LeakIX - Host api.touchandtell.com

Domain api.touchandtell.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.185.157
Domain: api.touchandtell.com
Port: 80
URL: http://api.touchandtell.com

First seen 2025-12-12 00:37
Last seen 2026-01-02 12:58
Open for 21 days
- Severity: medium
  Fingerprint: c2db3a1c40d490dbf8cbe7e2f46ebe74426f3c78a17f4be5ca5b249d0e0148cd
```
GraphQL introspection enabled at /graphql/api
Types: 279 (by kind: ENUM: 2, INPUT_OBJECT: 101, INTERFACE: 1, OBJECT: 170, SCALAR: 5)
Operations:
- Query: Query | fields: adminSurveys, node, survey, surveys, viewer
- Mutation: Mutation | fields: createReport, createWidget, deleteWidget, populateReport, updateWidget
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 12:58
  
  265.3 kBytes
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.185.157
Domain: api.touchandtell.com
Port: 443
URL: https://api.touchandtell.com

First seen 2025-12-12 00:37
Last seen 2025-12-30 12:44
Open for 18 days
- Severity: medium
  Fingerprint: c2db3a1c40d490dbf8cbe7e2f46ebe74426f3c78a17f4be5ca5b249d0e0148cd
```
GraphQL introspection enabled at /graphql/api
Types: 279 (by kind: ENUM: 2, INPUT_OBJECT: 101, INTERFACE: 1, OBJECT: 170, SCALAR: 5)
Operations:
- Query: Query | fields: adminSurveys, node, survey, surveys, viewer
- Mutation: Mutation | fields: createReport, createWidget, deleteWidget, populateReport, updateWidget
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-30 12:44
  
  265.3 kBytes
Create report

Open service 99.83.185.157:80 · api.touchandtell.com

2026-01-09 14:36

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 14:37:31 GMT
Etag: W/"1f-if03JVZeaTN0gpj8LHzMvA"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=OH6mgvyndSe%2Bm73zbN65408D%2F07StuGWxW1vz2FjFwU%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767969451"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=OH6mgvyndSe%2Bm73zbN65408D%2F07StuGWxW1vz2FjFwU%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767969451"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 2.498ms
Connection: close


{"status":"up","queryTimeMs":2}

Found 2026-01-09 by HttpPlugin

Create report

Open service 99.83.185.157:443 · api.touchandtell.com

2026-01-08 19:33

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 32
Content-Type: application/json; charset=utf-8
Date: Thu, 08 Jan 2026 19:33:16 GMT
Etag: W/"20-GGa+DfPWu/whq252hOFrXA"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=bYNLN17sUWPbUOTAUET1Ua3rJiYOuFHCFrXEJRsFQsc%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767900796"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=bYNLN17sUWPbUOTAUET1Ua3rJiYOuFHCFrXEJRsFQsc%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767900796"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 52.038ms
Connection: close


{"status":"up","queryTimeMs":51}

Found 2026-01-08 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.touchandtell.com

2026-01-02 12:58

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 12:58:52 GMT
Etag: W/"1f-qn3xzGs6+HMAF4kqMxHIWw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=prQ%2BXf0NytjerrKo1ciAqsDQ2vmycm6%2FQe3Cm6YnWQs%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767358732"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=prQ%2BXf0NytjerrKo1ciAqsDQ2vmycm6%2FQe3Cm6YnWQs%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767358732"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 3.635ms
Connection: close


{"status":"up","queryTimeMs":3}

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.185.157:443 · api.touchandtell.com

2025-12-30 12:44

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Tue, 30 Dec 2025 12:44:16 GMT
Etag: W/"1f-qn3xzGs6+HMAF4kqMxHIWw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=1bf%2FuR%2BCT7Wm%2B%2FpaKnViIRW9HzmoSfeqAceNRlJI6nI%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767098656"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=1bf%2FuR%2BCT7Wm%2B%2FpaKnViIRW9HzmoSfeqAceNRlJI6nI%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767098656"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 3.477ms
Connection: close


{"status":"up","queryTimeMs":3}

Found 2025-12-30 by HttpPlugin

Create report

Open service 99.83.185.157:443 · api.touchandtell.com

2025-12-22 11:17

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 11:17:41 GMT
Etag: W/"1f-if03JVZeaTN0gpj8LHzMvA"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=EyFRl1XkFxOgv8YtdNfRasYHYumrtpGsxFQloxyz8Co%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766402261"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=EyFRl1XkFxOgv8YtdNfRasYHYumrtpGsxFQloxyz8Co%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766402261"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 2.367ms
Connection: close


{"status":"up","queryTimeMs":2}

Found 2025-12-22 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.touchandtell.com

2025-12-22 08:23

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 08:23:12 GMT
Etag: W/"1f-if03JVZeaTN0gpj8LHzMvA"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=kWtUqv75mRXpFd2CIooqH%2FX1gIQPXDEne%2FYBiLxBFHw%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766391792"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=kWtUqv75mRXpFd2CIooqH%2FX1gIQPXDEne%2FYBiLxBFHw%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766391792"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 2.075ms
Connection: close


{"status":"up","queryTimeMs":2}

Found 2025-12-22 by HttpPlugin

Create report

Open service 99.83.185.157:443 · api.touchandtell.com

2025-12-20 12:59

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 12:59:01 GMT
Etag: W/"1f-if03JVZeaTN0gpj8LHzMvA"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=IN%2FPbqerDebVrkDHZK91D1kLNsg90f9UT%2FK8vsAkeRM%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766235541"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=IN%2FPbqerDebVrkDHZK91D1kLNsg90f9UT%2FK8vsAkeRM%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766235541"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 2.276ms
Connection: close


{"status":"up","queryTimeMs":2}

Found 2025-12-20 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.touchandtell.com

2025-12-20 05:30

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, Cache-Control
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 31
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 05:30:34 GMT
Etag: W/"1f-if03JVZeaTN0gpj8LHzMvA"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=yRjcMfeF3IIVI1L%2BTjYrVg%2Bxa%2F7Ij6Elpr1dz1whejU%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766208634"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=yRjcMfeF3IIVI1L%2BTjYrVg%2Bxa%2F7Ij6Elpr1dz1whejU%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766208634"
Server: Heroku
Vary: X-HTTP-Method-Override
Via: 1.1 heroku-router
X-Response-Time: 2.551ms
Connection: close


{"status":"up","queryTimeMs":2}

Found 2025-12-20 by HttpPlugin

Create report

api.touchandtell.com

Fingerprint:

ddab56e95716d5ab14203e76f3b1ad1e9b683522b06407b1f2866f69e55904f0

CN:

api.touchandtell.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-12-11 23:38

Not after:

2026-03-11 23:38

Domain summary

api.touchandtell.com 9

1 recorded

IP summary

99.83.185.157 2

1 recorded

Domain api.touchandtell.com

United States

Software information

GraphQL introspection is enabled.

GraphQL introspection is enabled.

api.touchandtell.com

Domain summary

IP summary