Domain api.alchemi.ai
United States
Software information
Heroku
tcp/443 tcp/80
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-27 00:40
Last seen 2026-01-02 19:19
Open for 67 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35d5d12b43e0669383d64db8b24eb646de5a399b9GraphQL introspection enabled at /graphql Types: 83 (by kind: ENUM: 12, INPUT_OBJECT: 18, OBJECT: 48, SCALAR: 5) Operations: - Query: Query | fields: accountOverview, adminAllConnectAccount, adminAllUser, adminTasks, adminUserInfo - Mutation: Mutation | fields: activateContentDistributionSanity, activateContentDistributionShopify, activateContentDistributionWebflow, activateContentDistributionWordpress, activateLink Directives: deprecated, include, skip, specifiedBy (total: 4)
Found on 2026-01-02 19:19128.2 kBytes
-
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-27 00:40
Last seen 2026-01-02 10:00
Open for 67 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa35d5d12b43e0669383d64db8b24eb646de5a399b9GraphQL introspection enabled at /graphql Types: 83 (by kind: ENUM: 12, INPUT_OBJECT: 18, OBJECT: 48, SCALAR: 5) Operations: - Query: Query | fields: accountOverview, adminAllConnectAccount, adminAllUser, adminTasks, adminUserInfo - Mutation: Mutation | fields: activateContentDistributionSanity, activateContentDistributionShopify, activateContentDistributionWebflow, activateContentDistributionWordpress, activateLink Directives: deprecated, include, skip, specifiedBy (total: 4)
Found on 2026-01-02 10:00128.2 kBytes
-
-
Open service 75.2.60.68:443 · api.alchemi.ai
2026-01-09 13:51
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 13:51:33 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=j%2BH0pEDohTy%2F24tPb7bBX75Ozwr0xdjYojEN0lr0gYk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767966693"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=j%2BH0pEDohTy%2F24tPb7bBX75Ozwr0xdjYojEN0lr0gYk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767966693" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1767966774 X-Xss-Protection: 0 Connection: close Hello World!Found 2026-01-09 by HttpPluginCreate report
-
Open service 75.2.60.68:80 · api.alchemi.ai
2026-01-09 12:22
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 12:23:12 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=MvfHUwfx9k%2BW4FP%2B4%2FJv6oA%2FpPenSwlgC%2BUHUIWUnWQ%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767961392"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=MvfHUwfx9k%2BW4FP%2B4%2FJv6oA%2FpPenSwlgC%2BUHUIWUnWQ%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767961392" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1767961674 X-Xss-Protection: 0 Connection: close Hello World!Found 2026-01-09 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · api.alchemi.ai
2026-01-02 19:19
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 19:19:08 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=u3%2B7GAjUdZw2lwh%2BZGglx8Q6EdZFexriS1U4lEpbSm0%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767381548"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=u3%2B7GAjUdZw2lwh%2BZGglx8Q6EdZFexriS1U4lEpbSm0%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767381548" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1767381777 X-Xss-Protection: 0 Connection: close Hello World!Found 2026-01-02 by HttpPluginCreate report
-
Open service 75.2.60.68:80 · api.alchemi.ai
2026-01-02 10:00
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 10:00:04 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=b%2Fj9PWheCAqB7HNnBkezGalfGLrhfsT4QduTYrMTdnk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767348004"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=b%2Fj9PWheCAqB7HNnBkezGalfGLrhfsT4QduTYrMTdnk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767348004" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1767348173 X-Xss-Protection: 0 Connection: close Hello World!Found 2026-01-02 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · api.alchemi.ai
2025-12-23 04:58
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 23 Dec 2025 04:58:35 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LEYvxc%2BSurqB%2F88ut0euBgtUZ%2BxrxCFB3eIlIbvmvio%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766465915"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LEYvxc%2BSurqB%2F88ut0euBgtUZ%2BxrxCFB3eIlIbvmvio%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766465915" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1766465932 X-Xss-Protection: 0 Connection: close Hello World!Found 2025-12-23 by HttpPluginCreate report
-
Open service 75.2.60.68:80 · api.alchemi.ai
2025-12-22 15:24
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Mon, 22 Dec 2025 15:24:37 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BlQtmfmgornZVrs%2FMr7pDaPsL9gFxENcG5utoECSwYQ%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766417077"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BlQtmfmgornZVrs%2FMr7pDaPsL9gFxENcG5utoECSwYQ%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766417077" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1766417332 X-Xss-Protection: 0 Connection: close Hello World!Found 2025-12-22 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · api.alchemi.ai
2025-12-21 01:57
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sun, 21 Dec 2025 01:57:24 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WZdkreBYkj6DC%2FweDjgpGNzq6qUlSC0jdK1i1OjQUgg%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766282244"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WZdkreBYkj6DC%2FweDjgpGNzq6qUlSC0jdK1i1OjQUgg%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766282244" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1766282435 X-Xss-Protection: 0 Connection: close Hello World!Found 2025-12-21 by HttpPluginCreate report
-
Open service 75.2.60.68:80 · api.alchemi.ai
2025-12-20 18:45
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 20 Dec 2025 18:45:15 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=20hJqOkxjZ1Uu3Arxlh1yMfiP741S3f%2FAn82ZIkbWsQ%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766256315"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=20hJqOkxjZ1Uu3Arxlh1yMfiP741S3f%2FAn82ZIkbWsQ%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766256315" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1998 X-Ratelimit-Reset: 1766256335 X-Xss-Protection: 0 Connection: close Hello World!Found 2025-12-20 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · api.alchemi.ai
2025-12-19 04:49
HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Length: 12 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 19 Dec 2025 04:49:52 GMT Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=cuMojFgI91Te%2BUkkvO1bSEGC4urTPu2nBTvf93%2B7iYo%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766119792"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=cuMojFgI91Te%2BUkkvO1bSEGC4urTPu2nBTvf93%2B7iYo%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766119792" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 2000 X-Ratelimit-Remaining: 1999 X-Ratelimit-Reset: 1766120018 X-Xss-Protection: 0 Connection: close Hello World!Found 2025-12-19 by HttpPluginCreate report