LeakIX - Host dev.workkerapp.com

Domain dev.workkerapp.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 3.33.241.96
Domain: dev.workkerapp.com
Port: 443
URL: https://dev.workkerapp.com

First seen 2025-11-11 01:47
Last seen 2026-01-02 03:59
Open for 52 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa382e028af3d6058fd8a011e7341e6c63d67a90415
```
GraphQL introspection enabled at /graphql
Types: 38 (by kind: ENUM: 2, INPUT_OBJECT: 2, OBJECT: 28, SCALAR: 6)
Operations:
- Query: Query | fields: Job, _allJobsMeta, adminOptions, allAdminUsers, allJobs
- Mutation: Mutation | fields: createJob, deleteJob, signinUser, updateDailyOrderTeams, updateJob
Directives: deprecated, include, oneOf, skip (total: 4)
```
  Found on 2026-01-02 03:59
  
  40.4 kBytes
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2025-12-01 13:05
Create report

Open service 15.197.149.68:443 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=iIfYXzhpSV2%2BKuK4Thw5d1kIP98pPUQ339eFiN%2FYoW0%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092536"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=iIfYXzhpSV2%2BKuK4Thw5d1kIP98pPUQ339eFiN%2FYoW0%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092536"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: c17dd29e-039d-6699-90e5-371df02f2ab1
X-Runtime: 0.002302
X-Xss-Protection: 1; mode=block
Date: Sun, 11 Jan 2026 00:48:56 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 76.223.57.73:80 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://dev.workkerapp.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=GQASrPH9bMIgtS54Fk%2BUEWURJoyaHNKjhXEr8NA7phI%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092595"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=GQASrPH9bMIgtS54Fk%2BUEWURJoyaHNKjhXEr8NA7phI%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092595"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
Date: Sun, 11 Jan 2026 00:49:55 GMT
Content-Length: 0
Connection: close

Found 2026-01-11 by HttpPlugin

Create report

Open service 13.248.213.92:443 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=saZrIHtryVpVrfau1r2cVXmkqsIs1q4AdR1BovZOe3Y%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092535"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=saZrIHtryVpVrfau1r2cVXmkqsIs1q4AdR1BovZOe3Y%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092535"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 87912893-11c4-7c1c-474c-79a67365352a
X-Runtime: 0.002603
X-Xss-Protection: 1; mode=block
Date: Sun, 11 Jan 2026 00:48:55 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 3.33.241.96:443 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BI7JzqW1Q45%2FX5Qzg2ofk%2F0HXR8dWA5%2FyYDg7cFDDTI%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092534"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BI7JzqW1Q45%2FX5Qzg2ofk%2F0HXR8dWA5%2FyYDg7cFDDTI%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092534"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 0afb34d7-26de-6caf-bfb9-4c2e6ec2be3c
X-Runtime: 0.002264
X-Xss-Protection: 1; mode=block
Date: Sun, 11 Jan 2026 00:48:54 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 76.223.57.73:443 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BI7JzqW1Q45%2FX5Qzg2ofk%2F0HXR8dWA5%2FyYDg7cFDDTI%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092534"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BI7JzqW1Q45%2FX5Qzg2ofk%2F0HXR8dWA5%2FyYDg7cFDDTI%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092534"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 24491762-e901-4593-3c9a-2047fec08897
X-Runtime: 0.001812
X-Xss-Protection: 1; mode=block
Date: Sun, 11 Jan 2026 00:48:54 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2026-01-11 by HttpPlugin

Create report

Open service 15.197.149.68:80 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://dev.workkerapp.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WDGpGIEUSd%2BhTNBaS957Do4JoQeBZs%2BYgjc%2BXB%2F5jbQ%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092596"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WDGpGIEUSd%2BhTNBaS957Do4JoQeBZs%2BYgjc%2BXB%2F5jbQ%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092596"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
Date: Sun, 11 Jan 2026 00:49:56 GMT
Content-Length: 0
Connection: close

Found 2026-01-11 by HttpPlugin

Create report

Open service 3.33.241.96:80 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://dev.workkerapp.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WDGpGIEUSd%2BhTNBaS957Do4JoQeBZs%2BYgjc%2BXB%2F5jbQ%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092596"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WDGpGIEUSd%2BhTNBaS957Do4JoQeBZs%2BYgjc%2BXB%2F5jbQ%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092596"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
Date: Sun, 11 Jan 2026 00:49:56 GMT
Content-Length: 0
Connection: close

Found 2026-01-11 by HttpPlugin

Create report

Open service 13.248.213.92:80 · dev.workkerapp.com

2026-01-11 00:48

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Location: https://dev.workkerapp.com/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WDGpGIEUSd%2BhTNBaS957Do4JoQeBZs%2BYgjc%2BXB%2F5jbQ%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1768092596"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WDGpGIEUSd%2BhTNBaS957Do4JoQeBZs%2BYgjc%2BXB%2F5jbQ%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1768092596"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
Date: Sun, 11 Jan 2026 00:49:56 GMT
Content-Length: 0
Connection: close

Found 2026-01-11 by HttpPlugin

Create report

Open service 3.33.241.96:443 · dev.workkerapp.com

2026-01-09 11:03

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LsSjKxzl9%2BEBzPH%2BO%2B241dhms0nrOXLLGKAcNZ3atoo%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767956590"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LsSjKxzl9%2BEBzPH%2BO%2B241dhms0nrOXLLGKAcNZ3atoo%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767956590"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 209b4cb3-22d9-6ab6-b965-e650f107f0ae
X-Runtime: 0.001808
X-Xss-Protection: 1; mode=block
Date: Fri, 09 Jan 2026 11:03:10 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 3.33.241.96:443 · dev.workkerapp.com

2026-01-02 03:59

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ii3ybkkNN1XldBG0%2F1WE92DFKCldVIIG292l98UxC%2Fs%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767326346"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ii3ybkkNN1XldBG0%2F1WE92DFKCldVIIG292l98UxC%2Fs%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767326346"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 69634455-c15c-3f83-df3d-6b46dfeffe97
X-Runtime: 0.001837
X-Xss-Protection: 1; mode=block
Date: Fri, 02 Jan 2026 03:59:06 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 3.33.241.96:443 · dev.workkerapp.com

2025-12-22 12:13

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=fHu6KJIk0Mwb8AeWKhzq%2F9GdptV16kZvacox6k27nZA%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766405639"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=fHu6KJIk0Mwb8AeWKhzq%2F9GdptV16kZvacox6k27nZA%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766405639"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 8f43176e-ef12-dc8d-cebe-bc208bdfe7f9
X-Runtime: 0.001883
X-Xss-Protection: 1; mode=block
Date: Mon, 22 Dec 2025 12:13:59 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2025-12-22 by HttpPlugin

Create report

Open service 3.33.241.96:443 · dev.workkerapp.com

2025-12-20 10:50

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Location: https://dev.workkerapp.com/worker/onboarding_process
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rSEDbzgZ4pKCxk%2FygALRoaBF5u1O%2BvnyWAMhHh%2FltNk%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766227859"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rSEDbzgZ4pKCxk%2FygALRoaBF5u1O%2BvnyWAMhHh%2FltNk%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766227859"
Server: Heroku
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 3c9fb8f6-ea20-1ed7-7735-fc7f05f227d2
X-Runtime: 0.002426
X-Xss-Protection: 1; mode=block
Date: Sat, 20 Dec 2025 10:50:59 GMT
Content-Length: 118
Connection: close


<html><body>You are being <a href="https://dev.workkerapp.com/worker/onboarding_process">redirected</a>.</body></html>

Found 2025-12-20 by HttpPlugin

Create report

dev.workkerapp.com

Fingerprint:

d1bfa44b9d84191b06c75c650019a51127ea911e00390f43e639277e9437d4c2

CN:

dev.workkerapp.com

Key:

RSA-2048

Issuer:

R12

Not before:

2026-01-10 23:49

Not after:

2026-04-10 23:49

dev.workkerapp.com

Fingerprint:

eebb40f672c45eba2da6faadc77f4d1c2bfa99418768ab599d7b3dea7f79e638

CN:

dev.workkerapp.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-11 00:47

Not after:

2026-02-09 00:47

Domain summary

dev.workkerapp.com 13

1 recorded

IP summary

15.197.149.68 1 76.223.57.73 1 13.248.213.92 1 3.33.241.96 1

4 recorded

Domain dev.workkerapp.com

United States

Software information

GraphQL introspection is enabled.

dev.workkerapp.com

dev.workkerapp.com

Domain summary

IP summary