Domain rc.core.payoutpartner.com
United States
Software information
Heroku
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
IP: 52.223.53.203
Domain: rc.core.payoutpartner.com
Port: 443
URL: https://rc.core.payoutpartner.comFirst seen 2025-10-29 14:27
Last seen 2026-01-03 00:21
Open for 65 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3943ac6615745c8a34b683b799a3b83ad27731945GraphQL introspection enabled at /graphql Types: 475 (by kind: ENUM: 52, INPUT_OBJECT: 190, INTERFACE: 3, OBJECT: 224, SCALAR: 6) Operations: - Query: Query | fields: checkSlug, clients, companies, company, crcPurposes - Mutation: Mutation | fields: addAccountMember, approveEnrollment, approveJobApplication, archiveClient, archiveDocuments Directives: deprecated, include, oneOf, skip (total: 4)
Found on 2026-01-03 00:21535.6 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3GraphQL introspection enabled at /graphql
Found on 2025-12-03 22:46
-
-
Open service 52.223.53.203:443 · rc.core.payoutpartner.com
2026-01-10 01:48
HTTP/1.1 302 Found Cache-Control: no-store Content-Type: text/html; charset=utf-8 Location: https://rc.core.payoutpartner.com/partner/session/new Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=TXu%2FkQ%2F65%2B%2FyLZSdVVcEnWqHepth3ASrTJK2GAaEz64%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1768009719"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=TXu%2FkQ%2F65%2B%2FyLZSdVVcEnWqHepth3ASrTJK2GAaEz64%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1768009719" Server: Heroku Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: f61cd33e-7132-4592-b194-3c5319872ef2 X-Runtime: 0.009007 X-Xss-Protection: 0 Date: Sat, 10 Jan 2026 01:48:39 GMT Content-Length: 119 Connection: close <html><body>You are being <a href="https://rc.core.payoutpartner.com/partner/session/new">redirected</a>.</body></html>Found 2 days ago by HttpPluginCreate report
-
Open service 52.223.53.203:443 · rc.core.payoutpartner.com
2026-01-03 00:21
HTTP/1.1 302 Found Cache-Control: no-store Content-Type: text/html; charset=utf-8 Location: https://rc.core.payoutpartner.com/partner/session/new Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=I6vTBLXSHA0RPPWq5Zer94OoCuOtP9FghD5zx96ODgU%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767399665"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=I6vTBLXSHA0RPPWq5Zer94OoCuOtP9FghD5zx96ODgU%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767399665" Server: Heroku Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 6555fa8b-f63b-4a58-af4a-d34dc88f1e0b X-Runtime: 0.005398 X-Xss-Protection: 0 Date: Sat, 03 Jan 2026 00:21:05 GMT Content-Length: 119 Connection: close <html><body>You are being <a href="https://rc.core.payoutpartner.com/partner/session/new">redirected</a>.</body></html>Found 2026-01-03 by HttpPluginCreate report
-
Open service 52.223.53.203:443 · rc.core.payoutpartner.com
2025-12-23 09:49
HTTP/1.1 302 Found Cache-Control: no-store Content-Type: text/html; charset=utf-8 Location: https://rc.core.payoutpartner.com/partner/session/new Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=NfXqlLymRS2wropLc4qiDMO9g1UggY822UTnityc1ak%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766483359"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=NfXqlLymRS2wropLc4qiDMO9g1UggY822UTnityc1ak%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766483359" Server: Heroku Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: df179381-8e98-44da-a756-9b7d94385ece X-Runtime: 0.006159 X-Xss-Protection: 0 Date: Tue, 23 Dec 2025 09:49:19 GMT Content-Length: 119 Connection: close <html><body>You are being <a href="https://rc.core.payoutpartner.com/partner/session/new">redirected</a>.</body></html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 52.223.53.203:443 · rc.core.payoutpartner.com
2025-12-21 09:36
HTTP/1.1 302 Found Cache-Control: no-store Content-Type: text/html; charset=utf-8 Location: https://rc.core.payoutpartner.com/partner/session/new Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LPLYCFo5EEPR4NUzCyV8yh0%2FS4u7wkekZ3GWpzLWZW4%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766309794"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LPLYCFo5EEPR4NUzCyV8yh0%2FS4u7wkekZ3GWpzLWZW4%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766309794" Server: Heroku Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 4fde2f4a-8c5f-4dcc-9688-8fa7b6e04293 X-Runtime: 0.008472 X-Xss-Protection: 0 Date: Sun, 21 Dec 2025 09:36:34 GMT Content-Length: 119 Connection: close <html><body>You are being <a href="https://rc.core.payoutpartner.com/partner/session/new">redirected</a>.</body></html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 52.223.53.203:443 · rc.core.payoutpartner.com
2025-12-19 11:15
HTTP/1.1 302 Found Cache-Control: no-store Content-Type: text/html; charset=utf-8 Location: https://rc.core.payoutpartner.com/partner/session/new Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=YgL2q0e%2BbYkEw6bKshpPHrcVShvDZ6ZhBviONDT4CT8%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766142905"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=YgL2q0e%2BbYkEw6bKshpPHrcVShvDZ6ZhBviONDT4CT8%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766142905" Server: Heroku Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: bc83b507-adb7-4db5-b1c3-b94d18e00303 X-Runtime: 0.004784 X-Xss-Protection: 0 Date: Fri, 19 Dec 2025 11:15:06 GMT Content-Length: 119 Connection: close <html><body>You are being <a href="https://rc.core.payoutpartner.com/partner/session/new">redirected</a>.</body></html>Found 2025-12-19 by HttpPluginCreate report