Domain app.ottman.me
Software information
cloudflare
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-11-21 17:23
Last seen 2026-01-02 13:06
Open for 41 days-
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d615a7ce47725a717528f1c71b2ca310f9c158c049GraphQL introspection enabled at /api/graphql Types: 183 (by kind: ENUM: 43, INPUT_OBJECT: 11, INTERFACE: 5, OBJECT: 116, SCALAR: 7, UNION: 1) Operations: - Query: Query | fields: config, featuredEntities, multiTenantConfig, multiTenantDomain, tenants - Mutation: Mutation | fields: createMultiTenantDomain, createNetworkRootUser, createTenant, deleteFeaturedEntity, storeFeaturedEntity Directives: deprecated, include, skip (total: 3)
Found on 2026-01-02 13:06256.9 kBytes
-
-
Open service 104.18.40.51:443 · app.ottman.me
2026-01-09 09:04
HTTP/1.1 200 OK Date: Fri, 09 Jan 2026 09:04:59 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9bb2c530fe199079-FRA content-security-policy: default-src blob: 'self' *.minds.com; script-src blob: data: 'self' *.minds.com 'sha256-vVbHgirIBntVQFzMb5A2pHMuUeV4ODC0qhmiEQgVMo0='; style-src *.minds.com data: 'self' 'unsafe-inline'; frame-src *; connect-src data: 'self' *.minds.com *.cloudflarestream.com idgmyygwvm9a.objectstorage.us-ashburn-1.oci.customer-oci.com; img-src data: blob: 'self' *.minds.com; block-all-mixed-content; upgrade-insecure-requests; report-uri https://www.minds.com/p/contact; permissions-policy: autoplay=(), camera=(self), clipboard-read=(self), clipboard-write=(self), fullscreen=(self), geolocation=(self), microphone=(self), payment=(), picture-in-picture=(self); referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubdomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-powered-by: Express cf-cache-status: DYNAMIC X-Frame-Options: SAMEORIGIN Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.18.40.51:443 · app.ottman.me
2026-01-02 13:06
HTTP/1.1 200 OK Date: Fri, 02 Jan 2026 13:06:16 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9b7a79026a0980dc-EWR content-security-policy: default-src blob: 'self' *.minds.com; script-src blob: data: 'self' *.minds.com 'sha256-vVbHgirIBntVQFzMb5A2pHMuUeV4ODC0qhmiEQgVMo0='; style-src *.minds.com data: 'self' 'unsafe-inline'; frame-src *; connect-src data: 'self' *.minds.com *.cloudflarestream.com idgmyygwvm9a.objectstorage.us-ashburn-1.oci.customer-oci.com; img-src data: blob: 'self' *.minds.com; block-all-mixed-content; upgrade-insecure-requests; report-uri https://www.minds.com/p/contact; permissions-policy: autoplay=(), camera=(self), clipboard-read=(self), clipboard-write=(self), fullscreen=(self), geolocation=(self), microphone=(self), payment=(), picture-in-picture=(self); referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubdomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-powered-by: Express cf-cache-status: DYNAMIC X-Frame-Options: SAMEORIGIN Server: cloudflare
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.40.51:443 · app.ottman.me
2025-12-22 18:17
HTTP/1.1 200 OK Date: Mon, 22 Dec 2025 18:17:47 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9b219e366e7fdbe0-FRA content-security-policy: default-src blob: 'self' *.minds.com; script-src blob: data: 'self' *.minds.com 'sha256-vVbHgirIBntVQFzMb5A2pHMuUeV4ODC0qhmiEQgVMo0='; style-src *.minds.com data: 'self' 'unsafe-inline'; frame-src *; connect-src data: 'self' *.minds.com *.cloudflarestream.com idgmyygwvm9a.objectstorage.us-ashburn-1.oci.customer-oci.com; img-src data: blob: 'self' *.minds.com; block-all-mixed-content; upgrade-insecure-requests; report-uri https://www.minds.com/p/contact; permissions-policy: autoplay=(), camera=(self), clipboard-read=(self), clipboard-write=(self), fullscreen=(self), geolocation=(self), microphone=(self), payment=(), picture-in-picture=(self); referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubdomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-powered-by: Express cf-cache-status: DYNAMIC X-Frame-Options: SAMEORIGIN Server: cloudflare
Found 2025-12-22 by HttpPluginCreate report
-
Open service 104.18.40.51:443 · app.ottman.me
2025-12-20 19:05
HTTP/1.1 200 OK Date: Sat, 20 Dec 2025 19:05:42 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close CF-RAY: 9b1169a1cc775c35-SIN content-security-policy: default-src blob: 'self' *.minds.com; script-src blob: data: 'self' *.minds.com 'sha256-vVbHgirIBntVQFzMb5A2pHMuUeV4ODC0qhmiEQgVMo0='; style-src *.minds.com data: 'self' 'unsafe-inline'; frame-src *; connect-src data: 'self' *.minds.com *.cloudflarestream.com idgmyygwvm9a.objectstorage.us-ashburn-1.oci.customer-oci.com; img-src data: blob: 'self' *.minds.com; block-all-mixed-content; upgrade-insecure-requests; report-uri https://www.minds.com/p/contact; permissions-policy: autoplay=(), camera=(self), clipboard-read=(self), clipboard-write=(self), fullscreen=(self), geolocation=(self), microphone=(self), payment=(), picture-in-picture=(self); referrer-policy: strict-origin-when-cross-origin strict-transport-security: max-age=31536000; includeSubdomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-powered-by: Express cf-cache-status: DYNAMIC X-Frame-Options: SAMEORIGIN Server: cloudflare
Found 2025-12-20 by HttpPluginCreate report