Found 2 files trough .DS_Store spidering:

/favicon.ico
/robots.txt
```
  Found on 2026-01-02 11:56
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: docs.mavenmule.com
Port: 80
URL: http://docs.mavenmule.com

First seen 2025-11-08 00:52
Last seen 2026-01-02 11:52
Open for 55 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31ac6de87e8a5d535f7f8046b56dfed4c602b84ec

GraphQL introspection enabled at /graphql
Types: 133 (by kind: ENUM: 10, INPUT_OBJECT: 12, OBJECT: 106, SCALAR: 5)
Operations:
- Query: Query | fields: analytics, assets, authentication, comments, contribute
- Mutation: Mutation | fields: analytics, assets, authentication, comments, groups
- Subscription: Subscription | fields: loggingLiveTrail
Directives: auth, cacheControl, deprecated, include, rateLimit, skip, specifiedBy (total: 7)

Found on 2026-01-02 11:52

186.4 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: app.postexpress.io
Port: 80
URL: http://app.postexpress.io

First seen 2025-10-13 10:26
Last seen 2026-01-02 11:49
Open for 81 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8ef0d5608ef0d5608ef0d5608ef0d560
```
Found 1 files trough .DS_Store spidering:

/favicon
```
  Found on 2026-01-02 11:49
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.mabelhumer.es
Port: 443
URL: https://www.mabelhumer.es

First seen 2022-11-21 17:36
Last seen 2026-01-02 11:40
Open for 1137 days

Severity: medium
Fingerprint: 5f32cf5d6962f09cacbf01a6acbf01a67fbba4220effc0c6f0b7511e5d77f984

Found 118 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/components/bootstrap
/components/bootstrap/badges.html
/components/bootstrap/buttons.html
/components/bootstrap/cards.html
/components/bootstrap/forms.html
/components/bootstrap/navbar.html
/components/bootstrap/scrollspy.html
/components/bootstrap/sizing.html
/components/bootstrap/tables.html
/components/bootstrap/tabs.html
/components/bootstrap/tooltips.html
/components/sparrow
/components/sparrow/accordion.html
/components/sparrow/backgrounds.html
/components/sparrow/borders.html
/components/sparrow/carousel.html
/components/sparrow/colors.html
/components/sparrow/countdown.html
/components/sparrow/countup.html
/components/sparrow/fancybox.html
/components/sparrow/fancynav.html
/components/sparrow/fancyscroll.html
/components/sparrow/fancytabs.html
/components/sparrow/filter.html
/components/sparrow/forms.html
/components/sparrow/googlemap.html
/components/sparrow/icons.html
/components/sparrow/inline-player.html
/components/sparrow/lightbox.html
/components/sparrow/masonry.html
/components/sparrow/modals.html
/components/sparrow/parallax.html
/components/sparrow/progressbar.html
/components/sparrow/scroll-to.html
/components/sparrow/spacing.html
/components/sparrow/typed-text.html
/components/sparrow/typography.html
/components/sparrow/zanimation.html
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2026-01-02 11:40

Severity: medium
Fingerprint: 5f32cf5d6962f09c5a2cc21a5a2cc21a447b07b68ad095928649f2fa6401bbd4

Found 82 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/components/bootstrap
/components/sparrow
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-11-23 13:24

Severity: medium
Fingerprint: 5f32cf5d6962f09c6731298567312985269f719362d8711dab2702fbf645b934

Found 92 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/components/bootstrap
/components/bootstrap/badges.html
/components/bootstrap/buttons.html
/components/bootstrap/cards.html
/components/bootstrap/forms.html
/components/bootstrap/navbar.html
/components/bootstrap/scrollspy.html
/components/bootstrap/sizing.html
/components/bootstrap/tables.html
/components/bootstrap/tabs.html
/components/bootstrap/tooltips.html
/components/sparrow
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-11-21 18:16

Severity: medium
Fingerprint: 5f32cf5d6962f09cef4a0ce8ef4a0ce8da7f78b86a0f4f70cf7395bcc9f70bb8

Found 80 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/img/favicons
/assets/img/favicons/android-chrome-192x192.png
/assets/img/favicons/android-chrome-512x512.png
/assets/img/favicons/apple-touch-icon.png
/assets/img/favicons/browserconfig.xml
/assets/img/favicons/favicon-16x16.png
/assets/img/favicons/favicon-32x32.png
/assets/img/favicons/favicon.ico
/assets/img/favicons/manifest.json
/assets/img/favicons/mstile-150x150.png
/assets/img/gallery
/assets/img/icons
/assets/img/interior-1-mobile.jpg
/assets/img/interior-1.jpg
/assets/img/interior-4-mobile.jpg
/assets/img/interior-4.jpg
/assets/img/interior-6-mobile.jpg
/assets/img/interior-6.jpg
/assets/img/legal.jpg
/assets/img/logofront.png
/assets/img/logofrontwhite.png
/assets/img/MH_BW_mini.png
/assets/img/showcase
/assets/img/showcase/ipad--l-1.jpg
/assets/img/showcase/ipad--l-2.jpg
/assets/img/showcase/ipad--l-3.jpg
/assets/img/showcase/ipad--p-1.jpg
/assets/img/showcase/ipad-l-1.png
/assets/img/showcase/ipad-l-2.png
/assets/img/showcase/ipad-l-3.png
/assets/img/showcase/ipad-p-1.png
/assets/img/showcase/iphone--l-1.jpg
/assets/img/showcase/iphone-1.jpg
/assets/img/showcase/iphone-2.jpg
/assets/img/showcase/iphone-3.jpg
/assets/img/showcase/iphone-l-1.png
/assets/img/showcase/macbook-1.jpg
/assets/img/showcase/macbook-1.png
/assets/img/showcase/macbook-2.jpg
/assets/img/showcase/macbook-2.png
/assets/img/showcase/mobile-1.png
/assets/img/showcase/mobile-2.png
/assets/img/showcase/mobile-3.png
/assets/img/signin.jpg
/assets/img/signup.jpg
/assets/img/tabla.png
/assets/img/team
/assets/img/team/ana.jpg
/assets/img/team/aurora.jpg
/assets/img/team/blancarivera.jpg
/assets/img/team/desiree.jpg
/assets/img/team/elisabeth.jpg
/assets/img/team/fernando.jpg
/assets/img/team/francesc.jpg
/assets/img/team/jesus.jpg
/assets/img/team/mariaescobar.jpg
/assets/img/team/massimoferroni.jpg
/assets/img/team/miguelmoreiras.jpg
/assets/img/team/pablo.jpg
/assets/img/team/pacamencia.jpg
/assets/img/team/raquel.jpg
/assets/img/team/raquelgonzalez.jpg
/assets/js
/assets/lib
/assets/video
/components
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-07-02 15:45

Severity: low
Fingerprint: 5f32cf5d6962f09cdafa5447dafa5447b671e3e93017925f7b55b159103e1f16

Found 18 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/theme-rtl.css
/assets/css/theme-rtl.css.map
/assets/css/theme.css
/assets/css/theme.css.map
/assets/docs
/assets/img
/assets/js
/assets/lib
/assets/video
/components
/cookies.html
/legal.html
/page-signin.html
/page-signup.html
/representation.html
/terms.html

Found on 2025-03-24 10:52

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: id-apac.smile-view.com
Port: 80
URL: http://id-apac.smile-view.com

First seen 2025-11-15 02:12
Last seen 2026-01-02 11:32
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775193f8694d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 11:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516d49f985

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-26 18:47

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751017839df

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 19:02

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a0887d23

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 21:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775166133e47

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-20 23:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377510a73140f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-18 23:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517ab88e5d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 20:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bb731621

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-14 12:12

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511addca3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:02

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775136c4e8d5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-11 08:28

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b6829855

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511d5eb585

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517df48faf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775113916a25

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 00:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fb89c12b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 23:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514976886d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-11-27 02:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e354736b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 08:28

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751505b7165

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 07:17

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e21e32edcd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 19:59

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e20e95b6dd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : skip=0 total=47 limit=100
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2c1e0f379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : total=34 limit=100 skip=0
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e28cbd65af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.restorativ.co
Port: 443
URL: https://api.restorativ.co

First seen 2025-12-04 00:04
Last seen 2026-01-02 11:20
Open for 29 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa391e25eac7ab5b8b0437e662526a24d7a11af447a

GraphQL introspection enabled at /graphql
Types: 337 (by kind: ENUM: 2, INPUT_OBJECT: 10, INTERFACE: 1, OBJECT: 318, SCALAR: 6)
Operations:
- Query: Query | fields: administrativeRegions, allOrganizationBookings, allTrainingVenues, assessment, bookingActivityOverview
- Mutation: Mutation | fields: acceptContract, acceptGroundRules, acknowledgeChatGptUse, addAdminToOrganization, addAdministrativeRegion
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 11:20

567.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-12-16 13:51

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39adb844aa185cf7abc76770b35984b248cadc8dc

GraphQL introspection enabled at /graphql
Types: 321 (by kind: ENUM: 2, INPUT_OBJECT: 10, INTERFACE: 1, OBJECT: 302, SCALAR: 6)
Operations:
- Query: Query | fields: administrativeRegions, allOrganizationBookings, allTrainingVenues, assessment, bookingActivityOverview
- Mutation: Mutation | fields: acceptContract, acceptGroundRules, acknowledgeChatGptUse, addAdminToOrganization, addAdministrativeRegion
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-14 09:47

544.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: parkering.helsingborgshem.se
Port: 443
URL: https://parkering.helsingborgshem.se

First seen 2025-12-13 00:10
Last seen 2026-01-02 11:09
Open for 20 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 11:09
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: tw-apac.smile-view.com
Port: 443
URL: https://tw-apac.smile-view.com

First seen 2025-11-15 02:31
Last seen 2026-01-02 11:07
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377519bc36ae5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2026-01-02 11:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fb24bd4d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-26 20:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751011dc253

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-25 02:56

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bc71b4a5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-23 02:42

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751a627db11

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-20 20:07

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751b45f4d05

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-19 01:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ffa51131

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 19:22

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751087e4bf3

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-14 14:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d31349b7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-14 12:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 13:49

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751017839df

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-10 07:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511addca3f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-09 21:23

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775145338651

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-05 14:52

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751fcfc3fcd

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514eaf432f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ce465379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516b050639

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d981a385

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 00:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-28 23:36

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e3fee20f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-27 02:03

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bd6347b5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 08:28

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514c86072f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 07:18

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e21e8c44b7

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 19:59

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2442097bf

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e285730aad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : total=8 limit=100 skip=0
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e220f16517

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e29a71c85d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: admin.takkei.se
Port: 443
URL: https://admin.takkei.se

First seen 2024-12-10 19:45
Last seen 2026-01-02 11:04
Open for 387 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfca832ed7f1ce48bb8f7a215dcb5641bac
```
Found 4 files trough .DS_Store spidering:

/fonts
/images
/images/colorbox
/images/jquerymobile
```
  Found on 2026-01-02 11:04
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642babc5aa1dc66edf2dc66edf2dc66edf2
```
Found 2 files trough .DS_Store spidering:

/fonts
/images
```
  Found on 2025-06-11 02:13
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: kls-ugglarps.cpms46.se
Port: 443
URL: https://kls-ugglarps.cpms46.se

First seen 2025-12-03 10:24
Last seen 2026-01-02 10:55
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:55
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: hultafors.cpms46.se
Port: 443
URL: https://hultafors.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 10:55
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:55
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brftrollholmen.cpms46.se
Port: 443
URL: https://brftrollholmen.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 10:55
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:55
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.konferencje.pfg.org.pl
Port: 80
URL: http://api.konferencje.pfg.org.pl

First seen 2025-11-21 00:28
Last seen 2026-01-02 10:47
Open for 42 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3bbea57351ea35bb7b0226cf2dc689562dc689562
```
GraphQL introspection enabled at /graphql
Types: 376 (by kind: ENUM: 24, INPUT_OBJECT: 148, OBJECT: 200, SCALAR: 4)
Operations:
- Query: Query | fields: Admin, Conference, ConferenceAdmin, Content, Edition
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 10:47
  
  342.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: unis-api.unyp.cz
Port: 443
URL: https://unis-api.unyp.cz

First seen 2025-10-17 00:02
Last seen 2026-01-02 10:46
Open for 77 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 10:46
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36958c9f90dca579bdbd08246a87e4cf8e24c7958
```
GraphQL introspection enabled at /graphql
Types: 1050 (by kind: ENUM: 29, INPUT_OBJECT: 436, OBJECT: 576, SCALAR: 9)
Operations:
- Query: Query | fields: academicYear, academicYears, academicYearsConnection, accommodation, accommodations
- Mutation: Mutation | fields: academicYearCreate, academicYearDiscard, academicYearUndiscard, academicYearUpdate, accommodationCreate
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-11-21 00:23
  
  1.6 MBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: allblastring.cpms46.se
Port: 443
URL: https://allblastring.cpms46.se

First seen 2025-12-03 10:19
Last seen 2026-01-02 10:42
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:42
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: sodraannexetfastigheter.cpms46.se
Port: 443
URL: https://sodraannexetfastigheter.cpms46.se

First seen 2025-12-03 10:21
Last seen 2026-01-02 10:38
Open for 30 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 10:38
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: obchod.stokrle.cz
Port: 443
URL: https://obchod.stokrle.cz

First seen 2025-10-19 22:29
Last seen 2026-01-02 10:35
Open for 74 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ad723d1d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1242
orders (args: optional/default) : totalCount=1331
returns (args: optional/default) : totalCount=54
orderCounts (args: none) : pendingCount=6 readyCount=1

Found on 2026-01-02 10:35

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59565cb1775

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1232
orders (args: optional/default) : totalCount=1317
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=4 readyCount=0

Found on 2025-12-26 16:38

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595ed97c5be

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1227
orders (args: optional/default) : totalCount=1311
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=5 readyCount=0

Found on 2025-12-21 05:59

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59580c0af5e

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1212
orders (args: optional/default) : totalCount=1296
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : readyCount=6 pendingCount=3

Found on 2025-12-19 03:34

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5951af2234d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1192
orders (args: optional/default) : totalCount=1271
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=3 readyCount=3

Found on 2025-12-16 20:24

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5957aa9f08c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1163
orders (args: optional/default) : totalCount=1233
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=11

Found on 2025-12-14 09:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59582cae19c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1160
orders (args: optional/default) : totalCount=1230
returns (args: optional/default) : totalCount=50
orderCounts (args: none) : pendingCount=12 readyCount=8

Found on 2025-12-13 16:51

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5950005125d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1049
orders (args: optional/default) : totalCount=1101
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=4 readyCount=5

Found on 2025-12-01 18:04

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5955139a5cd

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1033
orders (args: optional/default) : totalCount=1084
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-11-29 10:11

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953426fb17

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1028
orders (args: optional/default) : totalCount=1079
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=4 readyCount=13

Found on 2025-11-27 06:45

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595c1b2ce33

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=20

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9e5ab79

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1017
orders (args: optional/default) : totalCount=1082
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : readyCount=20 pendingCount=2

Found on 2025-11-24 01:36

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f99fef75

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1008
orders (args: optional/default) : totalCount=1073
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=13

Found on 2025-11-23 07:28

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595d0a703c3

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=1001
orders (args: optional/default) : totalCount=1065
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=7

Found on 2025-11-21 13:19

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5957bad3f71

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=988
orders (args: optional/default) : totalCount=1050
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-16 20:17

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5953a7768b2

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=981
orders (args: optional/default) : totalCount=1043
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=1 readyCount=8

Found on 2025-11-14 21:22

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595119bdc9b

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=972
orders (args: optional/default) : totalCount=1031
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=10

Found on 2025-11-12 15:31

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc23607d

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=967
orders (args: optional/default) : totalCount=1025
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=4

Found on 2025-11-10 18:51

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fc179252

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=962
orders (args: optional/default) : totalCount=1020
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=5

Found on 2025-11-08 15:03

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59557758efe

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=958
orders (args: optional/default) : totalCount=1016
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=3

Found on 2025-11-07 06:01

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5958d91a35c

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=954
orders (args: optional/default) : totalCount=1012
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=1

Found on 2025-11-05 13:17

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5952193e121

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=953
orders (args: optional/default) : totalCount=1011
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=2

Found on 2025-11-03 10:06

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5951c2bdb88

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=951
orders (args: optional/default) : totalCount=1009
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=0 readyCount=2

Found on 2025-11-02 05:31

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d5956f3571b4

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=943
orders (args: optional/default) : totalCount=1001
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-29 08:58

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595909f1896

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=999
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=3

Found on 2025-10-26 11:05

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595fb80c7b6

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=942
orders (args: optional/default) : totalCount=998
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-24 10:25

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d59579b1d7a8

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=939
orders (args: optional/default) : totalCount=994
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=2 readyCount=2

Found on 2025-10-22 11:40

95.7 kBytes 5 rows

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35027c6168c7c3722d0d7344ef06b23d595f9ecd561

GraphQL introspection enabled at /api
Types: 59 (by kind: ENUM: 6, INPUT_OBJECT: 21, OBJECT: 25, SCALAR: 7)
Operations:
- Query: Query | fields: customers, discountCode, discountCodes, engravings, envelope
- Mutation: Mutation | fields: createCustomer, createDiscountCode, deleteCustomer, updateAddress, updateCustomer
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 4
customers (args: optional/default) : totalCount=937
orders (args: optional/default) : totalCount=992
returns (args: optional/default) : totalCount=49
orderCounts (args: none) : pendingCount=3 readyCount=8

Found on 2025-10-19 22:29

95.7 kBytes 5 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: eddiki.eddygrid.com
Port: 80
URL: http://eddiki.eddygrid.com

First seen 2025-10-23 13:39
Last seen 2026-01-02 10:20
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3dec863f59258a9f72eacd4d9eb5bbc5a957af4f2

GraphQL introspection enabled at /graphql
Types: 134 (by kind: ENUM: 10, INPUT_OBJECT: 12, OBJECT: 107, SCALAR: 5)
Operations:
- Query: Query | fields: analytics, assets, authentication, comments, contribute
- Mutation: Mutation | fields: analytics, assets, authentication, comments, groups
- Subscription: Subscription | fields: loggingLiveTrail
Directives: auth, cacheControl, deprecated, include, rateLimit, skip, specifiedBy (total: 7)

Found on 2026-01-02 10:20

190.9 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: irondesign.co.za
Port: 80
URL: http://irondesign.co.za

First seen 2025-02-26 09:23
Last seen 2026-01-02 09:48
Open for 310 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94ded69a3fbed69a3fbed69a3fbe
```
Found 2 files trough .DS_Store spidering:

/assets
/assets/theme2
```
  Found on 2026-01-02 09:48
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: eddiki.eddygrid.com
Port: 443
URL: https://eddiki.eddygrid.com

First seen 2025-10-23 13:39
Last seen 2026-01-02 09:16
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3dec863f59258a9f72eacd4d9eb5bbc5a957af4f2

GraphQL introspection enabled at /graphql
Types: 134 (by kind: ENUM: 10, INPUT_OBJECT: 12, OBJECT: 107, SCALAR: 5)
Operations:
- Query: Query | fields: analytics, assets, authentication, comments, contribute
- Mutation: Mutation | fields: analytics, assets, authentication, comments, groups
- Subscription: Subscription | fields: loggingLiveTrail
Directives: auth, cacheControl, deprecated, include, rateLimit, skip, specifiedBy (total: 7)

Found on 2026-01-02 09:16

190.9 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brfutsiktenikungsbacka.cpms46.se
Port: 443
URL: https://brfutsiktenikungsbacka.cpms46.se

First seen 2025-12-03 10:27
Last seen 2026-01-02 09:13
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 09:13
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.220.108
Domain: api.patronus-safeguarding.com
Port: 443
URL: https://api.patronus-safeguarding.com

First seen 2025-11-04 12:56
Last seen 2026-01-02 09:13
Open for 58 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfcfee7b1124a46c9683833d103b5ae9b29
```
Found 4 files trough .DS_Store spidering:

/image
/newsletter
/packs
/packs-test
```
  Found on 2026-01-02 09:13
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e94e8498330fb0fb27e7e81c7424e91090
```
Found 5 files trough .DS_Store spidering:

/image
/newsletter
/packs
/packs-test
/SRF.csv
```
  Found on 2025-12-27 02:33
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.collecteas.fr
Port: 443
URL: https://www.collecteas.fr

First seen 2025-06-18 00:53
Last seen 2026-01-02 09:08
Open for 198 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d8e010b5e2a8a0823084098f866aa93757
```
Found 8 files trough .DS_Store spidering:

/20250306_DGOS_achats-souverains_FAQ 2025.pdf
/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/favicon.ico
/robots.txt
```
  Found on 2026-01-02 09:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c668fcbec668fcbec8805ab774556df4b5b30f59b2a47dfe5
```
Found 17 files trough .DS_Store spidering:

/20250116_Achats-souverains_données à implémenter outil.xlsx
/20250305_Créations comptes.xlsx
/20250306_DGOS_achats-souverains_FAQ 2025.pdf
/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/contact_ars.xlsx
/favicon.ico
/liste_utilisateurs.xlsx
/reimport_data
/reimport_data/20250519_DGOS_import modification données établissements.xlsx
/reimport_data/20250519_DGOS_import modification marchés souverain en non souverains.xlsx
/reimport_data/20250519_DGOS_import modification marchés souverains.xlsx
/reimport_data/prompt
/robots.txt
```
  Found on 2025-12-02 06:30
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: admin.payoutpartner.com
Port: 443
URL: https://admin.payoutpartner.com

First seen 2025-10-30 15:27
Last seen 2026-01-02 08:51
Open for 63 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3943ac6615745c8a34b683b799a3b83ad27731945
```
GraphQL introspection enabled at /graphql
Types: 475 (by kind: ENUM: 52, INPUT_OBJECT: 190, INTERFACE: 3, OBJECT: 224, SCALAR: 6)
Operations:
- Query: Query | fields: checkSlug, clients, companies, company, crcPurposes
- Mutation: Mutation | fields: addAccountMember, approveEnrollment, approveJobApplication, archiveClient, archiveDocuments
Directives: deprecated, include, oneOf, skip (total: 4)
```
  Found on 2026-01-02 08:51
  
  535.6 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.staging.myscriba.com
Port: 80
URL: http://api.staging.myscriba.com

First seen 2025-11-09 00:21
Last seen 2026-01-02 08:13
Open for 54 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa39705f97fe4c96b4d1dfe3bcaf2dffbefce449b03
```
GraphQL introspection enabled at /graphql
Types: 72 (by kind: ENUM: 16, INPUT_OBJECT: 14, INTERFACE: 4, OBJECT: 31, SCALAR: 7)
Operations:
- Query: Query | fields: asset, assets, currencies, recoverPasswordToken, user
- Mutation: Mutation | fields: initiateRecoverPassword, login, logout, signup, updateUser
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-02 08:13
  
  91.7 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: beta.polizeiticker.online
Port: 80
URL: http://beta.polizeiticker.online

First seen 2025-11-20 01:02
Last seen 2026-01-02 07:56
Open for 43 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 07:56
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.krajcapetras.com
Port: 443
URL: https://api.krajcapetras.com

First seen 2025-10-25 00:38
Last seen 2026-01-02 07:48
Open for 69 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa352b1591adb35288a0a1c1b53e7a36df7041ac94b

GraphQL introspection enabled at /graphql
Types: 188 (by kind: ENUM: 4, INPUT_OBJECT: 55, OBJECT: 117, SCALAR: 11, UNION: 1)
Operations:
- Query: Query | fields: getCompanyInfo, uploadFile, uploadFiles, uploadFolder, uploadFolders
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 07:48

255.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.asapdevlab.com
Port: 80
URL: http://api.asapdevlab.com

First seen 2025-10-24 00:52
Last seen 2026-01-02 07:20
Open for 70 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
Found on 2026-01-02 07:20

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d662fa7cdc7992206000b6e4fedb30877b34f3f063

GraphQL introspection enabled at /api/graphql
Types: 766 (by kind: ENUM: 42, INPUT_OBJECT: 582, OBJECT: 131, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-12-01 05:57

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d64e72dbecf5c82170347f380e0775264b77300533

GraphQL introspection enabled at /api/graphql
Types: 765 (by kind: ENUM: 42, INPUT_OBJECT: 581, OBJECT: 131, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-16 17:10

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6abc3079984df16fbe6313da7b5b7b12c9cc49062

GraphQL introspection enabled at /api/graphql
Types: 762 (by kind: ENUM: 42, INPUT_OBJECT: 580, OBJECT: 129, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-11-10 20:40

1.4 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6f5d90a751f3661777f65e9db7826f4b895dc28de

GraphQL introspection enabled at /api/graphql
Types: 676 (by kind: ENUM: 33, INPUT_OBJECT: 512, OBJECT: 120, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2025-10-27 08:39

1.3 MBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6f5d90a751f3661777f65e9db7826f4b80110d52a

GraphQL introspection enabled at /api/graphql
Types: 676 (by kind: ENUM: 33, INPUT_OBJECT: 512, OBJECT: 120, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: additionalDayPrice, additionalDayPrices, additionalDayPricesCount, additionalHourPrice, additionalHourPrices
- Mutation: Mutation | fields: createAdditionalDayPrice, createAdditionalDayPrices, deleteAdditionalDayPrice, updateAdditionalDayPrice, updateAdditionalDayPrices
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-24 00:52

1.3 MBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: note.loctoc.ch
Port: 80
URL: http://note.loctoc.ch

First seen 2025-08-13 15:43
Last seen 2026-01-02 07:19
Open for 141 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c1f1b52f11f1b52f1ee5187493b3acd76865a0b3b7f4db5ec

Found 96 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/rest
/img/trainer/rest/note
/img/trainer/rest/rest
/img/trainer/sheet_notes

Found on 2026-01-02 07:19

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf0211ca5db6a91065e356c9c3ecdb6f1dba

Found 24 files trough .DS_Store spidering:

/img
/img/faq
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/de
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol

Found on 2025-12-10 17:25

Severity: low
Fingerprint: 5f32cf5d6962f09cab28146bab28146bd1f4822b75355dde543047914621f104

Found 21 files trough .DS_Store spidering:

/img
/img/faq
/img/icons
/img/note_trainer
/img/note_trainer/2-voice
/img/note_trainer/3-voice
/img/trainer
/img/trainer/beat
/img/trainer/beat/premium
/img/trainer/beat/premium/DreiAchtel
/img/trainer/beat/premium/DreiAchtel/Level1
/img/trainer/beat/premium/DreiAchtel/Level2
/img/trainer/beat/premium/DreiAchtel/Level3
/img/trainer/beat/premium/VierViertel
/img/trainer/beat/premium/VierViertel/Level1
/img/trainer/beat/premium/VierViertel/Level2
/img/trainer/beat/premium/VierViertel/Level3
/img/trainer/chests
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames

Found on 2025-11-20 18:01

Severity: medium
Fingerprint: 5f32cf5d6962f09c0f1214d30f1214d3de35dae347ab60ec30c718a9653556d4

Found 94 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/rest
/img/trainer/sheet_notes

Found on 2025-11-01 18:44

Severity: medium
Fingerprint: 5f32cf5d6962f09cff76d438ff76d438c300a22c36e6e9e37a4754f0802a2372

Found 93 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/sheet_notes

Found on 2025-09-04 19:04

Severity: medium
Fingerprint: 5f32cf5d6962f09c6e6dc6946e6dc694fedec6307f18637751efd19c66f98ad6

Found 84 files trough .DS_Store spidering:

/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer

Found on 2025-09-02 11:39

Severity: medium
Fingerprint: 5f32cf5d6962f09c0f1214d30f1214d365a5578658c418c2a61a0965b2d90818

Found 94 files trough .DS_Store spidering:

/_app
/img
/img/icons
/img/note_trainer
/img/note_trainer/1-voice
/img/note_trainer/1-voice/blaue_2
/img/note_trainer/1-voice/blaue_3
/img/note_trainer/1-voice/gelbe_2
/img/note_trainer/1-voice/gelbe_3
/img/note_trainer/1-voice/gruene_2
/img/note_trainer/1-voice/gruene_3
/img/note_trainer/1-voice/herz_l.h
/img/note_trainer/1-voice/herz_r.h
/img/note_trainer/1-voice/lila_2
/img/note_trainer/1-voice/lila_3
/img/note_trainer/1-voice/orange_2
/img/note_trainer/1-voice/orange_3
/img/note_trainer/1-voice/schwarze_2
/img/note_trainer/1-voice/schwarze_3
/img/note_trainer/1-voice/weisse_3
/img/note_trainer/2-voice
/img/note_trainer/2-voice/blaue_2+gruene_2
/img/note_trainer/2-voice/blaue_2+gruene_3
/img/note_trainer/2-voice/blaue_2+Herz_r.H
/img/note_trainer/2-voice/blaue_2+herz_r.h
/img/note_trainer/2-voice/blaue_2+orange_2
/img/note_trainer/2-voice/blaue_2+orange_3
/img/note_trainer/2-voice/blaue_3+gruene_2
/img/note_trainer/2-voice/blaue_3+gruene_3
/img/note_trainer/2-voice/blaue_3+Herz_r.H
/img/note_trainer/2-voice/blaue_3+herz_r.h
/img/note_trainer/2-voice/blaue_3+orange_2
/img/note_trainer/2-voice/blaue_3+orange_3
/img/note_trainer/2-voice/Herz_l.H+gruene_2
/img/note_trainer/2-voice/herz_l.h+gruene_2
/img/note_trainer/2-voice/Herz_l.H+gruene_3
/img/note_trainer/2-voice/herz_l.h+gruene_3
/img/note_trainer/2-voice/Herz_l.H+orange_2
/img/note_trainer/2-voice/herz_l.h+orange_2
/img/note_trainer/2-voice/Herz_l.H+orange_3
/img/note_trainer/2-voice/herz_l.h+orange_3
/img/note_trainer/2-voice/lila_2+gruene_2
/img/note_trainer/2-voice/lila_2+gruene_3
/img/note_trainer/2-voice/lila_2+Herz_r.H
/img/note_trainer/2-voice/lila_2+herz_r.h
/img/note_trainer/2-voice/lila_2+orange_2
/img/note_trainer/2-voice/lila_2+orange_3
/img/note_trainer/2-voice/lila_3+gruene_2
/img/note_trainer/2-voice/lila_3+gruene_3
/img/note_trainer/2-voice/lila_3+Herz.r.H
/img/note_trainer/2-voice/lila_3+herz_r.h
/img/note_trainer/2-voice/lila_3+orange_2
/img/note_trainer/2-voice/lila_3+orange_3
/img/note_trainer/3-voice
/img/note_trainer/3-voice/blaue_2+gruene_2
/img/note_trainer/3-voice/blaue_2+gruene_3
/img/note_trainer/3-voice/blaue_2+Herz_r.H
/img/note_trainer/3-voice/blaue_2+herz_r.h
/img/note_trainer/3-voice/blaue_2+orange_2
/img/note_trainer/3-voice/blaue_2+orange_3
/img/note_trainer/3-voice/blaue_3+gruene_2
/img/note_trainer/3-voice/blaue_3+gruene_3
/img/note_trainer/3-voice/blaue_3+Herz_r.H
/img/note_trainer/3-voice/blaue_3+herz_r.h
/img/note_trainer/3-voice/blaue_3+orange_2
/img/note_trainer/3-voice/blaue_3+orange_3
/img/note_trainer/3-voice/Herz_l.H+gruene_2
/img/note_trainer/3-voice/herz_l.h+gruene_2
/img/note_trainer/3-voice/Herz_l.H+gruene_3
/img/note_trainer/3-voice/herz_l.h+gruene_3
/img/note_trainer/3-voice/Herz_l.H+orange_2
/img/note_trainer/3-voice/herz_l.h+orange_2
/img/note_trainer/3-voice/Herz_l.H+orange_3
/img/note_trainer/3-voice/herz_l.h+orange_3
/img/note_trainer/3-voice/lila_2+gruene_2
/img/note_trainer/3-voice/lila_2+gruene_3
/img/note_trainer/3-voice/lila_2+herz_r.h
/img/note_trainer/3-voice/lila_2+orange_2
/img/note_trainer/3-voice/lila_2+orange_3
/img/note_trainer/3-voice/lila_3+gruene_2
/img/note_trainer/3-voice/lila_3+gruene_3
/img/note_trainer/3-voice/lila_3+herz_r.h
/img/note_trainer/3-voice/lila_3+orange_2
/img/note_trainer/3-voice/lila_3+orange_3
/img/trainer
/img/trainer/clips
/img/trainer/grip_notes
/img/trainer/grips
/img/trainer/key_name
/img/trainer/key_name/grips
/img/trainer/key_name/keynames
/img/trainer/key_name/keynames/en
/img/trainer/key_name/keynames/sol
/img/trainer/sheet_notes

Found on 2025-08-21 07:41

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: ksa-lookups-api.ayamedica.com
Port: 443
URL: https://ksa-lookups-api.ayamedica.com

First seen 2025-10-19 22:09
Last seen 2026-01-02 07:06
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c838013e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2026-01-02 07:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e72f09c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-30 09:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec232f711b6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 08:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22507d28a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-24 09:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2f7e44c2c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 11:00

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea4be6de

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 05:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2581a596a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2650de28a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec237b4469c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b5a1e7fc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-18 18:53

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d0bdec44

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-16 16:38

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c08956d6

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-13 08:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a2780bfc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-06 06:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fd00e2ec

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-30 20:24

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-28 15:05

77.1 kBytes 30 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a6fd17a7

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Found on 2025-11-26 18:49

77.1 kBytes

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2fa63432a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-23 05:09

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-21 10:57

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec20215298e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-18 09:42

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ad0393be

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 15:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2a24cec90

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-12 15:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22f091b90

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 14:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2804a94ce

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 13:14

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2343dc23e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-07 02:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23adaff88

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-05 10:07

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 12:05

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26cec10ea

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-01 03:37

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29cd38086

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-30 20:34

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c50d87d0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 11:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a6c84f4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-26 05:11

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28385e7ea

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-24 06:13

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d52ed052

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec256367398

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : message=success code=200 success=true
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec281699c3c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2dba6f438

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2038456eb

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 18)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-19 22:09

77.4 kBytes 30 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.rads26th.com
Port: 80
URL: http://www.rads26th.com

First seen 2025-02-01 10:18
Last seen 2026-01-02 06:59
Open for 334 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
  Found on 2026-01-02 06:59
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.winkt.io
Port: 443
URL: https://www.winkt.io

First seen 2025-11-10 00:31
Last seen 2026-01-02 06:54
Open for 53 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa326b8a14410a6a308976f6f8875dd15058bb68971

GraphQL introspection enabled at /graphql
Types: 64 (by kind: ENUM: 4, INPUT_OBJECT: 19, OBJECT: 36, SCALAR: 5)
Operations:
- Query: Query | fields: getFeaturedAnimations, tattoo, tattooAnimations, tattoos, tattoosFeaturedOnArtist
- Mutation: Mutation | fields: addArtist, addTattoo, addTattooAnimation, addTattoos, sendRequestAnimationMail
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 06:54

92.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: mystand-stage.venyou.no
Port: 443
URL: https://mystand-stage.venyou.no

First seen 2025-11-14 00:45
Last seen 2026-01-02 06:47
Open for 49 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-02 06:47

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-11-30 14:24

511.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: cms.global-ukraine.com
Port: 80
URL: http://cms.global-ukraine.com

First seen 2025-12-09 01:31
Last seen 2026-01-02 06:27
Open for 24 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa399037156b834bc86629c71e4086a5c64fb4961dd

GraphQL introspection enabled at /graphql
Types: 53 (by kind: ENUM: 3, INPUT_OBJECT: 12, OBJECT: 29, SCALAR: 9)
Operations:
- Query: Query | fields: article, article_aggregated, article_by_id, article_by_version, diaspora
- Mutation: Mutation | fields: create_african_campus_application_item, create_african_campus_application_items, create_subscribers_emails_item, create_subscribers_emails_items
- Subscription: Subscription | fields: article_mutated, diaspora_mutated, directus_files_mutated, languages_mutated
Directives: deprecated, include, skip (total: 3)

Readable stores: 0

Found on 2026-01-02 06:27

86.7 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: calc-staging.timeline.co
Port: 443
URL: https://calc-staging.timeline.co

First seen 2025-12-09 01:01
Last seen 2026-01-02 06:27
Open for 24 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db84e0e35094065277ac6469656c169f3ad8f4ff06d8f4ff06
```
GraphQL introspection enabled at /api
Types: 76 (by kind: ENUM: 20, INPUT_OBJECT: 14, OBJECT: 32, SCALAR: 10)
Operations:
- Query: Query | fields: inheritanceTax, simulationResults, sustainableSpending
Directives: include, skip (total: 2)
```
  Found on 2026-01-02 06:27
  
  85.0 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brfsolvandan.cpms46.se
Port: 443
URL: https://brfsolvandan.cpms46.se

First seen 2025-12-03 10:23
Last seen 2026-01-02 06:23
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 06:23
  
  23.1 kBytes
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: ai.online-academy.cloud
Port: 80
URL: http://ai.online-academy.cloud

First seen 2025-12-09 13:01
Last seen 2026-01-02 06:21
Open for 23 days

Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbe221b16dc5cb61a724a149f4b24d76a3d

Found 15 files trough .DS_Store spidering:

/1a. Gesetzestexte  Woche 1 (Lehrbrief 1.1)
/audio-playback.worklet.js
/audio-recorder.worklet.js
/chat.html
/client.js
/favicon.ico
/index.html
/lessons.html
/lessons.js
/Lobu_Präsentation_Wöchentliches_Online-Seminar_Woche_1_.pdf
/Lobu_Präsentation_Wöchentliches_Online-Seminar_Woche_1.mp4
/main.js
/ru_Lobu_Präsentation_Wöchentliches_Online-Seminar_Woche_1.mp4
/video_context_1.txt
/video_context_2.txt

Found on 2026-01-02 06:21

Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbe221b16dcc254f3d3642e350160a6eba8

Found 15 files trough .DS_Store spidering:

/1a. Gesetzestexte  Woche 1 (Lehrbrief 1.1)
/app.js
/audio-playback.worklet.js
/audio-recorder.worklet.js
/chat.html
/favicon.ico
/index.html
/index.js
/lessons.html
/lessons.js
/Lobu_Präsentation_Wöchentliches_Online-Seminar_Woche_1_.pdf
/Lobu_Präsentation_Wöchentliches_Online-Seminar_Woche_1.mp4
/ru_Lobu_Präsentation_Wöchentliches_Online-Seminar_Woche_1.mp4
/video_context_1.txt
/video_context_2.txt

Found on 2025-12-16 13:56

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging.api.community.24baby.nl
Port: 80
URL: http://staging.api.community.24baby.nl

First seen 2025-11-21 04:29
Last seen 2026-01-02 06:21
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b4ca487c72215bc0d7f9c3620abc3244ad72ee83

GraphQL introspection enabled at /graphql
Types: 636 (by kind: ENUM: 127, INPUT_OBJECT: 190, INTERFACE: 15, OBJECT: 294, SCALAR: 8, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 06:21

647.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa344c9c6bd4c7ac65fda7f843d275b7d89ca4c5ac8

GraphQL introspection enabled at /graphql
Types: 630 (by kind: ENUM: 127, INPUT_OBJECT: 189, INTERFACE: 15, OBJECT: 290, SCALAR: 7, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-12 18:38

646.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging.api.community.24baby.nl
Port: 443
URL: https://staging.api.community.24baby.nl

First seen 2025-11-21 04:29
Last seen 2026-01-02 06:21
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b4ca487c72215bc0d7f9c3620abc3244ad72ee83

GraphQL introspection enabled at /graphql
Types: 636 (by kind: ENUM: 127, INPUT_OBJECT: 190, INTERFACE: 15, OBJECT: 294, SCALAR: 8, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 06:21

647.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa344c9c6bd4c7ac65fda7f843d275b7d89ca4c5ac8

GraphQL introspection enabled at /graphql
Types: 630 (by kind: ENUM: 127, INPUT_OBJECT: 189, INTERFACE: 15, OBJECT: 290, SCALAR: 7, UNION: 2)
Operations:
- Query: RootQueryType | fields: accessToken, activeTopicsByChild, adArticleItem, adArticleItems, adCampaign
- Mutation: RootMutationType | fields: acceptFriendshipRequest, acceptInvitation, adminDeleteUser, adminUpdateUser, copyFeedCards
- Subscription: RootSubscriptionType | fields: babyNameFeed, birthCardFeed, chatConversationUpdated, chatMessageAdded, imageUpdated
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-12 18:38

646.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-30 13:34

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: tibble.cpms46.se
Port: 443
URL: https://tibble.cpms46.se

First seen 2025-12-03 10:20
Last seen 2026-01-02 06:06
Open for 29 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 06:06
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: ksa-lookups-api.ayamedica.com
Port: 80
URL: http://ksa-lookups-api.ayamedica.com

First seen 2025-10-21 19:52
Last seen 2026-01-02 06:01
Open for 72 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c166e99a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2026-01-02 06:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec294407b00

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-26 23:02

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22bd618bc

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-25 00:24

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2961cdb7e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : success=false message=Redirect to login code=450
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-22 21:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2580352fe

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22a9468a0

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2e62569aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23d3f4fae

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-21 00:32

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22b3130b2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-20 13:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec25dd9eca4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-18 10:46

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2db47adb2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-16 05:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bc6ac904

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-14 03:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec21a1f3f7a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-12-12 11:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2d52ed052

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-10 17:03

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2ea689494

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-12-08 03:19

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec218b01c60

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-30 14:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b65ad688

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-26 18:48

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bb1ada9c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-11-22 19:06

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec23e72f09c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-21 01:47

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec296dab77c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-16 14:40

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec29f0888c4

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-14 16:20

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28d95ace2

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-10 23:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2b71a430c

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-08 20:28

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec236adf1aa

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : success=true message=success code=200
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-07 04:01

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2011a5b0e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : success=false message=Expected a string code=500
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : message=Redirect to login code=450 success=false

Found on 2025-11-05 10:21

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec24c3ffa00

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : success=true message=success code=200
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : success=true message=success code=200
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-11-03 05:35

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2eccd148a

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : success=false message=$regex has to be a string code=500
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-28 18:58

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2c53b7298

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : success=true message=success code=200
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : code=200 success=true message=success
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : message=success code=200 success=true
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-26 12:43

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec22b460b5e

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : success=false message=Redirect to login code=450

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec28cbea418

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : message=success code=200 success=true
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : code=500 success=false message=$regex has to be a string
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : message=success code=200 success=true
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec26da55d84

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : success=true message=success code=200
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : code=500 success=false message=$regex has to be a string
readDrugsList (args: optional/default) : code=500 success=false message=Expected a string
readDrugIngredients (args: optional/default) : message=$regex has to be a string code=500 success=false
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : code=450 success=false message=Redirect to login
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa329fd5dff0da60ccdb7234d97e718fec2bb14d296

GraphQL introspection enabled at /graphql
Types: 76 (by kind: ENUM: 8, OBJECT: 58, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: readAppointmentStatuses, readAppointmentTypes, readBoardScreen, readUser, readVaccinationTypes
- Mutation: Mutation | fields: updateTheAppVersion
Directives: cacheControl, federation__extends, federation__external, federation__inaccessible, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 10
readVaccinationTypes (args: optional/default) : code=200 success=true message=success
readDiseaseTypesLookUps (args: optional/default) : code=200 success=true message=success
readMobileDiseaseTypesLookUps (args: optional/default) : message=$regex has to be a string code=500 success=false
readDrugsList (args: optional/default) : message=Expected a string code=500 success=false
readDrugIngredients (args: optional/default) : success=false message=$regex has to be a string code=500
readAyamedicaCountries (args: optional/default) : message=success code=200 success=true
readCategoriesAndSpecialties (args: optional/default) : code=200 success=true message=success
readGradesLookUp (args: optional/default) : message=Redirect to login code=450 success=false
readAppointmentStatuses (args: none) : code=200 success=true message=success
readAppointmentTypes (args: none) : code=450 success=false message=Redirect to login

Found on 2025-10-21 19:52

77.1 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.swipy.pro
Port: 443
URL: https://api.swipy.pro

First seen 2025-10-19 21:47
Last seen 2026-01-02 06:01
Open for 74 days

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19746d6bdd

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2026-01-02 06:01

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19b3af2f85

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-26 23:02

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19ade1c07f

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readAllBusinessCards (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-25 00:24

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19f59637e3

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-22 21:04

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f191c710113

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19cabc88fb

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : success=false message=Cannot read properties of undefined (reading '_id') code=500
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19c8edee7d

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : success=false message=Cannot read properties of undefined (reading '_id') code=500
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readBusinessCardById (args: optional/default) : message=Card not found code=404 success=false
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f199a855f51

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : success=false message=You are not authorized to perform this request. code=401
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.

Found on 2025-12-21 00:32

234.8 kBytes 27 rows

Severity: high
Fingerprint: c2db3a1c40d490db1a0bbaa3bed3aa4100bdd94387977943d6397f19324b40e3

GraphQL introspection enabled at /graphql
Types: 167 (by kind: ENUM: 13, INPUT_OBJECT: 15, OBJECT: 129, SCALAR: 10)
Operations:
- Query: Query | fields: myCorporate, readAllUsersData, readCorporateBusinessCards, readCorporateInformation, readCorporateUsers
- Mutation: Mutation | fields: adminLogin, adminLogout, affilateLogin, createCorporateBusinessCardDesign, registerAnAdmin
- Subscription: Subscription | fields: WatchBusinessCards, submitProgress, subscribedSuccessfully, uploadProgress
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 17)

Readable stores: 9
readAllUsersData (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readValidatedData (args: optional/default) : code=500 success=false message=Cannot read properties of undefined (reading '_id')
readRejectedData (args: optional/default) : message=Cannot read properties of undefined (reading '_id') code=500 success=false
readTicketsList (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readAllBusinessCards (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readBusinessCardById (args: optional/default) : code=404 success=false message=Card not found
readPromoCodes (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false
readSubscriptionDetails (args: optional/default) : code=401 success=false message=You are not authorized to perform this request.
readWebPromoCode (args: optional/default) : message=You are not authorized to perform this request. code=401 success=false

Found on 2025-10-19 21:47

234.8 kBytes 27 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: ksa-monolith-api.ayamedica.com
Port: 80
URL: http://ksa-monolith-api.ayamedica.com

First seen 2025-10-21 20:37
Last seen 2026-01-02 06:01
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33183c6fd8d61be1f410e8f10231defc24b56f811

GraphQL introspection enabled at /graphql
Types: 295 (by kind: ENUM: 19, INPUT_OBJECT: 42, OBJECT: 224, SCALAR: 9, UNION: 1)
Operations:
- Query: Query | fields: checkIfAppointmentExists, readAllAppointments, readAppointmentDetails, readAppointmentPatients, readAppointments
- Mutation: Mutation | fields: cancelSchoolAppointment, checkOutSchoolAppointment, createSchoolAppointment, deleteSchoolAppointment, editSchoolAppointment
- Subscription: Subscription | fields: importProgress, progrssUpload
Directives: federation__extends, federation__external, federation__inaccessible, federation__override, federation__provides, federation__requires, federation__tag, key, link, shareable (total: 16)

Found on 2026-01-02 06:01

370.3 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.ng.tourlina.com
Port: 443
URL: https://api.ng.tourlina.com

First seen 2025-11-22 01:44
Last seen 2026-01-02 05:57
Open for 41 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa346c1d3df8181c3ed04ac53202e509127a2fef7ff

GraphQL introspection enabled at /graphql
Types: 152 (by kind: ENUM: 10, INPUT_OBJECT: 35, INTERFACE: 3, OBJECT: 93, SCALAR: 7, UNION: 4)
Operations:
- Query: Query | fields: destinations, discover, discoverSearch, events, features
- Mutation: Mutation | fields: acceptFriendRequest, attachAccountVerificationPhoto, attachUserPhoto, blockUser, confirmVerification
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 05:57

180.0 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: staging.api.admin.kdgh.de
Port: 443
URL: https://staging.api.admin.kdgh.de

First seen 2025-11-15 01:30
Last seen 2026-01-02 05:24
Open for 48 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6c8b45670200f5874f98b1b9d40dee56b53c4ccab
```
GraphQL introspection enabled at /api/graphql
Types: 157 (by kind: ENUM: 15, INPUT_OBJECT: 67, INTERFACE: 9, OBJECT: 57, SCALAR: 9)
Operations:
- Query: Query | fields: auditEvents, dataProcessingActivities, node, personSearch, persons
- Mutation: Mutation | fields: createCourse, createPerson, deletePerson, updateCourse, updatePerson
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 05:24
  
  159.3 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.crowdfundingdanmark.dk
Port: 443
URL: https://www.crowdfundingdanmark.dk

First seen 2025-11-23 00:21
Last seen 2026-01-02 05:01
Open for 40 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-02 05:01
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c42ef4a6565d38d63e30e713e6ce51b23e9f2d22
```
GraphQL introspection enabled at /graphql
Types: 543 (by kind: ENUM: 64, INPUT_OBJECT: 70, INTERFACE: 1, OBJECT: 318, SCALAR: 11, UNION: 79)
Operations:
- Query: Query | fields: fields, me, openLoanQuotes, publicContent, secondaryMarketListings
- Mutation: Mutation | fields: mutateExternalFile, mutateFields, mutateForumPost, mutateProject, mutateShare
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-11-30 14:23
  
  2.8 MBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: revest.it
Port: 443
URL: https://revest.it

First seen 2025-11-16 00:14
Last seen 2026-01-02 04:21
Open for 47 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db59139cb99

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2508 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2026-01-02 04:21

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5d2bca6c0

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-30 08:53

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db518fcb704

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-26 09:08

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57c3a51aa

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-24 06:44

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db519286e1e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-22 08:06

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db58016b5b4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-20 09:10

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db515d8e506

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-18 10:10

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b97398ab

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2501 totalPages=51 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-12 12:11

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5f55aa349

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b66a4473

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db552c92ef7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5ee7a2fcf

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-02 05:45

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5296e91b0

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-01 08:53

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db513afe29e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:38

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db553d37cb8

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db53047d0b2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db55dd295bc

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2482 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-23 13:26

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db576d085c7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5aa9e1c11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db567af57b7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2476 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: web.staging.samla.io
Port: 80
URL: http://web.staging.samla.io

First seen 2025-11-03 00:48
Last seen 2026-01-02 04:10
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31e61d79bacd27fd9288fff0db73c455fa55e90d3

GraphQL introspection enabled at /graphql
Types: 293 (by kind: ENUM: 33, INPUT_OBJECT: 117, INTERFACE: 6, OBJECT: 117, SCALAR: 15, UNION: 5)
Operations:
- Query: Query | fields: attachment, cacheVersion, calendar, findCacheKeys, version
- Mutation: Mutation | fields: addAttachment, createCalendar, newAddAttachment, newRemoveAttachment, removeAttachment
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 04:10

415.2 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: varmdobo.park46.se
Port: 443
URL: https://varmdobo.park46.se

First seen 2025-10-29 00:18
Last seen 2026-01-02 02:45
Open for 65 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 02:45
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: dev.api.falsch-parker.ch
Port: 80
URL: http://dev.api.falsch-parker.ch

First seen 2025-10-29 01:09
Last seen 2026-01-02 02:36
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa333c43962f41e5b32791b7acaede662e70da948d7

GraphQL introspection enabled at /graphql
Types: 123 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 40, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2026-01-02 02:36

166.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b26636c0deb55104fa5f9fcc821945ad194583bd

GraphQL introspection enabled at /graphql
Types: 124 (by kind: ENUM: 6, INPUT_OBJECT: 70, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-12-29 00:06

167.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3daab4f76c6b8f6667c04f6eead50aa0389f1cdd3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 6, INPUT_OBJECT: 72, OBJECT: 42, SCALAR: 7)
Operations:
- Query: Query | fields: driverReports, report, reports, reportsOfUser, userReportsAll
- Mutation: Mutation | fields: cancelReport, createObjectionToTicket, createReport, deliverVehicle, downloadReportPDF
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-14 14:49

171.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: www.mtnstaffpredictor.com
Port: 443
URL: https://www.mtnstaffpredictor.com

First seen 2025-10-22 00:24
Last seen 2026-01-02 02:32
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a022fb7aa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2026-01-02 02:32

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a6478b15e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-30 10:56

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a0ce3cefe

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-26 05:58

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ad0af8536

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-22 23:12

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ada28fdc2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a97efce4e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-12-18 17:44

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aa9305f6a

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-16 12:53

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aedf969ca

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-13 08:30

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a497764fa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-12-08 07:57

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ae53ae9be

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-12-01 04:46

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aeed92092

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-11-27 07:11

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aece152a6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-21 05:33

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a2e4ff3d0

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-12 11:30

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ab809fd72

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-11-06 22:37

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5abf823ac6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-10-24 07:21

25.6 kBytes 9 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: id-apac.smile-view.com
Port: 443
URL: https://id-apac.smile-view.com

First seen 2025-11-15 02:12
Last seen 2026-01-02 02:30
Open for 48 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751ade27b79

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2026-01-02 02:30

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514fbf01eb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-27 05:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e75a2045

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-25 04:54

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775122d73e19

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-23 05:17

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775160671989

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 01:43

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751271b66ad

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-17 02:14

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377511b2f1c1b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 17:32

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c6692e77

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-12 11:24

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775193f7fc4d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 21:26

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d06b5a51

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-05 07:09

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751542f3665

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 19:21

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377517998166d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775115658f21

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775155c7a92d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:06

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377515eec5bdb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-29 10:05

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751deff218d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-26 18:19

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775132f854fb

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 05:54

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513b6d56c5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-21 10:22

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25e3313e1

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-18 06:27

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25f9ecef9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-16 21:20

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2521fec4b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2922e7af9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : skip=0 total=34 limit=100
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : total=0 limit=100 skip=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2855a9107

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : total=13 limit=100 skip=0
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b06c8689

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : skip=0 total=0 limit=100
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:12

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api-v2.cliqup.co
Port: 443
URL: https://api-v2.cliqup.co

First seen 2025-10-25 00:10
Last seen 2026-01-02 02:27
Open for 69 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d728eb71c84b33f3c1156526e05ccea1cbda903e

GraphQL introspection enabled at /graphql
Types: 106 (by kind: ENUM: 18, INPUT_OBJECT: 26, OBJECT: 55, SCALAR: 7)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2026-01-02 02:27

174.2 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa368d1bcd6a414ab06220a0f93efd1e912316d104b

GraphQL introspection enabled at /graphql
Types: 78 (by kind: ENUM: 6, INPUT_OBJECT: 19, OBJECT: 46, SCALAR: 7)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-12-19 05:32

138.0 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3070cbe5c496d60e05a7853a17318dab42294d9b5

GraphQL introspection enabled at /graphql
Types: 72 (by kind: ENUM: 5, INPUT_OBJECT: 17, OBJECT: 43, SCALAR: 7)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-12-17 01:52

130.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a394c5be77d6446e8f6bf36baf3330ba13d43263

GraphQL introspection enabled at /graphql
Types: 62 (by kind: ENUM: 4, INPUT_OBJECT: 15, OBJECT: 37, SCALAR: 6)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-12-01 05:06

115.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-26 12:37

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c3199e49228e84eb7c5db4aee36d86799ef8b8e6

GraphQL introspection enabled at /graphql
Types: 59 (by kind: ENUM: 4, INPUT_OBJECT: 14, OBJECT: 36, SCALAR: 5)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-11-20 16:01

109.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa332d0c2731518cff1f29b4db0897b433f9a078744

GraphQL introspection enabled at /graphql
Types: 58 (by kind: ENUM: 4, INPUT_OBJECT: 14, OBJECT: 35, SCALAR: 5)
Operations:
- Query: Query | fields: activityTypes, activityTypesById, organiserOnboarding, publicActivities, signin
- Mutation: Mutation | fields: createActivity, createActivityType, followOrganiser, signup, updateOrganiserOnboarding
- Subscription: Subscription | fields: messageRead, newMessage, userJoined
Directives: auth, deprecated, include, skip, specifiedBy (total: 5)

Found on 2025-11-01 20:25

109.1 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.brannkorpset.com
Port: 443
URL: https://www.brannkorpset.com

First seen 2025-02-15 20:59
Last seen 2026-01-02 02:21
Open for 320 days

Severity: medium
Fingerprint: 5f32cf5d6962f09cd4047824d4047824b5b9e0ea89d882d836c8407353fe4390

Found 35 files trough .DS_Store spidering:

/400.html
/404.html
/406-unsupported-browser.html
/422.html
/500.html
/icon.png
/icon.svg
/images
/images/album_generic.jpeg
/images/background_color.jpg
/images/background_wide.jpg
/images/bg-bubplastic-button.gif
/images/bg-bubplastic-h-blue.gif
/images/bg-bubplastic-h-gray.gif
/images/bg-bubplastic-h-lime.gif
/images/bg-bubplastic-h-red.gif
/images/bg-bubplastic.gif
/images/bjorn_sebak.jpg
/images/gunnar_thorstensen.jpg
/images/header_image.jpg
/images/header_image.psd
/images/header_image3.png
/images/header_image_transp.png
/images/icons
/images/jan_ytrearne.jpg
/images/kenneth.jpg
/images/photo_placeholder.jpg
/images/placeholder.jpg
/images/plakat_konsert_2011.png
/images/progressbar.gif
/images/rails.png
/images/svein_teigland.jpg
/images/tor_bjorkaas.jpg
/images/torkjell_helle.jpg
/robots.txt

Found on 2026-01-02 02:21

Severity: low
Fingerprint: 5f32cf5d6962f09c63442d9d63442d9db7f4c636b7f4c636b7f4c636b7f4c636
```
Found 1 files trough .DS_Store spidering:

/images
```
Found on 2025-02-18 02:26

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.mtnstaffpredictor.com
Port: 80
URL: http://www.mtnstaffpredictor.com

First seen 2025-10-22 00:24
Last seen 2026-01-02 02:21
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aedf969ca

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2026-01-02 02:21

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a0ce3cefe

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-27 05:40

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ada28fdc2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-25 04:21

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a2e4ff3d0

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-23 05:47

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a022fb7aa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a6478b15e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam...
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-12-21 01:02

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5abf823ac6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-12-19 01:07

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a497764fa

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-11-30 23:17

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ad5c42758

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-11-16 18:26

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aece152a6

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live

Found on 2025-11-12 15:05

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ac1fa3e2c

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-11-07 02:44

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5ab809fd72

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[] gameCode=football_predictor_mtn

Found on 2025-10-30 20:35

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a97efce4e

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-10-24 06:12

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5aeed92092

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8 lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true]
gameConfig (args: none) : gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w... env=Live slider=map[]

Found on 2025-10-22 00:24

25.6 kBytes 9 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa381bc9ce1afee902393fe0f6b5773de5a73ee3ac2

GraphQL introspection enabled at /graphql
Types: 21 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 12, SCALAR: 6)
Operations:
- Query: Query | fields: categories, config, gameConfig, items
- Mutation: Mutation | fields: updateConfig
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
config (args: optional/default) : lockedOut=false lockedOutCategories=map[9:2025-09-13T16:00:00.000Z] lockedOutCategoriesBoolen=map[9:true] categories=[map[altName:predictor class:category_2 game:efp_2017 gameNam... _id=64c7904df126aa24e9de19d8
gameConfig (args: none) : env=Live slider=map[] gameCode=football_predictor_mtn version=map[googleAnalyticsToken:UA-68512439-17 landingPage:https://w...

Found on 2025-10-22 00:24

25.6 kBytes 9 rows

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.packaging.bonfluencer.com
Port: 443
URL: https://www.packaging.bonfluencer.com

First seen 2025-09-08 15:07
Last seen 2026-01-02 01:40
Open for 115 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3af247253af247250afce8cdeb84548d01c0a61abd0f7437
```
Found 9 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/favicon.ico
/robots.txt
/videos
/videos/welcome_video_big.mp4
```
  Found on 2026-01-02 01:40
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: cms.rneventteknik.se
Port: 80
URL: http://cms.rneventteknik.se

First seen 2025-10-21 10:55
Last seen 2026-01-02 01:36
Open for 72 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d66eede3f16ecdb17300838c4158f24dc4dbceb3e4
```
GraphQL introspection enabled at /api/graphql
Types: 891 (by kind: ENUM: 12, INPUT_OBJECT: 171, OBJECT: 698, SCALAR: 8, UNION: 2)
Operations:
- Query: Query | fields: User, Users, countUsers, docAccessUser, meUser
- Mutation: Mutation | fields: createUser, deleteUser, logoutUser, refreshTokenUser, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 01:36
  
  624.2 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: dev.api.ridebly.com
Port: 443
URL: https://dev.api.ridebly.com

First seen 2025-10-30 00:50
Last seen 2026-01-02 01:28
Open for 64 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3cd8f79f403cffaf8a071897e00d46482445d345e

GraphQL introspection enabled at /graphql
Types: 218 (by kind: ENUM: 43, INPUT_OBJECT: 69, OBJECT: 98, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-02 01:28

303.1 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa320948d480517a6ec586abb626b937b96de6f9272

GraphQL introspection enabled at /graphql
Types: 216 (by kind: ENUM: 41, INPUT_OBJECT: 69, OBJECT: 98, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-06 06:48

298.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c2d6878f5038b09d6464b5956a0450ef86422f97

GraphQL introspection enabled at /graphql
Types: 209 (by kind: ENUM: 42, INPUT_OBJECT: 65, OBJECT: 94, SCALAR: 8)
Operations:
- Query: Query | fields: booking, bookingForm, bookingForms, bookings, business
- Mutation: Mutation | fields: addBooking, addBookingForm, addBookingSimple, addBusiness, addCarReservation
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-08 11:45

290.7 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: backend-staging.guidable.com
Port: 80
URL: http://backend-staging.guidable.com

First seen 2025-11-24 01:26
Last seen 2026-01-02 00:39
Open for 38 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa365ebb7bca8f19d80b7e19fb2fa4183646b57b837

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 12, INPUT_OBJECT: 49, OBJECT: 60, SCALAR: 6)
Operations:
- Query: Query | fields: applicationSettings, groupSharing, storyEvaluation, tourReview, user
- Mutation: Mutation | fields: auth, groupSharing, storyEvaluation, user, userTour
- Subscription: Subscription | fields: groupSharingChanged, storyCreationRequestUpdated, supportedAppVersionChanged, tourCreationRequestUpdated, transactionCreated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 00:39

104.6 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: clean-cycle-api.denovo.cloud
Port: 80
URL: http://clean-cycle-api.denovo.cloud

First seen 2025-11-15 01:10
Last seen 2026-01-02 00:15
Open for 47 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-02 00:15
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: app.clairon.ai
Port: 443
URL: https://app.clairon.ai

First seen 2025-09-17 10:07
Last seen 2026-01-02 00:00
Open for 106 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d5cfda5295cfda5295cfda5295cfda529
```
Found 1 files trough .DS_Store spidering:

/branding
```
  Found on 2026-01-02 00:00
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: cms.bertjonk-autoverhuur.nl
Port: 80
URL: http://cms.bertjonk-autoverhuur.nl

First seen 2025-11-26 01:02
Last seen 2026-01-01 22:09
Open for 36 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36e93f2fdd09b221fe4080ae18f4f31f129251f45
```
GraphQL introspection enabled at /graphql
Types: 198 (by kind: ENUM: 8, INPUT_OBJECT: 69, OBJECT: 112, SCALAR: 8, UNION: 1)
Operations:
- Query: Query | fields: uploadFile, uploadFiles, uploadFolder, uploadFolders, usersPermissionsRole
- Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder
Directives: deprecated, include, skip, specifiedBy (total: 4)
```
  Found on 2026-01-01 22:09
  
  264.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.payvo.gr
Port: 80
URL: http://api.payvo.gr

First seen 2025-10-21 00:11
Last seen 2026-01-01 22:04
Open for 72 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa327405247877e9d7581d75e17729642df16d6a847

GraphQL introspection enabled at /graphql
Types: 111 (by kind: ENUM: 20, INPUT_OBJECT: 37, OBJECT: 49, SCALAR: 5)
Operations:
- Query: Query | fields: AADEInvoice, AADEInvoices, business, businesses, transactions
- Mutation: Mutation | fields: addAADEInvoice, addBusiness, addTransaction, initiatePOSPayment, initiatePOSinvoice
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-01 22:04

132.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa362f03646512655b6d36fd23e5a9df5ff43bd08f3

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 35, INPUT_OBJECT: 31, OBJECT: 54, SCALAR: 7)
Operations:
- Query: Query | fields: AADEInvoice, AADEInvoices, business, businesses, companyDetails
- Mutation: Mutation | fields: addAADEInvoice, addBusiness, addContact, addError, addOffering
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-12-01 00:14

155.2 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: portal.studiekorrektur.dk
Port: 443
URL: https://portal.studiekorrektur.dk

First seen 2024-12-11 08:01
Last seen 2026-01-01 21:59
Open for 386 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94de5b8bfb995b8bfb995b8bfb99
```
Found 2 files trough .DS_Store spidering:

/assets
/packs
```
  Found on 2026-01-01 21:59
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: backend-prod.royoga.dk
Port: 443
URL: https://backend-prod.royoga.dk

First seen 2025-10-28 01:00
Last seen 2026-01-01 21:19
Open for 65 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa30fc43a8c72dd2ed0f88c2d9a7e0b686a2072852f

GraphQL introspection enabled at /graphql
Types: 150 (by kind: ENUM: 27, INPUT_OBJECT: 14, OBJECT: 102, SCALAR: 7)
Operations:
- Query: Query | fields: allJulekalenderDoors, getJulekalenderDoor, getJulekalenderSignupCount, todaysJulekalenderDoor, verifyJulekalenderSignup
- Mutation: Mutation | fields: checkSignupCode, joinJulekalender, resendJulekalenderSignupCode, updateJulekalenderDoor, updateJulekalenderEmails
- Subscription: Subscription | fields: lessonCommentsEnabled, liveVideoStatus, newLessonComment
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2026-01-01 21:19

262.5 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e24d470405e3686bc72f4c453d42a44805166cac7a

GraphQL introspection enabled at /graphql/api
Types: 150 (by kind: ENUM: 27, INPUT_OBJECT: 14, OBJECT: 102, SCALAR: 7)
Operations:
- Query: Query | fields: allJulekalenderDoors, getJulekalenderDoor, getJulekalenderSignupCount, todaysJulekalenderDoor, verifyJulekalenderSignup
- Mutation: Mutation | fields: checkSignupCode, joinJulekalender, resendJulekalenderSignupCode, updateJulekalenderDoor, updateJulekalenderEmails
- Subscription: Subscription | fields: lessonCommentsEnabled, liveVideoStatus, newLessonComment
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-28 00:09

262.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b48f5051f3118293bac43e215bd9c511be0e222e

GraphQL introspection enabled at /graphql
Types: 147 (by kind: ENUM: 25, INPUT_OBJECT: 14, OBJECT: 101, SCALAR: 7)
Operations:
- Query: Query | fields: allJulekalenderDoors, getJulekalenderDoor, getJulekalenderSignupCount, todaysJulekalenderDoor, verifyJulekalenderSignup
- Mutation: Mutation | fields: checkSignupCode, joinJulekalender, resendJulekalenderSignupCode, updateJulekalenderDoor, updateJulekalenderEmails
- Subscription: Subscription | fields: lessonCommentsEnabled, liveVideoStatus, newLessonComment
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-20 12:49

258.7 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: brfstorsjostrand.cpms46.se
Port: 443
URL: https://brfstorsjostrand.cpms46.se

First seen 2025-11-11 08:14
Last seen 2026-01-01 21:05
Open for 51 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-01 21:05
  
  23.1 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: tickets.novaspektrum.no
Port: 443
URL: https://tickets.novaspektrum.no

First seen 2025-11-26 01:11
Last seen 2026-01-01 19:46
Open for 36 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a434d4c51fb42f07c2257d1e06cf3f7619722a80

GraphQL introspection enabled at /graphql
Types: 281 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 80, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2026-01-01 19:46

514.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa373da83712303bbf3a6d74e62e19c096270c5a64c

GraphQL introspection enabled at /graphql
Types: 279 (by kind: ENUM: 50, INPUT_OBJECT: 140, OBJECT: 78, SCALAR: 11)
Operations:
- Query: Query | fields: areaPricingEntry, areaPricingGroup, asset, assetBlueprint, auditLog
- Mutation: Mutation | fields: createCustomer, createCustomerComment, deleteCustomer, mergeCustomers, updateCustomer
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-01 09:25

511.6 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.dev.loop-aero.com
Port: 80
URL: http://api.dev.loop-aero.com

First seen 2025-12-01 00:59
Last seen 2026-01-01 19:46
Open for 31 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-01 19:46
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3af54412400a716a8db0d566e819396dbd8e14373
```
GraphQL introspection enabled at /graphql
Types: 1160 (by kind: ENUM: 25, INPUT_OBJECT: 954, OBJECT: 175, SCALAR: 6)
Operations:
- Query: Query | fields: airlineCompanies, airlineCompany, airlineStaff, airlineStaffs, airport
- Mutation: Mutation | fields: acknowledgeNotification, createFlight, createUserComment, createUserSearch, deleteUserComment
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-01 00:59
  
  1.7 MBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.spisa.nu
Port: 443
URL: https://www.spisa.nu

First seen 2025-11-08 01:22
Last seen 2026-01-01 19:36
Open for 54 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa386e6ec4e2d3b04bef630af2b1047a7b0e6fa7628
```
GraphQL introspection enabled at /graphql
Types: 221 (by kind: ENUM: 4, INPUT_OBJECT: 40, OBJECT: 168, SCALAR: 7, UNION: 2)
Operations:
- Query: Query | fields: cookingTipsWithTotal, findUserbyFriendlyUrl, intl, recipeList, userList
- Mutation: Mutations | fields: cookingTipsUpdate, rateRecipe, recipeSave, recipeTried, recipeTriedAndComment
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-01 19:36
  
  258.5 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.visaendorsement-dev.com
Port: 80
URL: http://api.visaendorsement-dev.com

First seen 2025-10-18 00:27
Last seen 2026-01-01 19:36
Open for 75 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa329849f6c6bb137f0fc8b6baa1f2b798086872c68
```
GraphQL introspection enabled at /graphql
Types: 288 (by kind: ENUM: 16, INPUT_OBJECT: 111, OBJECT: 153, SCALAR: 7, UNION: 1)
Operations:
- Query: Query | fields: getAdmins, getAllAccountAdmins, getAnnualReport, getApplication, getApplications
- Mutation: Mutation | fields: createAdmin, createStripeAddress, destroyUser, registerAttendee, updateAccountAdminProfile
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0
```
  Found on 2026-01-01 19:36
  
  581.8 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-23 03:22
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: vsbo.park46.se
Port: 443
URL: https://vsbo.park46.se

First seen 2025-10-17 00:01
Last seen 2026-01-01 19:35
Open for 76 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-01 19:35
  
  23.1 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: tmp.patronus-safeguarding.com
Port: 443
URL: https://tmp.patronus-safeguarding.com

First seen 2025-11-01 10:21
Last seen 2026-01-01 01:03
Open for 60 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e94e8498330fb0fb27e7e81c7424e91090
```
Found 5 files trough .DS_Store spidering:

/image
/newsletter
/packs
/packs-test
/SRF.csv
```
  Found on 2026-01-01 01:03
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: webjuno.com
Port: 443
URL: https://webjuno.com

First seen 2025-10-30 05:40
Last seen 2025-12-30 21:26
Open for 61 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6
```
GraphQL introspection enabled at /api/graphql
```
  Found on 2025-12-30 21:26
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6df4ad91fd02430ada14dcbe52c7805f78c58ee4f
```
GraphQL introspection enabled at /api/graphql
Types: 2449 (by kind: ENUM: 82, INPUT_OBJECT: 327, OBJECT: 2017, SCALAR: 8, UNION: 15)
Operations:
- Query: Query | fields: Page, Pages, countPages, docAccessPage, versionPage
- Mutation: Mutation | fields: createPage, deletePage, duplicatePage, restoreVersionPage, updatePage
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-01 14:06
  
  1.6 MBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: aarhus.crowdfundingdanmark.dk
Port: 443
URL: https://aarhus.crowdfundingdanmark.dk

First seen 2025-11-13 01:23
Last seen 2025-12-30 14:34
Open for 47 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-12-30 14:34
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c42ef4a6565d38d63e30e713e6ce51b23e9f2d22
```
GraphQL introspection enabled at /graphql
Types: 543 (by kind: ENUM: 64, INPUT_OBJECT: 70, INTERFACE: 1, OBJECT: 318, SCALAR: 11, UNION: 79)
Operations:
- Query: Query | fields: fields, me, openLoanQuotes, publicContent, secondaryMarketListings
- Mutation: Mutation | fields: mutateExternalFile, mutateFields, mutateForumPost, mutateProject, mutateShare
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-01 04:24
  
  2.8 MBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.republik.ch
Port: 443
URL: https://www.republik.ch

First seen 2025-11-25 00:34
Last seen 2025-12-30 14:19
Open for 35 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3be2694cc2fe728902c80cf0d965636e8434d7b3e

GraphQL introspection enabled at /graphql
Types: 362 (by kind: ENUM: 59, INPUT_OBJECT: 42, INTERFACE: 8, OBJECT: 235, SCALAR: 10, UNION: 8)
Operations:
- Query: queries | fields: greeting, memberStats, membershipStats, nextStatement, statements
- Mutation: mutations | fields: publishCredential, updateAddress, updateMe, updateUser, verifyCredential
- Subscription: subscriptions | fields: comment, greeting, repoChange, repoUpdate, uncommittedChanges
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-30 14:19

513.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b3e1af7e1bf413aee418b52be630514a9ec70c80

GraphQL introspection enabled at /graphql
Types: 361 (by kind: ENUM: 59, INPUT_OBJECT: 42, INTERFACE: 8, OBJECT: 234, SCALAR: 10, UNION: 8)
Operations:
- Query: queries | fields: greeting, memberStats, membershipStats, nextStatement, statements
- Mutation: mutations | fields: publishCredential, updateAddress, updateMe, updateUser, verifyCredential
- Subscription: subscriptions | fields: comment, greeting, repoChange, repoUpdate, uncommittedChanges
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-30 18:40

512.9 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: caseview.avantifostering.co.uk
Port: 443
URL: https://caseview.avantifostering.co.uk

First seen 2025-07-27 14:07
Last seen 2025-12-30 14:19
Open for 156 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2025-12-30 14:19
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 15.197.129.158
Domain: republik.ch
Port: 443
URL: https://republik.ch

First seen 2025-11-25 00:05
Last seen 2025-12-30 14:18
Open for 35 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3be2694cc2fe728902c80cf0d965636e8434d7b3e

GraphQL introspection enabled at /graphql
Types: 362 (by kind: ENUM: 59, INPUT_OBJECT: 42, INTERFACE: 8, OBJECT: 235, SCALAR: 10, UNION: 8)
Operations:
- Query: queries | fields: greeting, memberStats, membershipStats, nextStatement, statements
- Mutation: mutations | fields: publishCredential, updateAddress, updateMe, updateUser, verifyCredential
- Subscription: subscriptions | fields: comment, greeting, repoChange, repoUpdate, uncommittedChanges
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-30 14:18

513.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b3e1af7e1bf413aee418b52be630514a9ec70c80

GraphQL introspection enabled at /graphql
Types: 361 (by kind: ENUM: 59, INPUT_OBJECT: 42, INTERFACE: 8, OBJECT: 234, SCALAR: 10, UNION: 8)
Operations:
- Query: queries | fields: greeting, memberStats, membershipStats, nextStatement, statements
- Mutation: mutations | fields: publishCredential, updateAddress, updateMe, updateUser, verifyCredential
- Subscription: subscriptions | fields: comment, greeting, repoChange, repoUpdate, uncommittedChanges
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-30 19:35

512.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
Found on 2025-11-25 00:05

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: mgm.comgy-testing.club
Port: 443
URL: https://mgm.comgy-testing.club

First seen 2025-11-18 00:58
Last seen 2025-12-30 14:15
Open for 42 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3d7bee2cef48b2c3e92cf319b6fb05f636abfb38b

GraphQL introspection enabled at /graphql
Types: 110 (by kind: ENUM: 23, INPUT_OBJECT: 14, INTERFACE: 1, OBJECT: 56, SCALAR: 8, UNION: 8)
Operations:
- Query: Query | fields: accountGroup, accountGroups, realEstate, reportDocument, reports
- Mutation: Mutation | fields: assignEnergyProcessorSlot, assignUtilizationSpaces, createConsumption, createUtilizationSpace, generateReportDocument
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-30 14:15

123.0 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: revest.it
Port: 80
URL: http://revest.it

First seen 2025-11-16 00:14
Last seen 2025-12-30 12:23
Open for 44 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db515d8e506

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-30 12:23

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db519286e1e

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-26 09:35

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57c3a51aa

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2507
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-21 04:23

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db58016b5b4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : totalItems=2507 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-19 01:28

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db57042e04a

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2503 totalPages=51 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-14 07:03

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5363dbdb4

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Detected: Magento
Readable stores: 2
products (args: optional/default) : size=50 totalItems=2501 totalPages=51 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-13 04:47

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db552c92ef7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2494 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5cc47aba9

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : nextPage=2 size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db50a5cdc11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2494 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-08 16:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db53047d0b2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-12-01 01:39

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db553d37cb8

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : totalItems=2488 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2 size=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-30 09:37

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5920ed1a2

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2488 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-29 01:49

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db55dd295bc

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2482 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-23 14:56

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5259a2b84

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : firstPage=true lastPage=false nextPage=2 size=50 totalItems=2482 totalPages=50 currentPage=1
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-21 00:04

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5b9eae3e1

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true lastPage=false nextPage=2
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db5aa9e1c11

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50 currentPage=1 firstPage=true
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3aca0dcc64ee40d363e02f30247ce2db576d085c7

GraphQL introspection enabled at /graphql
Types: 80 (by kind: ENUM: 6, INPUT_OBJECT: 8, INTERFACE: 1, OBJECT: 59, SCALAR: 6)
Operations:
- Query: Query | fields: collection, collections, coupon, currentUser, holidays
- Mutation: Mutation | fields: cart, returnProducts, sendContactMessage, subscribeToNewsletter, uploadProduct
Directives: deprecated, include, skip (total: 3)

Readable stores: 2
products (args: optional/default) : currentPage=1 firstPage=true lastPage=false nextPage=2 size=50 totalItems=2476 totalPages=50
settings (args: none) : dhlTrackingUrl=https://www.logistics.dhl/it-it/home/tracciabilita.html?track...

Found on 2025-11-16 00:14

92.8 kBytes 8 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: parkler.park46.se
Port: 443
URL: https://parkler.park46.se

First seen 2025-12-02 00:52
Last seen 2025-12-30 12:20
Open for 28 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa367f25af30b1a2d712bd6467cf03dabdfe3eca147
```
GraphQL introspection enabled at /graphql
Types: 20 (by kind: ENUM: 3, OBJECT: 14, SCALAR: 3)
Operations:
- Query: Query | fields: user
- Mutation: Mutation | fields: addPushNotificationToken, authBankID, removePushNotificationTokens, signIn
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-30 12:20
  
  23.1 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: app.morsystem.com
Port: 443
URL: https://app.morsystem.com

First seen 2025-11-15 03:40
Last seen 2025-12-30 12:15
Open for 45 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d6bd69cdf51cf477f764f845808f8b6d9ccb5247dc
```
GraphQL introspection enabled at /api/graphql
Types: 15 (by kind: ENUM: 2, OBJECT: 10, SCALAR: 3)
Operations:
- Query: RootQueryType | fields: product, products
Directives: include, skip (total: 2)

Readable stores: 0
```
  Found on 2025-12-30 12:15
  
  15.7 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.43.161
Domain: tw-apac.smile-view.com
Port: 80
URL: http://tw-apac.smile-view.com

First seen 2025-11-15 02:31
Last seen 2025-12-30 12:08
Open for 45 days

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751df0d4437

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-30 12:08

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751bd7aa36d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-26 09:50

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775100e8e49d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : skip=0 limit=100 total=1129
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-24 06:51

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c975b96b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-22 23:20

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751769cc821

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-21 01:13

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377513a16f09f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : skip=0 limit=100 total=2017
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : skip=0 limit=100 total=249
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-18 20:39

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377514bd3529b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-16 16:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c9377516d51f0ab

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-12-14 06:44

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751d2587379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-13 05:48

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c20d5379

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e4e6461d

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : skip=0 limit=100 total=96
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751c839ea73

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : skip=0 limit=100 total=407
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : skip=0 limit=100 total=34
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : limit=100 total=4 skip=0

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e11f074f

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 total=3296 skip=0
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : skip=0 limit=100 total=3
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 04:25

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751cc04f973

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : limit=100 total=3 skip=0
labelCollection (args: optional/default) : limit=100 total=96 skip=0
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-12-01 01:46

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775160a9fe13

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : limit=100 total=1129 skip=0
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-29 01:43

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751521935af

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : limit=100 total=407 skip=0
pageCollection (args: optional/default) : limit=100 total=249 skip=0
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : total=34 skip=0 limit=100
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-27 12:59

981.0 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751924c9ab5

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 limit=100 total=3296
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : limit=100 total=178 skip=0
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-24 10:53

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c93775185ab36d9

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : limit=100 total=2017 skip=0
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : skip=0 limit=100 total=178
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : total=4 skip=0 limit=100

Found on 2025-11-23 00:10

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210adcaf5335c937751e75a2045

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: asset, assetCollection, containerRow, content, contentCollection
Directives: contentSourceMaps, deprecated, include, oneOf, skip, specifiedBy, timeline (total: 7)

Readable stores: 10
assetCollection (args: optional/default) : total=3296 skip=0 limit=100
contentCollection (args: optional/default) : total=2017 skip=0 limit=100
containerRowCollection (args: optional/default) : total=407 skip=0 limit=100
pageCollection (args: optional/default) : total=249 skip=0 limit=100
containerModalCollection (args: optional/default) : total=3 skip=0 limit=100
labelCollection (args: optional/default) : total=96 skip=0 limit=100
imageTitleDescriptionCollection (args: optional/default) : total=178 skip=0 limit=100
containerCarouselCollection (args: optional/default) : limit=100 total=34 skip=0
faqsCollection (args: optional/default) : total=1129 skip=0 limit=100
customJsonCollection (args: optional/default) : skip=0 limit=100 total=4

Found on 2025-11-21 06:09

928.5 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e2b02bfe7b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-16 23:01

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e24220b135

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : total=3294 limit=100 skip=0
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : total=47 limit=100 skip=0
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e237ff3275

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : skip=0 total=3294 limit=100
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : skip=0 total=13 limit=100
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : skip=0 total=6 limit=100
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : limit=100 skip=0 total=407

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e253367f3b

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : limit=100 skip=0 total=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : limit=100 skip=0 total=8
containerCustomTableCollection (args: optional/default) : limit=100 skip=0 total=6
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : limit=100 skip=0 total=3
containerRowCollection (args: optional/default) : total=407 limit=100 skip=0

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Severity: high
Fingerprint: c2db3a1c40d490dbaf340e11be97e14cbc99c210e36e0a56a01e79e25394fc79

GraphQL introspection enabled at /api/gql
Types: 395 (by kind: ENUM: 145, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 156, SCALAR: 10, UNION: 12)
Operations:
- Query: Query | fields: _node, _nodes, asset, assetCollection, assetUpload
Directives: contentSourceMaps, contentfulSchemaMetadata, delegatedResourceLink, deprecated, enumMapper, featureFlag, fieldResolver, include, skip, typeIdentifier (total: 13)

Readable stores: 10
assetCollection (args: optional/default) : limit=100 skip=0 total=3294
assetUploadCollection (args: optional/default) : total=0 limit=100 skip=0
configCollection (args: optional/default) : limit=100 skip=0 total=47
configPresetCollection (args: optional/default) : limit=100 skip=0 total=13
containerCarouselCollection (args: optional/default) : limit=100 skip=0 total=34
containerCustomTableCellCollection (args: optional/default) : skip=0 total=8 limit=100
containerCustomTableCollection (args: optional/default) : total=6 limit=100 skip=0
containerFooterCollection (args: optional/default) : limit=100 skip=0 total=0
containerModalCollection (args: optional/default) : skip=0 total=3 limit=100
containerRowCollection (args: optional/default) : skip=0 total=407 limit=100

Found on 2025-11-15 02:31

929.9 kBytes 30 rows

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.bookingworldspeakers.com
Port: 443
URL: https://api.bookingworldspeakers.com

First seen 2025-11-21 03:18
Last seen 2025-12-30 12:08
Open for 39 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa355717e3d7841d8df11d846911841d1c067fe96b0
```
GraphQL introspection enabled at /graphql
Types: 101 (by kind: ENUM: 8, INPUT_OBJECT: 35, INTERFACE: 1, OBJECT: 49, SCALAR: 8)
Operations:
- Query: RootType | fields: admins, bestAudiences, emailAvailable, getUsersById, me
- Mutation: Mutations | fields: attendEvent, banUser, changeAvatar, favoriteSpeaker, updateAudienceProfile
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-30 12:08
  
  167.6 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.kinobeiz.ch
Port: 80
URL: http://www.kinobeiz.ch

First seen 2025-03-03 00:02
Last seen 2025-12-29 00:16
Open for 301 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d55ae152455ae152455ae152455ae1524
```
Found 1 files trough .DS_Store spidering:

/_app
```
  Found on 2025-12-29 00:16
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: sta-logistik-api.saubermacher.at
Port: 80
URL: http://sta-logistik-api.saubermacher.at

First seen 2025-12-07 01:25
Last seen 2025-12-26 15:24
Open for 19 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ce1800f1953c107399f0c342c51119f722e3424f
```
GraphQL introspection enabled at /graphql
Types: 35 (by kind: ENUM: 4, OBJECT: 25, SCALAR: 6)
Operations:
- Query: Query | fields: me, order, user, users, version
- Mutation: Mutation | fields: createUser, deleteUser, logout, signin, updateUser
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-26 15:24
  
  65.5 kBytes
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 76.223.11.49
Domain: boersekilchberg.ch
Port: 443
URL: https://boersekilchberg.ch

First seen 2022-10-05 11:50
Last seen 2025-12-25 05:48
Open for 1176 days

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7bd739e4310bfa9fd438b1a50176d90ea

Found 128 files trough .DS_Store spidering:

/.assets
/.assets/@webassemblyjs
/.assets/@xtuc
/.assets/abbrev
/.assets/accepts
/.assets/acorn
/.assets/ajv
/.assets/ajv-errors
/.assets/ajv-keywords
/.assets/ansi-colors
/.assets/ansi-html
/.assets/ansi-regex
/.assets/anymatch
/.assets/aproba
/.assets/are-we-there-yet
/.assets/arr-diff
/.assets/arr-flatten
/.assets/arr-union
/.assets/array-flatten
/.assets/array-union
/.assets/array-uniq
/.assets/array-unique
/.assets/asn1.js
/.assets/assert
/.assets/assign-symbols
/.assets/async
/.assets/async-each
/.assets/async-limiter
/.assets/atob
/.assets/balanced-match
/.assets/base
/.assets/base64-js
/.assets/batch
/.assets/big.js
/.assets/bin
/.assets/bluebird
/.assets/bn.js
/.assets/body-parser
/.assets/bonjour
/.assets/brace-expansion
/.assets/braces
/.assets/brorand
/.assets/browserify-aes
/.assets/browserify-cipher
/.assets/browserify-des
/.assets/browserify-rsa
/.assets/browserify-sign
/.assets/browserify-zlib
/.assets/buffer
/.assets/buffer-from
/.assets/buffer-indexof
/.assets/buffer-xor
/.assets/builtin-status-codes
/.assets/bytes
/.assets/cacache
/.assets/cache-base
/.assets/camelcase
/.assets/chokidar
/.assets/chownr
/.assets/chrome-trace-event
/.assets/cipher-base
/.assets/class-utils
/.assets/cliui
/.assets/code-point-at
/.assets/collection-visit
/.assets/commander
/.assets/commondir
/.assets/component-emitter
/.assets/components
/.assets/compressible
/.assets/compression
/.assets/concat-map
/.assets/concat-stream
/.assets/connect-history-api-fallback
/.assets/console-browserify
/.assets/console-control-strings
/.assets/constants-browserify
/.assets/content-disposition
/.assets/content-type
/.assets/cookie
/.assets/cookie-signature
/.assets/copy-concurrently
/.assets/copy-descriptor
/.assets/core-util-is
/.assets/create-ecdh
/.assets/create-hash
/.assets/create-hmac
/.assets/cross-spawn
/.assets/crypto-browserify
/.assets/cyclist
/.assets/date-now
/.assets/debug
/.assets/decamelize
/.assets/decode-uri-component
/.assets/deep-equal
/.assets/deep-extend
/.assets/default-gateway
/.assets/define-property
/.assets/del
/.assets/delegates
/.assets/depd
/.assets/des.js
/.assets/destroy
/.assets/detect-libc
/.assets/detect-node
/.assets/diffie-hellman
/.assets/dns-equal
/.assets/dns-packet
/.assets/dns-txt
/.assets/domain-browser
/.assets/duplexify
/.assets/ee-first
/.assets/elliptic
/.assets/emojis-list
/.assets/encodeurl
/.assets/end-of-stream
/.assets/enhanced-resolve
/.assets/errno
/.assets/escape-html
/.assets/eslint-scope
/.assets/esrecurse
/.assets/estraverse
/.assets/etag
/.assets/eventemitter3
/.assets/events
/.assets/eventsource
/.assets/evp_bytestokey
/.assets/execa

Found on 2025-12-25 05:48

Severity: low
Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc30322510973fdf00515bb16f009bcd5c
```
Found 4 files trough .DS_Store spidering:

/.assets
/assets
/documents
/packs
```
Found on 2025-09-24 03:05
Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f175e2dbb5f0c996dfa4568b2fa4568b2
```
Found 3 files trough .DS_Store spidering:

/.assets
/assets
/documents
```
Found on 2024-12-03 04:46

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.boersekilchberg.ch
Port: 443
URL: https://www.boersekilchberg.ch

First seen 2022-10-07 11:49
Last seen 2025-12-25 04:12
Open for 1174 days

Severity: high
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b7bd739e4310bfa9fd438b1a50176d90ea

Found 128 files trough .DS_Store spidering:

/.assets
/.assets/@webassemblyjs
/.assets/@xtuc
/.assets/abbrev
/.assets/accepts
/.assets/acorn
/.assets/ajv
/.assets/ajv-errors
/.assets/ajv-keywords
/.assets/ansi-colors
/.assets/ansi-html
/.assets/ansi-regex
/.assets/anymatch
/.assets/aproba
/.assets/are-we-there-yet
/.assets/arr-diff
/.assets/arr-flatten
/.assets/arr-union
/.assets/array-flatten
/.assets/array-union
/.assets/array-uniq
/.assets/array-unique
/.assets/asn1.js
/.assets/assert
/.assets/assign-symbols
/.assets/async
/.assets/async-each
/.assets/async-limiter
/.assets/atob
/.assets/balanced-match
/.assets/base
/.assets/base64-js
/.assets/batch
/.assets/big.js
/.assets/bin
/.assets/bluebird
/.assets/bn.js
/.assets/body-parser
/.assets/bonjour
/.assets/brace-expansion
/.assets/braces
/.assets/brorand
/.assets/browserify-aes
/.assets/browserify-cipher
/.assets/browserify-des
/.assets/browserify-rsa
/.assets/browserify-sign
/.assets/browserify-zlib
/.assets/buffer
/.assets/buffer-from
/.assets/buffer-indexof
/.assets/buffer-xor
/.assets/builtin-status-codes
/.assets/bytes
/.assets/cacache
/.assets/cache-base
/.assets/camelcase
/.assets/chokidar
/.assets/chownr
/.assets/chrome-trace-event
/.assets/cipher-base
/.assets/class-utils
/.assets/cliui
/.assets/code-point-at
/.assets/collection-visit
/.assets/commander
/.assets/commondir
/.assets/component-emitter
/.assets/components
/.assets/compressible
/.assets/compression
/.assets/concat-map
/.assets/concat-stream
/.assets/connect-history-api-fallback
/.assets/console-browserify
/.assets/console-control-strings
/.assets/constants-browserify
/.assets/content-disposition
/.assets/content-type
/.assets/cookie
/.assets/cookie-signature
/.assets/copy-concurrently
/.assets/copy-descriptor
/.assets/core-util-is
/.assets/create-ecdh
/.assets/create-hash
/.assets/create-hmac
/.assets/cross-spawn
/.assets/crypto-browserify
/.assets/cyclist
/.assets/date-now
/.assets/debug
/.assets/decamelize
/.assets/decode-uri-component
/.assets/deep-equal
/.assets/deep-extend
/.assets/default-gateway
/.assets/define-property
/.assets/del
/.assets/delegates
/.assets/depd
/.assets/des.js
/.assets/destroy
/.assets/detect-libc
/.assets/detect-node
/.assets/diffie-hellman
/.assets/dns-equal
/.assets/dns-packet
/.assets/dns-txt
/.assets/domain-browser
/.assets/duplexify
/.assets/ee-first
/.assets/elliptic
/.assets/emojis-list
/.assets/encodeurl
/.assets/end-of-stream
/.assets/enhanced-resolve
/.assets/errno
/.assets/escape-html
/.assets/eslint-scope
/.assets/esrecurse
/.assets/estraverse
/.assets/etag
/.assets/eventemitter3
/.assets/events
/.assets/eventsource
/.assets/evp_bytestokey
/.assets/execa

Found on 2025-12-25 04:12

Severity: low
Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc30322510973fdf00515bb16f009bcd5c
```
Found 4 files trough .DS_Store spidering:

/.assets
/assets
/documents
/packs
```
Found on 2025-11-24 04:26
Severity: low
Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f175e2dbb5f0c996dfa4568b2fa4568b2
```
Found 3 files trough .DS_Store spidering:

/.assets
/assets
/documents
```
Found on 2024-12-02 19:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dev-api.artodo.io
Port: 80
URL: http://dev-api.artodo.io

First seen 2025-12-05 21:03
Last seen 2025-12-24 15:34
Open for 18 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2025-12-24 15:34
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.famihewa.eu
Port: 80
URL: http://api.famihewa.eu

First seen 2025-12-03 00:18
Last seen 2025-12-24 15:20
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4b0e74d9facdd9de30222d17b9fd636b46f07509c8
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
DELETE /v1/under-constructions/{id}
GET /v1/ERROR/{code}/{title}
GET /v1/ingredients
GET /v1/ingredients/count
GET /v1/ingredients/{id}
GET /v1/recipes
GET /v1/recipes/count
GET /v1/recipes/{id}
GET /v1/under-constructions
GET /v1/under-constructions/count
GET /v1/under-constructions/latest
GET /v1/units
GET /v1/units/count
GET /v1/units/{id}
GET /v1/wines
GET /v1/wines/count
GET /v1/wines/{id}
PUT /v1/recipes/{id}/addIngredient
PUT /v1/recipes/{id}/addWine
PUT /v1/recipes/{id}/removeIngredient
PUT /v1/recipes/{id}/removeWine
PUT /v1/units/{id}/removeBaseUnit
PUT /v1/units/{id}/setBaseUnit
```
  Found on 2025-12-24 15:20
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.rentpetal.com
Port: 80
URL: http://api.rentpetal.com

First seen 2025-12-09 05:57
Last seen 2025-12-24 12:20
Open for 15 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e56080eb7b1958d1133359da07bd552616b3a16a81

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /api/v1/delivery/{deliveryId}/arrangement/{arrangementId}
DELETE /api/v1/migration/delete-changelog
GET /api/v1/arrangement
GET /api/v1/arrangement/get_list_of_arrangement
GET /api/v1/arrangement/search_arrangement
GET /api/v1/auth/business-types
GET /api/v1/auth/countries
GET /api/v1/auth/ping
GET /api/v1/customer/customers/search
GET /api/v1/customer/filter
GET /api/v1/customer/{customerId}
GET /api/v1/delivery/deliveries
GET /api/v1/delivery/get_all_deliveries
GET /api/v1/delivery/search
GET /api/v1/delivery/{deliveryId}
GET /api/v1/file
GET /api/v1/file/list
GET /api/v1/material/colours
GET /api/v1/material/export-materials
GET /api/v1/material/flowers
GET /api/v1/material/list
GET /api/v1/migration/apply-changelog
GET /api/v1/migration/initialize-schema/{orgId}
GET /api/v1/plan
GET /api/v1/plan/validate-plan/{tenantId}
GET /api/v1/plan/{id}
GET /api/v1/subscription/customer/{customerId}
GET /api/v1/subscription/{id}
GET /api/v1/tenant
GET /api/v1/tenant/team
GET /api/v1/tenant/team/get_all_tenant_team_without_pagination
GET /api/v1/tenant/team/tenant-team/search
GET /api/v1/tenant/team/tenant-team/{id}
GET /api/v1/tenant/tenant/{tenantId}/plan-history
GET /api/v1/tenant/{id}
PATCH /api/v1/delivery/{deliveryId}/add-arrangements
PATCH /api/v1/tenant/deactivateTenant/{id}
PATCH /api/v1/tenant/team/{id}
POST /api/v1/arrangement/filter
POST /api/v1/auth/auth/send-otp
POST /api/v1/auth/auth/verify-otp
POST /api/v1/auth/change-password
POST /api/v1/auth/forgot-password
POST /api/v1/auth/general-registration
POST /api/v1/auth/login
POST /api/v1/auth/register
POST /api/v1/auth/register-role
POST /api/v1/auth/reset-password
POST /api/v1/customer
POST /api/v1/delivery/complete
POST /api/v1/delivery/list
POST /api/v1/email/send-delivery-arrangements/{deliveryId}
POST /api/v1/file/upload
POST /api/v1/material/upload
POST /api/v1/subscription/
POST /api/v1/tenant/register
PUT /api/v1/customer/{customerId}/deactivate
PUT /api/v1/delivery/{deliveryId}/restock
PUT /api/v1/file/update
PUT /api/v1/migration/apply-changelog-file/{orgId}
PUT /api/v1/subscription/update/{customerId}

Found on 2025-12-24 12:20

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: stats.api.fanomena.io
Port: 80
URL: http://stats.api.fanomena.io

First seen 2025-11-10 00:52
Last seen 2025-12-23 05:54
Open for 43 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36402dc35ec3932b717eb30b1806144544f67e458
```
GraphQL introspection enabled at /graphql
Types: 51 (by kind: ENUM: 6, INPUT_OBJECT: 3, OBJECT: 22, SCALAR: 20)
Operations:
- Query: Query | fields: events, eventsCount, eventsGroup, sessions, status
- Mutation: Mutation | fields: _empty, createEvent, createSession, generateKey, updateSession
Directives: cacheControl, deprecated, include, skip (total: 4)
```
  Found on 2025-12-23 05:54
  
  55.4 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: inspectfast.ai
Port: 443
URL: https://inspectfast.ai

First seen 2025-12-13 00:32
Last seen 2025-12-22 17:45
Open for 9 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d646d24b6646d24b6646d24b6646d24b6
```
Found 1 files trough .DS_Store spidering:

/INSP-2025-0142.pdf
```
  Found on 2025-12-22 17:45
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.gogifts.ng
Port: 80
URL: http://www.gogifts.ng

First seen 2025-01-07 16:04
Last seen 2025-12-22 15:57
Open for 348 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c2eda814e2eda814e18288c977a8c419babe74a464a7bbd5e
```
Found 6 files trough .DS_Store spidering:

/images
/index.html
/script.js
/style.css
/style.css.map
/style.scss
```
  Found on 2025-12-22 15:57
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: sssss.co.in
Port: 443
URL: https://sssss.co.in

First seen 2025-07-01 00:37
Last seen 2025-12-22 09:20
Open for 174 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9debeb6aa3ebeb6aa3ebeb6aa3ebeb6aa3
```
Found 1 files trough .DS_Store spidering:

/favicon_io
```
  Found on 2025-12-22 09:20
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api-staging.maximomes.app
Port: 80
URL: http://api-staging.maximomes.app

First seen 2025-11-03 09:04
Last seen 2025-12-16 13:29
Open for 43 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3fdfcbd6b4b001829a9433755b1d507f00d51b571

GraphQL introspection enabled at /graphql
Types: 269 (by kind: ENUM: 13, INPUT_OBJECT: 106, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-16 13:29

265.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3e1614c57cd654b85505aab1100a28164d16706a5

GraphQL introspection enabled at /graphql
Types: 267 (by kind: ENUM: 13, INPUT_OBJECT: 104, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-12-02 00:13

262.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36f747e3dab42d8df2ee822471b1a6e7225b3d99b

GraphQL introspection enabled at /graphql
Types: 264 (by kind: ENUM: 13, INPUT_OBJECT: 101, INTERFACE: 2, OBJECT: 73, SCALAR: 75)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-16 21:16

259.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a120b6f80324881c1acc411cb52239abe473eb1c

GraphQL introspection enabled at /graphql
Types: 259 (by kind: ENUM: 13, INPUT_OBJECT: 98, INTERFACE: 2, OBJECT: 72, SCALAR: 74)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-05 07:40

255.9 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa316ba1348e34e28ec1ab3ffac77572fbb2b906fcc

GraphQL introspection enabled at /graphql
Types: 254 (by kind: ENUM: 12, INPUT_OBJECT: 97, INTERFACE: 2, OBJECT: 70, SCALAR: 73)
Operations:
- Query: Query | fields: breadcrumb, checkResetPasswordToken, entries, entry, me
- Mutation: Mutation | fields: bulkUpdateEntries, createEntry, deleteEntry, registerUser, updateEntry
- Subscription: Subscription | fields: entryUpdated, newEntry
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Found on 2025-11-03 09:04

249.2 kBytes

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: mode-gm.braufabrik.de
Port: 443
URL: https://mode-gm.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: hin-weg.braufabrik.de
Port: 443
URL: https://hin-weg.braufabrik.de

First seen 2025-12-11 20:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: rpkraemerpanthershop.braufabrik.de
Port: 443
URL: https://rpkraemerpanthershop.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: braufreiheit.braufabrik.de
Port: 80
URL: http://braufreiheit.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: gymnicherbier.braufabrik.de
Port: 80
URL: http://gymnicherbier.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: tus-erndtebrueck.braufabrik.de
Port: 443
URL: https://tus-erndtebrueck.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: landgasthof-gruener-kranz.braufabrik.de
Port: 80
URL: http://landgasthof-gruener-kranz.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: kocon2.braufabrik.de
Port: 80
URL: http://kocon2.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: skjuxf.braufabrik.de
Port: 443
URL: https://skjuxf.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: teradata.braufabrik.de
Port: 443
URL: https://teradata.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: petzl.braufabrik.de
Port: 80
URL: http://petzl.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: detmoldzulippe.braufabrik.de
Port: 443
URL: https://detmoldzulippe.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: bandshop.braufabrik.de
Port: 80
URL: http://bandshop.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: karlsberg.braufabrik.de
Port: 80
URL: http://karlsberg.braufabrik.de

First seen 2025-12-11 20:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: sk8brding.braufabrik.de
Port: 80
URL: http://sk8brding.braufabrik.de

First seen 2025-12-11 20:06
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:06
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: double.braufabrik.de
Port: 443
URL: https://double.braufabrik.de

First seen 2025-12-11 20:06
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:06
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: vrnerds.braufabrik.de
Port: 443
URL: https://vrnerds.braufabrik.de

First seen 2025-12-11 20:06
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d7a65782f7a65782f7a65782f7a65782f
```
Found 1 files trough .DS_Store spidering:

/fog_uploads
```
  Found on 2025-12-11 20:06
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: retap.arxa.app
Port: 443
URL: https://retap.arxa.app

First seen 2025-10-16 05:23
Last seen 2025-12-02 06:23
Open for 47 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c3af247253af247250afce8cd23e64728616f3d1ef3a95e71
```
Found 9 files trough .DS_Store spidering:

/404.html
/406-unsupported-browser.html
/422.html
/500.html
/icon-192.png
/icon-32.png
/icon.png
/icon.svg
/robots.txt
```
  Found on 2025-12-02 06:23
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: polizeiticker.ch
Port: 80
URL: http://polizeiticker.ch

First seen 2025-11-09 00:31
Last seen 2025-12-01 17:13
Open for 22 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-12-01 17:13
  
  49.4 kBytes
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.slow-mo.net
Port: 80
URL: http://www.slow-mo.net

First seen 2025-09-24 03:45
Last seen 2025-11-30 19:06
Open for 67 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d956ff55a956ff55a956ff55a956ff55a
```
Found 1 files trough .DS_Store spidering:

/icons
```
  Found on 2025-11-30 19:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: search.v2.audiomachine.com
Port: 443
URL: https://search.v2.audiomachine.com

First seen 2025-11-30 04:45
Last seen 2025-11-30 04:45
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-30 04:45
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: polizeiticker.at
Port: 443
URL: https://polizeiticker.at

First seen 2025-11-17 00:04
Last seen 2025-11-24 10:49
Open for 7 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-11-24 10:49
  
  49.4 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-21 05:10
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.poiskistini.org
Port: 443
URL: https://www.poiskistini.org

First seen 2025-11-21 03:29
Last seen 2025-11-24 03:48
Open for 3 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36ed284e71cfaedd5adf5112d3a6acfe5ac37d8e3
```
GraphQL introspection enabled at /graphql
Types: 84 (by kind: ENUM: 2, INPUT_OBJECT: 34, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: dummy, getSlide, prophetVideo, prophetVideos, slides
- Mutation: Mutation | fields: addProphetVideo, createSlide, deleteSlide, dummy, signS3
- Subscription: Subscription | fields: dummy
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-11-24 03:48
  
  84.1 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api-dev.daowakanda.org
Port: 443
URL: https://api-dev.daowakanda.org

First seen 2025-10-17 00:51
Last seen 2025-11-23 15:59
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-11-23 15:59
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: artup-api.maisonart.com
Port: 443
URL: https://artup-api.maisonart.com

First seen 2025-11-19 00:31
Last seen 2025-11-23 15:21
Open for 4 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39c5604e15f4f082339f69a8789ca38092fad288e

GraphQL introspection enabled at /graphql
Types: 168 (by kind: ENUM: 25, INPUT_OBJECT: 67, OBJECT: 68, SCALAR: 8)
Operations:
- Query: Query | fields: newsGet, publicViewingRoomUserGet, tagsGet, viewingRoomGet, viewingRoomGetWeb
- Mutation: Mutation | fields: refreshUserByToken, removeUser, setUserSurvey, updateOwnProfile, updateUserLimits
- Subscription: Subscription | fields: getEvents
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-23 15:21

173.8 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: devbackend.alfredsurgery.com
Port: 80
URL: http://devbackend.alfredsurgery.com

First seen 2025-11-19 02:02
Last seen 2025-11-23 14:30
Open for 4 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa376ae74d3c8f947914616b8b7428e451c344717bb

GraphQL introspection enabled at /graphql
Types: 162 (by kind: ENUM: 2, INPUT_OBJECT: 53, OBJECT: 104, SCALAR: 3)
Operations:
- Query: Query | fields: getAllEquipment, getEquipment, getEquipmentByName, getNodeEquipment, getProcedureComments
- Mutation: Mutation | fields: addEquipment, addNodeEquipment, addProcedureComment, deleteEquipment, deleteNodeEquipment
- Subscription: Subscription | fields: newProcedureNode
Directives: deprecated, include, skip (total: 3)

Found on 2025-11-23 14:30

169.2 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: auth-api.clearexpress.com
Port: 80
URL: http://auth-api.clearexpress.com

First seen 2025-10-14 18:36
Last seen 2025-11-23 03:18
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ec9da4adef8bac5c2831ffcb32cb6ee15dcb6ee15d
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /dev-api/test/user/list
GET /dev-api/test/user/{userId}
POST /dev-api/test/user/save
PUT /dev-api/test/user/update
```
  Found on 2025-11-23 03:18
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.polizeiticker.at
Port: 443
URL: https://www.polizeiticker.at

First seen 2025-11-16 02:45
Last seen 2025-11-22 19:31
Open for 6 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-11-22 19:31
  
  49.4 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: poiskistini.org
Port: 443
URL: https://poiskistini.org

First seen 2025-11-21 02:48
Last seen 2025-11-22 12:56
Open for 1 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa36ed284e71cfaedd5adf5112d3a6acfe5ac37d8e3
```
GraphQL introspection enabled at /graphql
Types: 84 (by kind: ENUM: 2, INPUT_OBJECT: 34, OBJECT: 41, SCALAR: 7)
Operations:
- Query: Query | fields: dummy, getSlide, prophetVideo, prophetVideos, slides
- Mutation: Mutation | fields: addProphetVideo, createSlide, deleteSlide, dummy, signS3
- Subscription: Subscription | fields: dummy
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-11-22 12:56
  
  84.1 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-11-21 02:48
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: artup-api.maisonart.com
Port: 80
URL: http://artup-api.maisonart.com

First seen 2025-11-19 00:31
Last seen 2025-11-21 15:54
Open for 2 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa39c5604e15f4f082339f69a8789ca38092fad288e

GraphQL introspection enabled at /graphql
Types: 168 (by kind: ENUM: 25, INPUT_OBJECT: 67, OBJECT: 68, SCALAR: 8)
Operations:
- Query: Query | fields: newsGet, publicViewingRoomUserGet, tagsGet, viewingRoomGet, viewingRoomGetWeb
- Mutation: Mutation | fields: refreshUserByToken, removeUser, setUserSurvey, updateOwnProfile, updateUserLimits
- Subscription: Subscription | fields: getEvents
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-21 15:54

173.8 kBytes

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: polizeiticker.online
Port: 443
URL: https://polizeiticker.online

First seen 2025-11-08 00:32
Last seen 2025-11-16 22:53
Open for 8 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-11-16 22:53
  
  49.4 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: webservices.wiwewo.com
Port: 443
URL: https://webservices.wiwewo.com

First seen 2025-10-21 00:50
Last seen 2025-11-16 12:49
Open for 26 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2025-11-16 12:49
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: www.polizeiticker.online
Port: 80
URL: http://www.polizeiticker.online

First seen 2025-11-08 00:33
Last seen 2025-11-16 05:37
Open for 8 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3dcf784e5ff78df67421dafd0a14823aba391578b
```
GraphQL introspection enabled at /graphql
Types: 32 (by kind: ENUM: 6, OBJECT: 22, SCALAR: 4)
Operations:
- Query: Query | fields: _, article, articles, articlesByDate, articlesByRandom
- Mutation: Mutation | fields: _, setDevice, setNotifications, setReaction, setSignupUser
Directives: cacheControl, deprecated, include, skip, specifiedBy (total: 5)
```
  Found on 2025-11-16 05:37
  
  49.4 kBytes
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: imcf.bi.newsoftds.pt
Port: 80
URL: http://imcf.bi.newsoftds.pt

First seen 2025-11-13 15:37
Last seen 2025-11-14 23:28
Open for 1 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330db9381193f2403c1c779a66fd3977880732800

GraphQL introspection enabled at /graphql
Types: 56 (by kind: ENUM: 2, OBJECT: 48, SCALAR: 6)
Operations:
- Query: Query | fields: currentUser, currentUserById, hello, info, municipiosEstatisticas
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-11-14 23:28

99.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35aee7a8da59d52af3fd10a3131990b197f7925dd

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 2, OBJECT: 47, SCALAR: 6)
Operations:
- Query: Query | fields: hello, info, municipiosEstatisticas, orcamentoIndicadores, orcamentoOnlineIndicadores
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-11-13 15:37

98.1 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: imcf.bi.newsoftds.pt
Port: 443
URL: https://imcf.bi.newsoftds.pt

First seen 2025-11-13 15:37
Last seen 2025-11-14 19:54
Open for 1 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa330db9381193f2403c1c779a66fd3977880732800

GraphQL introspection enabled at /graphql
Types: 56 (by kind: ENUM: 2, OBJECT: 48, SCALAR: 6)
Operations:
- Query: Query | fields: currentUser, currentUserById, hello, info, municipiosEstatisticas
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-11-14 19:54

99.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35aee7a8da59d52af3fd10a3131990b197f7925dd

GraphQL introspection enabled at /graphql
Types: 55 (by kind: ENUM: 2, OBJECT: 47, SCALAR: 6)
Operations:
- Query: Query | fields: hello, info, municipiosEstatisticas, orcamentoIndicadores, orcamentoOnlineIndicadores
- Mutation: Mutation | fields: ping
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)

Readable stores: 0

Found on 2025-11-13 15:37

98.1 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.alrawasi.co
Port: 80
URL: http://api.alrawasi.co

First seen 2025-11-07 14:30
Last seen 2025-11-11 01:39
Open for 3 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa347624075e1b37377744ebb15458a29b3d5ceb27f

GraphQL introspection enabled at /graphql
Types: 346 (by kind: ENUM: 27, INPUT_OBJECT: 129, OBJECT: 182, SCALAR: 8)
Operations:
- Query: RootQuery | fields: _empty, account, accounts, bill, bills
- Mutation: RootMutation | fields: _empty, deleteAccount, putAccount, seedUOMConversions, seedUOMs
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-11 01:39

530.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31e56b9b91e5f0cdb0c775859c53afb5fbc24f2d3

GraphQL introspection enabled at /graphql
Types: 332 (by kind: ENUM: 27, INPUT_OBJECT: 126, OBJECT: 171, SCALAR: 8)
Operations:
- Query: RootQuery | fields: _empty, account, accounts, bill, bills
- Mutation: RootMutation | fields: _empty, deleteAccount, putAccount, seedUOMConversions, seedUOMs
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-08 23:01

475.2 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.alrawasi.co
Port: 443
URL: https://api.alrawasi.co

First seen 2025-11-07 14:30
Last seen 2025-11-11 00:08
Open for 3 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa347624075e1b37377744ebb15458a29b3d5ceb27f

GraphQL introspection enabled at /graphql
Types: 346 (by kind: ENUM: 27, INPUT_OBJECT: 129, OBJECT: 182, SCALAR: 8)
Operations:
- Query: RootQuery | fields: _empty, account, accounts, bill, bills
- Mutation: RootMutation | fields: _empty, deleteAccount, putAccount, seedUOMConversions, seedUOMs
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-11 00:08

530.6 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31e56b9b91e5f0cdb0c775859c53afb5fbc24f2d3

GraphQL introspection enabled at /graphql
Types: 332 (by kind: ENUM: 27, INPUT_OBJECT: 126, OBJECT: 171, SCALAR: 8)
Operations:
- Query: RootQuery | fields: _empty, account, accounts, bill, bills
- Mutation: RootMutation | fields: _empty, deleteAccount, putAccount, seedUOMConversions, seedUOMs
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-08 23:14

475.2 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: api.sandbox.alrawasi.co
Port: 80
URL: http://api.sandbox.alrawasi.co

First seen 2025-11-07 14:11
Last seen 2025-11-10 09:11
Open for 2 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3b8021559fd45923b0e02e2394709b67fbf54fa73

GraphQL introspection enabled at /graphql
Types: 354 (by kind: ENUM: 28, INPUT_OBJECT: 133, OBJECT: 185, SCALAR: 8)
Operations:
- Query: RootQuery | fields: _empty, account, accounts, bill, bills
- Mutation: RootMutation | fields: _empty, deleteAccount, putAccount, seedUOMConversions, seedUOMs
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-10 09:11

550.8 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa347624075e1b37377744ebb15458a29b3d5ceb27f

GraphQL introspection enabled at /graphql
Types: 346 (by kind: ENUM: 27, INPUT_OBJECT: 129, OBJECT: 182, SCALAR: 8)
Operations:
- Query: RootQuery | fields: _empty, account, accounts, bill, bills
- Mutation: RootMutation | fields: _empty, deleteAccount, putAccount, seedUOMConversions, seedUOMs
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-11-07 14:11

530.3 kBytes

Create report

Finds vulnerable Vite development environment

ViteJS development environment found and vulnerable to CVE-2025-30208

IP: 15.197.129.158
Domain: playground.herb-tools.dev
Port: 443
URL: https://playground.herb-tools.dev

First seen 2025-05-11 01:14
Last seen 2025-11-09 00:10
Open for 181 days

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32bdccca4d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=17966
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762646975990-0.9493229795780282:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-09 00:10

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f144067e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=55832
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762477448128-0.3414143137924832:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-07 01:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f322c11f9b4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=12412
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762263244572-0.08282189108533222:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-04 13:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320a11b2b8

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=28157
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1762101684766-0.7278817422712427:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-02 16:42

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e0b7cf1f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52945
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1761984124601-0.4418163024777919:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-11-01 08:01

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f323c761aa4

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=25300
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1761129211941-0.44496346010172294:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-22 10:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f322e9ca9cc

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=48847
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760957311017-0.1504209091057911:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-20 11:06

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324984acca

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=13717
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760783594526-0.8929851590290785:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-18 11:03

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f325ea592ae

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32614
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760605795622-0.7972135487373508:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-16 09:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3217b11bc6

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=55886
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760255630274-0.765197376722722:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-12 07:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f327943a829

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=35294
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1760077300993-0.6237080098913683:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-10 06:21

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3269986d22

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=8340
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1759907128294-0.1746605708459028:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-08 07:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3289dc9627

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=41112
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1759733049065-0.11203661386252617:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-06 06:43

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32aa0384b5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=31770
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1759391943743-0.2091324920096389:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-10-02 07:58

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3285822eed

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=33565
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1758409746306-0.07753118028338024:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-20 23:33

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32666524c5

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=15069
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1758224300714-0.8241412677953228:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-18 19:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32b7f0ed9c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42602
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1758052787396-0.6458863332265752:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-16 19:59

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32641a7679

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52254
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757737810306-0.13843357872619833:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-13 04:30

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f4048c97

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=10541
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757531965536-0.6396828785082138:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-10 21:55

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3298542bdb

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=47250
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757380073188-0.675452065947028:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-09 01:09

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d4f1070f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42489
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757209991547-0.9981917212174178:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-07 01:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f9dc0e21

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=16992
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1757060809634-0.42495642231935826:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-05 08:52

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f326bb49684

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=43645
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756901080218-0.32635773380056454:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-03 12:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3209c5984a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=19584
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756754287615-0.07483222407228052:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-09-01 19:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32616e9c70

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=52993
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1756386522402-0.30905570739298827:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-08-28 13:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f328557b75f

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=6584
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751758914937-0.7885943937150135:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-06 10:32

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32beefe917

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=47065
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751583821151-0.7108472876575533:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-04 07:14

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d16c7996

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=48527
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751496018396-0.5279805001771292:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-03 03:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3253e14cec

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32666
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1751320505719-0.28156873913336766:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-07-01 02:25

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f329fda0b01

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=57336
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750880779299-0.5028223843687956:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-26 12:49

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d5b9d254

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=22804
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750703017961-0.016424100377768536:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-24 06:08

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3203a7e622

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=58629
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750527671613-0.556973213591103:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-22 06:49

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3292b2ae0a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=26884
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750351930724-0.9846237639757578:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-20 06:17

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32a72ba4ae

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=32912
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1750049529225-0.14310143415260024:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-16 10:47

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32acc9be67

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=44461
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749697278375-0.8682073729675419:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-13 01:31

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320f1d3c38

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=30370
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749520089745-0.20015026062714458:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-10 23:02

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32ececf236

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=27251
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1749344685556-0.26341538004616893:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-08 14:22

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324a75a10d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=8585
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748993972296-0.8284922067309226:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-04 13:40

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32b4f0a410

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=45300
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748817431030-0.8859293944818369:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-02 19:48

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32309be019

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4095
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748729386609-0.1666518693038448:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-06-01 12:53

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f324949c47a

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=4685
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748552944615-0.9399623803540622:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-30 12:38

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3215fd2c3e

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=42858
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748378393008-0.5172547923060653:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-28 18:50

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f3231e6279c

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=38302
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748289107865-0.42781601896659494:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-26 20:32

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32fc42ed16

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=38663
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1748026788011-0.956471402828583:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-24 14:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32d6a7b2d2

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=10070
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747850897904-0.6479687899093982:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-22 13:37

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f320283cd23

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=14630
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747674550231-0.3341354391322575:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-20 15:20

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f323ff1db54

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=9288
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747587192770-0.39392526778036085:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-18 18:24

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32f18f6821

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=34707
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747322270160-0.6522856430421207:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-16 14:14

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32e66b019d

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=54477
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1747060071423-0.8300618024340567:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-13 01:04

Severity: critical
Fingerprint: ebb688b314690472074e858154d682968e092245270d55e900b26f32290abc25

Found vulnerable ViteJS development environment:
Affected by CVE-2025-30208
Environment:
npm_package_devDependencies__types_node=^20.10.5
npm_config_version_commit_hooks=true
npm_config_user_agent=yarn/1.22.22 npm/? node/v22.11.0 linux x64
npm_config_bin_links=true
npm_node_execpath=/app/bin/node
npm_config_init_version=1.0.0
SHLVL=0
DISABLE_SPRING=1
npm_package_devDependencies__types_express=^4.17.21
PORT=5020
HOME=/app
OLDPWD=/app
npm_config_init_license=MIT
YARN_WRAP_OUTPUT=false
npm_config_version_tag_prefix=v
PS1=\\[\\033[01;34m\\]\\w\\[\\033[00m\\] \\[\\033[01;32m\\]$ \\[\\033[00m\\]
npm_package_scripts_serve=vite serve --host
BUNDLE_WITHOUT=development:test
npm_package_devDependencies_typescript=^5.8.2
COREPACK_ENABLE_DOWNLOAD_PROMPT=0
npm_package_dependencies_prismjs=^1.29.0
npm_package_scripts_dev=vite dev
npm_package_type=module
BUNDLE_BIN=vendor/bundle/bin
_=/app/vendor/yarn-v1.22.22/bin/yarn
npm_package_dependencies_express=^4.20.0
npm_package_private=true
WEB_CONCURRENCY=1
npm_config_registry=https://registry.yarnpkg.com
npm_package_dependencies_prism_esm=^1.29.0-fix.6
npm_config_ignore_scripts=
COREPACK_HOME=/app/.heroku/corepack
PATH=/tmp/yarn--1746883323811-0.9689532224850292:/app/playground/node_modules/.bin:/app/.config/yarn/link/node_modules/.bin:/app/node_modules/.bin:/app/.yarn/bin:/app/libexec/lib/node_modules/npm/bin/node-gyp-bin:/app/lib/node_modules/npm/bin/node-gyp-bin:/app/bin/node_modules/npm/bin/node-gyp-bin:/app/vendor/yarn-v1.22.22/bin/:/app/bin:/app/vendor/bundle/bin:/app/vendor/bundle/ruby/3.1.0/bin:/app/.heroku/node/bin:/app/.heroku/yarn/bin:/usr/local/bin:/usr/bin:/bin:/app/bin:/app/node_modules/.bin
NODE=/app/bin/node
npm_package_name=@herb-tools/playground
BUNDLE_DEPLOYMENT=1
BUNDLE_PATH=vendor/bundle
npm_package_dependencies_dedent=^1.5.1
MEMORY_AVAILABLE=512
NODE_HOME=/app/.heroku/node
LANG=en_US.UTF-8
npm_lifecycle_script=vite serve --host
npm_package_dependencies__herb_tools_browser=^0.0.0
npm_package_dependencies__herb_tools_node=^0.0.0
npm_config_version_git_message=v%s
npm_lifecycle_event=serve
npm_package_version=0.0.0
npm_config_argv={\"remain\":[],\"cooked\":[\"run\",\"serve\"],\"original\":[\"serve\"]}
npm_package_scripts_build=vite build
npm_package_dependencies_vite=^6.2.1
npm_package_dependencies__hotwired_stimulus=^3.2.2
npm_config_version_git_tag=true
npm_config_version_git_sign=
npm_package_dependencies_lz_string=^1.5.0
npm_config_strict_ssl=true
npm_package_dependencies__alenaksu_json_viewer=^2.0.1
MALLOC_ARENA_MAX=2
PWD=/app/playground
GEM_PATH=/app/vendor/bundle/ruby/3.1.0:
npm_execpath=/app/vendor/yarn-v1.22.22/bin/yarn.js
npm_config_save_prefix=^
npm_config_ignore_optional=
npm_package_dependencies_light_pen=^4.2.5
npm_package_dependencies_element_internals_polyfill=^3.0.1
npm_package_scripts_preview= vite preview
NODE_ENV=production
WEB_MEMORY=512
DYNO=web.1
INIT_CWD=/app/playground

Found on 2025-05-11 01:14

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: flyga.xyz
Port: 443
URL: https://flyga.xyz

First seen 2025-10-18 03:43
Last seen 2025-10-22 15:22
Open for 4 days

Severity: medium
Fingerprint: c2db3a1c40d490db84e0e35012ec146f8ca75f3d96f610ddcdd11dda6b44e76c

GraphQL introspection enabled at /api
Types: 68 (by kind: ENUM: 5, INPUT_OBJECT: 16, OBJECT: 39, SCALAR: 8)
Operations:
- Query: RootQueryType | fields: calculateCost, calculateItemisedCost, currentBooking, currentOrganisations, currentUser
- Mutation: RootMutationType | fields: createAccount, createAvailability, createBooking, createExtra, createPaymentIntent
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2025-10-22 15:22

113.0 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: webservices.wiwewo.com
Port: 80
URL: http://webservices.wiwewo.com

First seen 2025-10-21 00:50
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2025-10-21 00:50
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.ftmfxpro.com
Port: 80
URL: http://api.ftmfxpro.com

First seen 2025-10-15 06:25
Last seen 2025-10-18 17:52
Open for 3 days

Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
Found on 2025-10-18 17:52

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5727e04f7562e519d1237e0a3efdcf44985722e07

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
DELETE /v1/contracts/{hash}
DELETE /v1/orders/{hash}
DELETE /v1/robots/{hash}
GET /v1/actives
GET /v1/actives/{ativoId}
GET /v1/asset-history
GET /v1/cities
GET /v1/cities/{cidadeId}
GET /v1/contracts
GET /v1/contracts/{contratoId}
GET /v1/grupos
GET /v1/grupos/{grupoId}
GET /v1/grupos/{grupoId}/permissoes
GET /v1/investments
GET /v1/markets
GET /v1/markets/sse
GET /v1/markets/{symbols}
GET /v1/news
GET /v1/operations
GET /v1/orders
GET /v1/orders/total-operations
GET /v1/orders/{hash}/hash
GET /v1/orders/{ordemId}
GET /v1/permissoes
GET /v1/professions
GET /v1/quotas
GET /v1/quotas/{parcelaId}
GET /v1/releases
GET /v1/releases/total-releases
GET /v1/releases/{hash}/hash
GET /v1/robots
GET /v1/robots/total-operations
GET /v1/robots/{hash}/hash
GET /v1/robots/{hash}/hash-model
GET /v1/states
GET /v1/states/{estadoId}
GET /v1/tokens
GET /v1/users
GET /v1/users/brokers
GET /v1/users/full
GET /v1/users/{hash}/annotation
GET /v1/users/{hash}/balance
GET /v1/users/{hash}/balances
GET /v1/users/{hash}/hash
GET /v1/users/{hash}/password-decrypted
GET /v1/users/{usuarioId}
GET /v1/users/{usuarioId}/photo
GET /v1/users/{usuarioId}/photo/{tipoFoto}
GET /v1/usuarios/{usuarioId}/grupos
POST /v1/releases/{accessKey}
POST /v1/users/home-created
POST /v1/users/{accessKey}
PUT /v1/actives/{id}
PUT /v1/contracts/{hash}/sign
PUT /v1/contracts/{id}
PUT /v1/grupos/{grupoId}/permissoes/{permissaoId}
PUT /v1/orders/{hash}/close
PUT /v1/orders/{hash}/crash-operation
PUT /v1/quotas/{parcelaId}/paid
PUT /v1/releases/{lancamentoHash}
PUT /v1/releases/{lancamentoHash}/authorized
PUT /v1/releases/{lancamentoHash}/canceled
PUT /v1/releases/{lancamentoHash}/confirmed
PUT /v1/robots/{hash}/allow-transfer
PUT /v1/robots/{hash}/transfer-balance
PUT /v1/users/reset-password/{email}
PUT /v1/users/{hash}/logged-in
PUT /v1/users/{usuarioId}/allow-transfer
PUT /v1/users/{usuarioId}/close-order-allowed
PUT /v1/users/{usuarioId}/demo-balance
PUT /v1/users/{usuarioId}/open-order-allowed
PUT /v1/users/{usuarioId}/score
PUT /v1/users/{usuarioId}/senha
PUT /v1/usuarios/{usuarioId}/grupos/{grupoId}

Found on 2025-10-17 10:01

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: onion-automations.elpassion.com
Port: 80
URL: http://onion-automations.elpassion.com

First seen 2025-05-26 01:47
Last seen 2025-09-16 20:34
Open for 113 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642f079f9265f554ed45f554ed45f554ed4
```
Found 2 files trough .DS_Store spidering:

/favicon.ico
/robots.txt
```
  Found on 2025-09-16 20:34
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: touterrain.com
Port: 80
URL: http://touterrain.com

First seen 2025-08-03 08:45
Last seen 2025-08-24 18:13
Open for 21 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d49d7343549d7343549d7343549d73435
```
Found 1 files trough .DS_Store spidering:

/android
```
  Found on 2025-08-24 18:13
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.termofix.no
Port: 443
URL: https://www.termofix.no

First seen 2025-03-15 15:40
Last seen 2025-08-06 08:54
Open for 143 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d89a8fd6d89a8fd6d89a8fd6d89a8fd6d
```
Found 1 files trough .DS_Store spidering:

/img
```
  Found on 2025-08-06 08:54
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.croydonpharmacyfirst.co.uk
Port: 443
URL: https://www.croydonpharmacyfirst.co.uk

First seen 2025-06-23 01:08
Last seen 2025-07-12 16:34
Open for 19 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772d7968b8202fdb44b5e84be943facb2a4
```
Found 11 files trough .DS_Store spidering:

/db.sqlite3
/manage.py
/node_modules
/package-lock.json
/package.json
/pharmacy_first
/pharmacyfirst_app
/README.md
/static
/tailwind.config.js
/templates
```
  Found on 2025-07-12 16:34
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.vieevents.com
Port: 443
URL: https://www.vieevents.com

First seen 2024-11-03 19:57
Last seen 2025-07-03 00:13
Open for 241 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c2f72f5fb2f72f5fbe1a0fa9712cb699b2195464cc8e66ca1

Found 65 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/css
/favicon.ico
/files
/fonts
/images
/images/blog-1.jpg
/images/blog-2.jpg
/images/bride.jpg
/images/couple-1.jpg
/images/couple-2.jpg
/images/couple-3.jpg
/images/cover_bg_1.jpg
/images/cover_bg_3.jpg
/images/gallery-1.jpg
/images/gallery-2.jpg
/images/gallery-3.jpg
/images/gallery-4.jpg
/images/gallery-5.jpg
/images/gallery-6.jpg
/images/gallery-7.jpg
/images/gallery-8.jpg
/images/gallery-9.jpg
/images/groom.jpg
/images/img_bg_1.jpg
/images/img_bg_2.jpg
/images/img_bg_3.jpg
/images/img_bg_4.jpg
/images/img_bg_5.jpg
/images/jordan2.png
/images/loader.gif
/images/loc.png
/images/marriot.jpg
/images/oranges-up.png
/images/ort.png
/images/portfolio-1.jpg
/images/portfolio-2.jpg
/images/portfolio-3.jpg
/images/portfolio-4.jpg
/images/portfolio-5.jpg
/images/portfolio-6.jpg
/images/portfolio-7.jpg
/images/portfolio-8.jpg
/images/sage.jpg
/images/user-3.jpg
/images/vieevents.png
/images/vieevents2.jpg
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass

Found on 2025-07-03 00:13

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf02ae0625d00646fe264596b83fc65bb831

Found 24 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/css
/favicon.ico
/files
/fonts
/images
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass

Found on 2025-02-08 15:58

Severity: low
Fingerprint: 5f32cf5d6962f09cae99eea9ae99eea98b7246811e07f3d9ca24076e17100a76

Found 23 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/css
/favicon.ico
/fonts
/images
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass

Found on 2025-01-07 03:24

Severity: low
Fingerprint: 5f32cf5d6962f09c7c3d3e457c3d3e4550baf06ddb2a17add87b7b3aa6a24ef1

Found 30 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/about.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/contact.html
/css
/fares-nadeen
/favicon.ico
/fonts
/gallery.html
/images
/index.html
/js
/js/.DS_Store
/js/bootstrap.min.js
/js/google_map.js
/js/jquery.easing.1.3.js
/js/jquery.easypiechart.min.js
/js/jquery.min.js
/js/jquery.stellar.min.js
/js/jquery.waypoints.min.js
/js/main.js
/js/modernizr-2.6.2.min.js
/js/respond.min.js
/ReadMe.md
/robots.txt
/sass
/services.html

Found on 2025-01-04 17:59

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a089d5148465195bedeef77f715d0509b

Found 19 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/fares-nadeen
/fares-nadeen/about.html
/fares-nadeen/contact.html
/fares-nadeen/css
/fares-nadeen/fonts
/fares-nadeen/gallery.html
/fares-nadeen/images
/fares-nadeen/index.html
/fares-nadeen/js
/fares-nadeen/ReadMe.md
/fares-nadeen/sass
/fares-nadeen/services.html
/favicon.ico
/robots.txt

Found on 2024-11-08 06:17

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.2.43.161
Domain: streamerxsolla.megamod.io
Port: 80
URL: http://streamerxsolla.megamod.io

First seen 2025-03-17 02:57
Last seen 2025-06-22 15:03
Open for 97 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a89f920624

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts/BetterSpace
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers

Found on 2025-06-22 15:03

Severity: medium
Fingerprint: 5f32cf5d6962f09c2d9d96002d9d96000b44dfed0950dced55c512c37c4a0723

Found 109 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-06-20 16:33

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8314e45cd

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages

Found on 2025-06-16 19:54

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a83d90574f

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj

Found on 2025-06-14 08:15

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8c26aabd9

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj

Found on 2025-06-10 10:22

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a85a3a1651

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile

Found on 2025-06-05 10:41

Severity: medium
Fingerprint: 5f32cf5d6962f09c9be405db9be405dbb26421fc39c2607a044bd3bcaacc1aa1

Found 111 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-05-29 01:09

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8ccc38785

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/Core
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/DataModels
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/OwnServer
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts/XsollaLoginServer
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services/UserAuth/AuthProvider
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI/RestAPICoroutines
/Assets/Core/Scripts/RestAPI/RestAPICoroutines/Scripts
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta

Found on 2025-05-19 03:31

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a84bb890d6

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI

Found on 2025-05-16 07:43

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a82f0d4222

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta

Found on 2025-05-13 01:42

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b45963a4298ea6890982d8a2e798ce9038

Found 40 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-28 15:53

Severity: medium
Fingerprint: 5f32cf5d6962f09ce9dbcc92e9dbcc92e5d40b37cf0cb9a39c1f251938b9b302

Found 60 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-04-26 13:44

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a81e2abcc3

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates

Found on 2025-04-13 08:38

Severity: medium
Fingerprint: 5f32cf5d6962f09c8c9af8b78c9af8b712656bb0af947fae7f5699a8beefef87

Found 128 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources/Auth
/Assets/Core/Resources/Auth.meta
/Assets/Core/Resources/FPS
/Assets/Core/Resources/FPS.meta
/Assets/Core/Resources/Helpers
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab
/Assets/Core/Resources/Helpers/BuildVersionDisplay.prefab.meta
/Assets/Core/Resources/Helpers.meta
/Assets/Core/Resources/UI
/Assets/Core/Resources/UI.meta
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts/BuildVersionService
/Assets/Core/Scripts/BuildVersionService.meta
/Assets/Core/Scripts/Constants
/Assets/Core/Scripts/Constants.meta
/Assets/Core/Scripts/CookiesService
/Assets/Core/Scripts/CookiesService.meta
/Assets/Core/Scripts/EditorHelpers
/Assets/Core/Scripts/EditorHelpers/Editor
/Assets/Core/Scripts/EditorHelpers/Editor/BuildProcessors
/Assets/Core/Scripts/EditorHelpers/Editor.meta
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs
/Assets/Core/Scripts/EditorHelpers/EditorWindowUtility.cs.meta
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs
/Assets/Core/Scripts/EditorHelpers/ReadOnlyAttribute.cs.meta
/Assets/Core/Scripts/EditorHelpers.meta
/Assets/Core/Scripts/GameConfigs
/Assets/Core/Scripts/GameConfigs.meta
/Assets/Core/Scripts/Helpers
/Assets/Core/Scripts/Helpers/AppInfo
/Assets/Core/Scripts/Helpers/AppInfo.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs
/Assets/Core/Scripts/Helpers/BuildVersionDisplay/BuildVersionDisplay.cs.meta
/Assets/Core/Scripts/Helpers/BuildVersionDisplay.meta
/Assets/Core/Scripts/Helpers/EditorHelpers
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/Core
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Input
/Assets/Core/Scripts/Helpers/EditorHelpers/UnityBuilderAction/WebGL/Reporting
/Assets/Core/Scripts/Helpers/FPS
/Assets/Core/Scripts/Helpers/FPS.meta
/Assets/Core/Scripts/Helpers/JSManager
/Assets/Core/Scripts/Helpers/JSManager.meta
/Assets/Core/Scripts/Helpers/JWT
/Assets/Core/Scripts/Helpers/JWT.meta
/Assets/Core/Scripts/Helpers/ScriptableObjects
/Assets/Core/Scripts/Helpers/ScriptableObjects.meta
/Assets/Core/Scripts/Helpers/UI
/Assets/Core/Scripts/Helpers/UI.meta
/Assets/Core/Scripts/Helpers/UriHelper.meta
/Assets/Core/Scripts/Helpers.meta
/Assets/Core/Scripts/Infrastracture
/Assets/Core/Scripts/Infrastracture/Services
/Assets/Core/Scripts/Infrastracture/Services/AssetProviderService
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner
/Assets/Core/Scripts/Infrastracture/Services/CoroutineRunner/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/FactoryService
/Assets/Core/Scripts/Infrastracture/Services/Interfaces
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI
/Assets/Core/Scripts/Infrastracture/Services/ServerAPI/Scripts
/Assets/Core/Scripts/Infrastracture/Services/UserAuth
/Assets/Core/Scripts/Infrastracture/Services.meta
/Assets/Core/Scripts/Infrastracture.meta
/Assets/Core/Scripts/PlayerInfo
/Assets/Core/Scripts/PlayerInfo.meta
/Assets/Core/Scripts/RestAPI
/Assets/Core/Scripts/RestAPI.meta
/Assets/Core/Scripts/Servers
/Assets/Core/Scripts/Servers.meta
/Assets/Core/Scripts/UI
/Assets/Core/Scripts/UI.meta
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween

Found on 2025-03-19 03:16

Severity: medium
Fingerprint: 5f32cf5d6962f09cf118c228f118c22849679815956769a5a7f96c1b552aadf3

Found 101 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Plugins.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scenes.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste/Scripts.meta
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-18 22:25

Severity: medium
Fingerprint: 5f32cf5d6962f09c1e3ea8c61e3ea8c6c45b51c3300c3a5fd8ea82ad3c9eb8f5

Found 86 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Severity: medium
Fingerprint: 5f32cf5d6962f09c62fb79d662fb79d63efa9d5349fc816fd551b8bdcf203100

Found 95 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste
/Assets/Core/Plugins/WebGLSupport/WebGLCopyAndPaste.meta
/Assets/Core/Plugins/WebGLSupport/WebGLInput
/Assets/Core/Plugins/WebGLSupport/WebGLInput.meta
/Assets/Core/Plugins/WebGLSupport/WebGLWindow
/Assets/Core/Plugins/WebGLSupport/WebGLWindow.meta
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Severity: medium
Fingerprint: 5f32cf5d6962f09cdc8bf8eddc8bf8ed846db9e63e212be0171ec38af1abdf56

Found 89 files trough .DS_Store spidering:

/.git
/.gitattributes
/.github
/.gitignore
/.idea
/.vscode
/AdminPanel.sln
/Assembly-CSharp-Editor.csproj
/Assembly-CSharp.csproj
/Assets
/Assets/AddressableAssetsData
/Assets/AddressableAssetsData.meta
/Assets/Core
/Assets/Core/Plugins
/Assets/Core/Plugins/FirebaseWebGL
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt
/Assets/Core/Plugins/FirebaseWebGL/Documentation.txt.meta
/Assets/Core/Plugins/FirebaseWebGL/Examples
/Assets/Core/Plugins/FirebaseWebGL/Examples.meta
/Assets/Core/Plugins/FirebaseWebGL/Plugins
/Assets/Core/Plugins/FirebaseWebGL/Plugins.meta
/Assets/Core/Plugins/FirebaseWebGL/Scripts
/Assets/Core/Plugins/FirebaseWebGL/Scripts.meta
/Assets/Core/Plugins/FirebaseWebGL.meta
/Assets/Core/Plugins/TextValidation
/Assets/Core/Plugins/TextValidation/TMPValidators
/Assets/Core/Plugins/TextValidation.meta
/Assets/Core/Plugins/WebGL
/Assets/Core/Plugins/WebGL/JSlibs
/Assets/Core/Plugins/WebGL/JSlibs.meta
/Assets/Core/Plugins/WebGL.meta
/Assets/Core/Plugins/WebGLSupport
/Assets/Core/Plugins/WebGLSupport.meta
/Assets/Core/Plugins/Xsolla
/Assets/Core/Plugins/Xsolla.meta
/Assets/Core/Plugins.meta
/Assets/Core/Resources
/Assets/Core/Resources.meta
/Assets/Core/Scripts
/Assets/Core/Scripts.meta
/Assets/Core/Settings
/Assets/Core/Settings.meta
/Assets/Core.meta
/Assets/DOTween
/Assets/DOTween.meta
/Assets/Inter
/Assets/Inter.meta
/Assets/Plugins
/Assets/Plugins.meta
/Assets/Resources
/Assets/Resources.meta
/Assets/Scenes
/Assets/Scenes.meta
/Assets/TextMesh Pro
/Assets/TextMesh Pro.meta
/Assets/UI
/Assets/UI.meta
/Assets/WebGLTemplates
/Assets/WebGLTemplates.meta
/config
/Dockerfile
/FullSerializer.Core.csproj
/FullSerializer.Editor.csproj
/heroku.yaml
/Library
/Logs
/nginx.conf
/OnlySpace.AssetProvider.csproj
/OnlySpace.CoroutineRunner.csproj
/OnlySpace.RestAPI.Core.Coroutines.csproj
/OnlySpace.RestApi.Core.csproj
/OnlySpace.RestAPI.Core.UniTasks.csproj
/OnlySpace.RestAPI.Coroutines.BetterSpace.csproj
/OnlySpace.RestAPI.UniTasks.BetterSpace.csproj
/OnlySpace.Services.CookiesService.csproj
/OnlySpace.Services.Interfaces.csproj
/OnlySpace.Services.UserAuth.LoginMethod.csproj
/OnlySpace.VoxelGenerator.Constants.csproj
/OnlySpace.VoxelGenerator.Helpers.JWTHelper.csproj
/OnlySpace.VoxelGenerator.Helpers.PlayerInfo.csproj
/OnlySpace.VoxelGenerator.Helpers.ScriptableObjects.csproj
/OnlySpace.VoxelGenerator.Helpers.UriHelper.csproj
/OnlySpace.VoxelGenerator.ServerAPI.csproj
/Packages
/ProjectSettings
/Rotolonico.FirebaseWebGL.Core.csproj
/Rotolonico.FirebaseWebGL.Examples.csproj
/Temp
/UserSettings

Found on 2025-03-17 02:57

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.avtostop.mk
Port: 443
URL: https://www.avtostop.mk

First seen 2024-12-27 00:12
Last seen 2025-06-22 11:08
Open for 177 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d325beceb325beceb325beceb325beceb
```
Found 1 files trough .DS_Store spidering:

/assets
```
  Found on 2025-06-22 11:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 99.83.217.1
Domain: www.talflow.ai
Port: 80
URL: http://www.talflow.ai

First seen 2025-05-23 04:35
Last seen 2025-05-27 04:09
Open for 3 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c4239b3d84239b3d820452ce2850033c472714291bbf47a53
```
Found 8 files trough .DS_Store spidering:

/404.html
/422.html
/500.html
/apple-touch-icon-precomposed.png
/apple-touch-icon.png
/downloads
/favicon.ico
/robots.txt
```
  Found on 2025-05-27 04:09
Create report

Open service 99.83.217.1:80 · www.rdbtri.com

2026-01-12 06:04

HTTP/1.1 302 Found
Content-Length: 45
Content-Type: text/plain; charset=utf-8
Date: Mon, 12 Jan 2026 06:05:50 GMT
Location: https://www.rdbtri.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=cnw%2B2fpfOh%2Bol4VWK2AHnViFlBiYR%2FLHEDUGf84PQFY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768197950"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=cnw%2B2fpfOh%2Bol4VWK2AHnViFlBiYR%2FLHEDUGf84PQFY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1768197950"
Server: Heroku
Vary: Accept
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Found. Redirecting to https://www.rdbtri.com/

Found 10 minutes ago by HttpPlugin

Host 99.83.217.1

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Finds vulnerable Vite development environment

Finds vulnerable Vite development environment

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Symfony developement panel enabled