LeakIX - Host api-staging.containeralliance.com

Domain api-staging.containeralliance.com

United States

AMAZON-02

Software information

Heroku

tcp/443

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 75.2.97.79
Domain: api-staging.containeralliance.com
Port: 443
URL: https://api-staging.containeralliance.com

First seen 2025-11-17 01:26
Last seen 2026-01-01 22:04
Open for 45 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3610fd47530f94f77de1d8a433e4b64c2ca6072d2
```
GraphQL introspection enabled at /graphql
Types: 290 (by kind: ENUM: 2, INPUT_OBJECT: 59, INTERFACE: 1, OBJECT: 217, SCALAR: 8, UNION: 3)
Operations:
- Query: Query | fields: address, addresses, adminDashboard, areaSubscription, areaSubscriptions
- Mutation: Mutation | fields: addOrderBillingAddress, authGmail, cloneOrder, closeLead, createAddress
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-01 22:04
  
  440.5 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-12-10 07:04
Create report

Open service 75.2.97.79:443 · api-staging.containeralliance.com

2026-01-08 23:32

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"1171e230935f5b8f9ae69540b9ab2c15"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=UV12nh4y6QJ7b2qnFUgLoqp5WdIVQk9Hl5EnOUg%2FuqA%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767915123"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=UV12nh4y6QJ7b2qnFUgLoqp5WdIVQk9Hl5EnOUg%2FuqA%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767915123"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=08451ff7-71e9-41a8-a8d4-862b58d8acc0; path=/; expires=Sat, 08 Jan 2028 23:32:03 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=10790950-77e1-4300-9f30-acefb2c72572; path=/; expires=Fri, 09 Jan 2026 03:32:03 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: f7f32b7b-6cb8-26f1-def8-f29912fceb7b
X-Runtime: 0.005061
X-Xss-Protection: 1; mode=block
Date: Thu, 08 Jan 2026 23:32:03 GMT
Content-Length: 35
Connection: close


{"time":"2026-01-08T23:32:03.173Z"}

Found 2026-01-08 by HttpPlugin

Create report

Open service 75.2.97.79:443 · api-staging.containeralliance.com

2026-01-01 22:04

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"85190123dccc95c684f56d9124912838"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=qPJNw70SVkeUcvXZrNvCEzlu8ujBeVB43n4HT5Zfqf0%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767305090"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=qPJNw70SVkeUcvXZrNvCEzlu8ujBeVB43n4HT5Zfqf0%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767305090"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=f9afd91c-9cc9-4a00-a0c2-3704a660eabd; path=/; expires=Sat, 01 Jan 2028 22:04:50 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=4a3fb166-ae8c-46bb-9665-130f2c845250; path=/; expires=Fri, 02 Jan 2026 02:04:50 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: e464019c-8062-eeb0-3ab3-ba4eae1e08ca
X-Runtime: 0.011330
X-Xss-Protection: 1; mode=block
Date: Thu, 01 Jan 2026 22:04:50 GMT
Content-Length: 35
Connection: close


{"time":"2026-01-01T22:04:50.841Z"}

Found 2026-01-01 by HttpPlugin

Create report

Open service 75.2.97.79:443 · api-staging.containeralliance.com

2025-12-30 06:27

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"8471a423d72d83f0479f4ac90aba0ceb"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=YTyBxFzCJkutoEBnlwvtMx%2BeOJGHLJwuYW3O8PsoffI%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767076037"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=YTyBxFzCJkutoEBnlwvtMx%2BeOJGHLJwuYW3O8PsoffI%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767076037"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=70e58f94-3501-4111-b608-769c2cf860b8; path=/; expires=Thu, 30 Dec 2027 06:27:17 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=6267deeb-a5ce-4095-bdef-e328a2a0ba8b; path=/; expires=Tue, 30 Dec 2025 10:27:17 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: a2156c75-8281-003e-4462-48ff50e2593c
X-Runtime: 0.006864
X-Xss-Protection: 1; mode=block
Date: Tue, 30 Dec 2025 06:27:17 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-30T06:27:17.289Z"}

Found 2025-12-30 by HttpPlugin

Create report

Open service 75.2.97.79:443 · api-staging.containeralliance.com

2025-12-22 12:04

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"e75a2bb603a9fb37c7502d7094c47098"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=du83FjpWmHVm19ILsy46iPD%2BWRKrAFT0KwRYhU6P3qE%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766405064"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=du83FjpWmHVm19ILsy46iPD%2BWRKrAFT0KwRYhU6P3qE%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766405064"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=937c47f0-5955-4bab-bd0e-3c8ec2ed291e; path=/; expires=Wed, 22 Dec 2027 12:04:25 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=eb28d8e9-1647-4a87-9e48-ef752535684a; path=/; expires=Mon, 22 Dec 2025 16:04:25 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 09e4ea2b-fd2d-6305-b600-c886204dde59
X-Runtime: 0.010736
X-Xss-Protection: 1; mode=block
Date: Mon, 22 Dec 2025 12:04:25 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-22T12:04:25.011Z"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 75.2.97.79:443 · api-staging.containeralliance.com

2025-12-20 11:06

HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json; charset=utf-8
Etag: W/"006e00397b708ac4d024c33519436f2e"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ZHzg1iYMftt1WwcD4qVPRlwDhVhA%2FA8ij7pmnCeaMHI%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766228784"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ZHzg1iYMftt1WwcD4qVPRlwDhVhA%2FA8ij7pmnCeaMHI%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766228784"
Server: Heroku
Set-Cookie: ahoy_track=true; path=/; SameSite=Lax; secure
Set-Cookie: ahoy_visitor=3be966b3-67ba-4cc1-9a4b-5b82d1a9e474; path=/; expires=Mon, 20 Dec 2027 11:06:24 GMT; SameSite=Lax; secure
Set-Cookie: ahoy_visit=856aee02-f5ca-4e84-a627-8ea309cf0b1f; path=/; expires=Sat, 20 Dec 2025 15:06:24 GMT; SameSite=Lax; secure
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 75bdb5c1-5c73-d59f-96c2-f58531b1afde
X-Runtime: 0.006871
X-Xss-Protection: 1; mode=block
Date: Sat, 20 Dec 2025 11:06:24 GMT
Content-Length: 35
Connection: close


{"time":"2025-12-20T11:06:24.056Z"}

Found 2025-12-20 by HttpPlugin

Create report

api-staging.containeralliance.com

Fingerprint:

2620be1d7b427d66d9d52a2a0dae89074b4ebcef78e083f6b67c9b6908c3eb95

CN:

api-staging.containeralliance.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-17 00:27

Not after:

2026-02-15 00:27

Domain summary

api-staging.containeralliance.com 6

1 recorded

IP summary

75.2.97.79 2 99.83.151.71 1

2 recorded

Domain api-staging.containeralliance.com

United States

Software information

GraphQL introspection is enabled.

Create report

Create report

Create report

Create report

Create report

api-staging.containeralliance.com

Domain summary

IP summary