LeakIX - Host api.prod.affectifi.com

Domain api.prod.affectifi.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 35.71.179.82
Domain: api.prod.affectifi.com
Port: 443
URL: https://api.prod.affectifi.com

First seen 2025-11-12 01:13
Last seen 2026-01-02 20:35
Open for 51 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa34d09b6c5aea9250722908ad43bad0affb6ac56c3

GraphQL introspection enabled at /graphql
Types: 353 (by kind: ENUM: 2, INPUT_OBJECT: 76, OBJECT: 268, SCALAR: 7)
Operations:
- Query: Query | fields: achievements, action_tendencies, appraisal, appraisals_by_participant, belief
- Mutation: Mutations | fields: action_tendency_delete, action_tendency_save, admin_login, invite_code_activation, sign_up
Directives: include, skip (total: 2)

Found on 2026-01-02 20:35

417.4 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa38dc0c273c368cff15874643aa542c9fd1216f979

GraphQL introspection enabled at /graphql
Types: 352 (by kind: ENUM: 2, INPUT_OBJECT: 75, OBJECT: 268, SCALAR: 7)
Operations:
- Query: Query | fields: achievements, action_tendencies, appraisal, appraisals_by_participant, belief
- Mutation: Mutations | fields: action_tendency_delete, action_tendency_save, admin_login, invite_code_activation, sign_up
Directives: include, skip (total: 2)

Found on 2025-12-24 23:01

414.9 kBytes

Create report

Open service 99.83.220.108:80 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 302 Found
Content-Length: 249
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Jan 2026 00:14:55 GMT
Location: https://api.prod.affectifi.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=D0M7mmIBl8TwLdfAy44iODVYC6elIx8tE6PdWGxz%2FeU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176895"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=D0M7mmIBl8TwLdfAy44iODVYC6elIx8tE6PdWGxz%2FeU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176895"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="https://api.prod.affectifi.com/">https://api.prod.affectifi.com/</a>. If not, click the link.

Found one day ago by HttpPlugin

Create report

Open service 35.71.179.82:80 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 302 Found
Content-Length: 249
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Jan 2026 00:14:56 GMT
Location: https://api.prod.affectifi.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=D0EPSvaCEvZWQ%2BRhQw7yqiz%2BoM6CNXnmGevp%2FrlIXbE%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176896"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=D0EPSvaCEvZWQ%2BRhQw7yqiz%2BoM6CNXnmGevp%2FrlIXbE%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176896"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="https://api.prod.affectifi.com/">https://api.prod.affectifi.com/</a>. If not, click the link.

Found one day ago by HttpPlugin

Create report

Open service 13.248.244.96:443 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Mon, 12 Jan 2026 00:13:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176834"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176834"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found one day ago by HttpPlugin

Create report

Open service 75.2.60.68:443 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Mon, 12 Jan 2026 00:13:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176834"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176834"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found one day ago by HttpPlugin

Create report

Open service 99.83.220.108:443 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Mon, 12 Jan 2026 00:13:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176834"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176834"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found one day ago by HttpPlugin

Create report

Open service 75.2.60.68:80 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 302 Found
Content-Length: 249
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Jan 2026 00:14:55 GMT
Location: https://api.prod.affectifi.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=D0M7mmIBl8TwLdfAy44iODVYC6elIx8tE6PdWGxz%2FeU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176895"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=D0M7mmIBl8TwLdfAy44iODVYC6elIx8tE6PdWGxz%2FeU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176895"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="https://api.prod.affectifi.com/">https://api.prod.affectifi.com/</a>. If not, click the link.

Found one day ago by HttpPlugin

Create report

Open service 13.248.244.96:80 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 302 Found
Content-Length: 249
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Jan 2026 00:14:55 GMT
Location: https://api.prod.affectifi.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=D0M7mmIBl8TwLdfAy44iODVYC6elIx8tE6PdWGxz%2FeU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176895"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=D0M7mmIBl8TwLdfAy44iODVYC6elIx8tE6PdWGxz%2FeU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176895"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="https://api.prod.affectifi.com/">https://api.prod.affectifi.com/</a>. If not, click the link.

Found one day ago by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.prod.affectifi.com

2026-01-12 00:13

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Mon, 12 Jan 2026 00:13:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768176834"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LgAivdBYXVuU0s%2BEhDFH1CtvIwSJL35eURl4ADiYr2w%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768176834"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found one day ago by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.prod.affectifi.com

2026-01-10 00:11

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Sat, 10 Jan 2026 00:11:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=oxh1a1WMOIdkmbS5uzwcHg49KCRmZ76LNtnZkz7JcWA%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768003914"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=oxh1a1WMOIdkmbS5uzwcHg49KCRmZ76LNtnZkz7JcWA%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768003914"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found 3 days ago by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.prod.affectifi.com

2026-01-02 20:35

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Fri, 02 Jan 2026 20:35:27 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=TC9GbFtNqqkxtMey9uej6MtZovCrEyOnKJu%2B1jc8JNM%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767386127"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=TC9GbFtNqqkxtMey9uej6MtZovCrEyOnKJu%2B1jc8JNM%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767386127"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found 2026-01-02 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.prod.affectifi.com

2025-12-23 02:36

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Tue, 23 Dec 2025 02:36:13 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=VXsiI68Q8%2FhGHse5Mt8LInJ5uwrXY6CGYpq9x20W1ks%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766457373"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=VXsiI68Q8%2FhGHse5Mt8LInJ5uwrXY6CGYpq9x20W1ks%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766457373"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found 2025-12-23 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.prod.affectifi.com

2025-12-21 08:17

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Sun, 21 Dec 2025 08:17:18 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LT2Mar4mcKubH664UaOoNgEHTUK8VPiB3dHttx7m0x0%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766305038"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LT2Mar4mcKubH664UaOoNgEHTUK8VPiB3dHttx7m0x0%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766305038"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found 2025-12-21 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.prod.affectifi.com

2025-12-19 05:55

HTTP/1.1 404 Not Found
Content-Length: 61
Content-Security-Policy: default-src 'self'; object-src 'none'
Content-Type: application/json
Date: Fri, 19 Dec 2025 05:55:54 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=cIx7eTNS%2FY5kcTr22%2BfwiXc8ODGzUSmR3cAe9ZJv2VU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766123754"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=cIx7eTNS%2FY5kcTr22%2BfwiXc8ODGzUSmR3cAe9ZJv2VU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766123754"
Server: Heroku
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: close


{"message":"The requested URL was not found on the server."}

Found 2025-12-19 by HttpPlugin

Create report

api.prod.affectifi.com

Fingerprint:

00fa450716f6cccff3d1e6dbebca710dcc37097ae0a09c2b4e26c2711ef190d8

CN:

api.prod.affectifi.com

Key:

RSA-2048

Issuer:

R12

Not before:

2026-01-11 23:15

Not after:

2026-04-11 23:15

api.prod.affectifi.com

Fingerprint:

0b79075b6494d95f9736f1021190b4b03eb96416c403fbebd7b15a3112b5611d

CN:

api.prod.affectifi.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-12 00:14

Not after:

2026-02-10 00:14

Domain summary

api.prod.affectifi.com 14

1 recorded

IP summary

99.83.220.108 1 35.71.179.82 1 13.248.244.96 1 75.2.60.68 1

4 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice