LeakIX - Host api-dev.containeralliance.com

Domain api-dev.containeralliance.com

United States

AMAZON-02

Software information

Heroku

tcp/443

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 35.71.145.101
Domain: api-dev.containeralliance.com
Port: 443
URL: https://api-dev.containeralliance.com

First seen 2025-12-05 00:47
Last seen 2026-01-02 06:49
Open for 28 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3610fd47530f94f77de1d8a433e4b64c2ca6072d2
```
GraphQL introspection enabled at /graphql
Types: 290 (by kind: ENUM: 2, INPUT_OBJECT: 59, INTERFACE: 1, OBJECT: 217, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: address, addresses, adminDashboard, areaSubscription, areaSubscriptions
- Mutation: Mutation | fields: addOrderBillingAddress, authGmail, cloneOrder, closeLead, createAddress
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 06:49
  
  440.5 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-12-07 12:31
Create report

Open service 35.71.145.101:443 · api-dev.containeralliance.com

2026-01-09 06:09

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"5aacfc2e230f07c39e8c8d2383f2f7d7"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=k3fSD7KBmRRDvwkzYRTyzHbDD9fBx4VHb97zewC5ewk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767938976"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=k3fSD7KBmRRDvwkzYRTyzHbDD9fBx4VHb97zewC5ewk%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767938976"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=bc50d410-d4a9-41b8-8cb2-62391adecaff; path=/; expires=Sun, 09 Jan 2028 06:09:36 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=b7438ca0-8d1c-4b3a-8e9c-4eaae7df8a16; path=/; expires=Fri, 09 Jan 2026 10:09:36 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 402cefa1-3407-5619-68c3-59e3a2d10cd0
X-Runtime: 0.005113
X-Xss-Protection: 1; mode=block
Date: Fri, 09 Jan 2026 06:09:36 GMT
Content-Length: 35
Connection: close


{"time":"2026-01-09T06:09:36.584Z"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 35.71.145.101:443 · api-dev.containeralliance.com

2026-01-02 06:49

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"6286198f178abcbeb63b4147562390c1"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=9wEWZ%2FeBTZzphZvaOjLy%2Bb1FbLb9rgdDCIuGXrZf%2BLY%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767336561"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=9wEWZ%2FeBTZzphZvaOjLy%2Bb1FbLb9rgdDCIuGXrZf%2BLY%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767336561"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=ea1508b5-673f-4825-a6f6-ce9755f3b766; path=/; expires=Sun, 02 Jan 2028 06:49:21 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=aa7b9878-5961-4097-868a-5a982a4b3a1c; path=/; expires=Fri, 02 Jan 2026 10:49:21 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 4cee24c5-2487-4612-1480-d3dcec78e795
X-Runtime: 0.006216
X-Xss-Protection: 1; mode=block
Date: Fri, 02 Jan 2026 06:49:21 GMT
Content-Length: 35
Connection: close


{"time":"2026-01-02T06:49:21.381Z"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 35.71.145.101:443 · api-dev.containeralliance.com

2025-12-30 10:13

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"6b95dc494196a31240debbff522cc4b9"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=30hCS1ZFS%2BsSpBBNnA0MK90wbqRjC%2FAgsVD%2BMGEtJcA%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767089604"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=30hCS1ZFS%2BsSpBBNnA0MK90wbqRjC%2FAgsVD%2BMGEtJcA%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767089604"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=bd63f4c0-2778-4c8a-987e-ea617a7501c2; path=/; expires=Thu, 30 Dec 2027 10:13:24 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=38e15b45-f435-40a9-8066-da97482335aa; path=/; expires=Tue, 30 Dec 2025 14:13:24 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: cd2e0ef7-cb9a-2931-45ac-935a35cc2f04
X-Runtime: 0.007387
X-Xss-Protection: 1; mode=block
Date: Tue, 30 Dec 2025 10:13:24 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-30T10:13:24.228Z"}

Found 2025-12-30 by HttpPlugin

Create report

Open service 35.71.145.101:443 · api-dev.containeralliance.com

2025-12-23 06:10

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"97a331baeb0d17405093ee5c0df81239"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=7D1H8JywESs9rbf6EgELsKCIySeRzmm3q%2FALjd4yHlY%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766470202"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=7D1H8JywESs9rbf6EgELsKCIySeRzmm3q%2FALjd4yHlY%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766470202"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=a6e47352-def4-455b-a3a0-cf860898e4ca; path=/; expires=Thu, 23 Dec 2027 06:10:02 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=7b4307a6-b302-4eeb-b6ae-ddf73af968ec; path=/; expires=Tue, 23 Dec 2025 10:10:02 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 05c8899e-ef59-7be9-7601-a3285923d399
X-Runtime: 0.006186
X-Xss-Protection: 1; mode=block
Date: Tue, 23 Dec 2025 06:10:02 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-23T06:10:02.779Z"}

Found 2025-12-23 by HttpPlugin

Create report

Open service 35.71.145.101:443 · api-dev.containeralliance.com

2025-12-21 03:15

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"89e94dc27d2b65b1c1297599cbb4be13"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=XYb2gDr0kni1e%2BKLnExlkV0tEhyWp%2BgBLhCT6kxj5nI%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766286920"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=XYb2gDr0kni1e%2BKLnExlkV0tEhyWp%2BgBLhCT6kxj5nI%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766286920"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=53403f53-de62-4084-afd5-499caff2ca32; path=/; expires=Tue, 21 Dec 2027 03:15:20 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=284e7daa-01c0-4c49-bb83-03474f513ec3; path=/; expires=Sun, 21 Dec 2025 07:15:20 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 7455e965-7f5e-d086-9dc4-30d2fe2d60b3
X-Runtime: 0.004728
X-Xss-Protection: 1; mode=block
Date: Sun, 21 Dec 2025 03:15:20 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-21T03:15:20.038Z"}

Found 2025-12-21 by HttpPlugin

Create report

Open service 35.71.145.101:443 · api-dev.containeralliance.com

2025-12-19 05:21

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"fc866afd448ba44686d5069c62506dcc"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wcrMxKe%2Fkn2YT8NB57Jsqk%2FyQvzXQE2C3%2F%2FAOtXHXzY%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766121702"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wcrMxKe%2Fkn2YT8NB57Jsqk%2FyQvzXQE2C3%2F%2FAOtXHXzY%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766121702"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=4c1706ca-533a-47c3-9a68-01f5b911674e; path=/; expires=Sun, 19 Dec 2027 05:21:42 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=8e19b791-6779-483e-9f2c-bc98d07dfae0; path=/; expires=Fri, 19 Dec 2025 09:21:42 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 0802954e-5166-c1e7-ef91-b97416012653
X-Runtime: 0.004714
X-Xss-Protection: 1; mode=block
Date: Fri, 19 Dec 2025 05:21:42 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-19T05:21:42.457Z"}

Found 2025-12-19 by HttpPlugin

Create report

api-dev.containeralliance.com

Fingerprint:

9bfef95d3837a4b8babf1755e29fe7f70e74003ed84e053025878d7737e82275

CN:

api-dev.containeralliance.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-04 23:48

Not after:

2026-03-04 23:48

Domain summary

api-dev.containeralliance.com 7

1 recorded

IP summary

35.71.145.101 2 99.83.151.71 1

2 recorded

Domain api-dev.containeralliance.com

United States

Software information

GraphQL introspection is enabled.

Create report

Create report

Create report

Create report

Create report

Create report

api-dev.containeralliance.com

Domain summary

IP summary