Domain horizon-api.eimele.com
United Kingdom
Fic Shareco Limited
  • GraphQL introspection is enabled.
    First seen 2025-10-22 04:44
    Last seen 2026-01-02 16:11
    Open for 72 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3

      GraphQL introspection enabled at /graphql
      Found on 2026-01-02 16:11

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa38f080941b1284e43b3826dfdb26d5ca55cbad7e6

      GraphQL introspection enabled at /graphql
Types: 616 (by kind: ENUM: 75, INPUT_OBJECT: 76, INTERFACE: 3, OBJECT: 428, SCALAR: 28, UNION: 6)
Operations:
- Query: Query | fields: check, customer, exchangeSocialAuthenticationToken, passwordResetTokenValidity, socialLoginProviders
- Mutation: Mutation | fields: check, updateDateOfBirth, updateEmailAddress, updateMobilePhoneNumber, updateName
Directives: authenticated, deprecated, include, internal, rateLimited, sensitive, skip, surrogateControl, volatile, weight (total: 12)
      Found on 2025-12-01 08:03
      1.1 MBytes

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa3539d227d1b755c9f78e628c16ddee4c10681db12

      GraphQL introspection enabled at /graphql
Types: 614 (by kind: ENUM: 75, INPUT_OBJECT: 76, INTERFACE: 3, OBJECT: 426, SCALAR: 28, UNION: 6)
Operations:
- Query: Query | fields: check, customer, exchangeSocialAuthenticationToken, passwordResetTokenValidity, socialLoginProviders
- Mutation: Mutation | fields: check, updateDateOfBirth, updateEmailAddress, updateMobilePhoneNumber, updateName
Directives: authenticated, deprecated, include, internal, rateLimited, sensitive, skip, surrogateControl, volatile, weight (total: 12)
      Found on 2025-11-16 21:07
      1.1 MBytes

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa3539d227d1b755c9fc8ad7270d87e952700bf0b80

      GraphQL introspection enabled at /graphql
Types: 614 (by kind: ENUM: 75, INPUT_OBJECT: 76, INTERFACE: 3, OBJECT: 426, SCALAR: 28, UNION: 6)
Operations:
- Query: Query | fields: captchaConfiguration, check, deliveryInfo, paymentMethods, supportedCurrencies
- Mutation: Mutation | fields: addAddress, cancelSubscription, check, deleteAddress, replaceAddress
Directives: authenticated, deprecated, include, internal, rateLimited, sensitive, skip, surrogateControl, volatile, weight (total: 12)
      Found on 2025-10-22 04:44
      1.1 MBytes
    Create report

  • Open service 185.217.107.30:443 · horizon-api.eimele.com

    2026-01-09 22:03 

    HTTP/1.1 200 OK
content-type: text/html
content-length: 284
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'; report-to csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: csp-endpoint=https://csp.thehut.net/cspReport.txt
cache-control: no-store
connection: close

Page title: Horizon

<!doctype html>
<html>
<head><meta charset='UTF-8'/><title>Horizon</title></head>
<body>
<h1>Horizon</h1>
<p>This GraphQL API powers THG's enterprise e-commerce platform.</p>
<p><a href="https://horizondocs.thgaltitude.com/">Documentation</a> is available online.</p>
</body>
</html>
    Found 2026-01-09 by HttpPlugin
    Create report

  • Open service 185.217.107.30:443 · horizon-api.eimele.com

    2026-01-02 16:11 

    HTTP/1.1 200 OK
content-type: text/html
content-length: 284
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'; report-to csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: csp-endpoint=https://csp.thehut.net/cspReport.txt
cache-control: no-store
connection: close

Page title: Horizon

<!doctype html>
<html>
<head><meta charset='UTF-8'/><title>Horizon</title></head>
<body>
<h1>Horizon</h1>
<p>This GraphQL API powers THG's enterprise e-commerce platform.</p>
<p><a href="https://horizondocs.thgaltitude.com/">Documentation</a> is available online.</p>
</body>
</html>
    Found 2026-01-02 by HttpPlugin
    Create report

  • Open service 185.217.107.30:443 · horizon-api.eimele.com

    2025-12-22 22:25 

    HTTP/1.1 200 OK
content-type: text/html
content-length: 284
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'; report-to csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: csp-endpoint=https://csp.thehut.net/cspReport.txt
cache-control: no-store
connection: close

Page title: Horizon

<!doctype html>
<html>
<head><meta charset='UTF-8'/><title>Horizon</title></head>
<body>
<h1>Horizon</h1>
<p>This GraphQL API powers THG's enterprise e-commerce platform.</p>
<p><a href="https://horizondocs.thgaltitude.com/">Documentation</a> is available online.</p>
</body>
</html>
    Found 2025-12-22 by HttpPlugin
    Create report

  • Open service 185.217.107.30:443 · horizon-api.eimele.com

    2025-12-21 08:55 

    HTTP/1.1 200 OK
content-type: text/html
content-length: 284
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'; report-to csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: csp-endpoint=https://csp.thehut.net/cspReport.txt
cache-control: no-store
connection: close

Page title: Horizon

<!doctype html>
<html>
<head><meta charset='UTF-8'/><title>Horizon</title></head>
<body>
<h1>Horizon</h1>
<p>This GraphQL API powers THG's enterprise e-commerce platform.</p>
<p><a href="https://horizondocs.thgaltitude.com/">Documentation</a> is available online.</p>
</body>
</html>
    Found 2025-12-21 by HttpPlugin
    Create report

  • Open service 185.217.107.30:443 · horizon-api.eimele.com

    2025-12-19 09:09 

    HTTP/1.1 406 Not Acceptable
content-length: 41
content-type: application/json
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'; report-to csp-endpoint
strict-transport-security: max-age=31536000; includeSubDomains; preload
reporting-endpoints: csp-endpoint=https://csp.thehut.net/cspReport.txt
cache-control: no-store
connection: close


{"status":406,"message":"Not Acceptable"}
    Found 2025-12-19 by HttpPlugin
    Create report
horizon-api.eimele.com
Fingerprint:
f597d9cb9f85f4db08ee58c73cf757d8f2c450c91f2f12bec48792997904d0a0
CN:
horizon-api.eimele.com
Key:
RSA-2048
Issuer:
R12
Not before:
2025-12-10 06:11
Not after:
2026-03-10 06:11
Domain summary

horizon-api.eimele.com 8

1 recorded
IP summary

185.217.107.30 2

1 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice