Domain staging.api.kindest.com
United States
AMAZON-02
Software information

Heroku

tcp/443 tcp/80

  • GraphQL introspection is enabled.
    First seen 2025-11-13 01:23
    Last seen 2026-01-02 04:32
    Open for 50 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa367053df25c4beb02cc61be19c9447e6dcb53d5f7

      GraphQL introspection enabled at /graphql
Types: 501 (by kind: ENUM: 50, INPUT_OBJECT: 218, INTERFACE: 3, OBJECT: 216, SCALAR: 6, UNION: 8)
Operations:
- Query: Query | fields: allocations, emailFunnel, segmentation, smsFunnel, weekdays
- Mutation: Mutation | fields: createAllocation, deleteAllocation, setAllocationVisibility, signInWithEmail, updateAllocation
- Subscription: Subscription | fields: emailAssistantResponse
Directives: auth, deprecated, include, oneOf, skip, specifiedBy (total: 6)
      Found on 2026-01-02 04:32
      475.3 kBytes
    Create report
  • GraphQL introspection is enabled.
    First seen 2025-11-13 01:23
    Last seen 2026-01-02 01:41
    Open for 50 days

    • Severity: medium
      Fingerprint: c2db3a1c40d490db1a0bbaa367053df25c4beb02cc61be19c9447e6dcb53d5f7

      GraphQL introspection enabled at /graphql
Types: 501 (by kind: ENUM: 50, INPUT_OBJECT: 218, INTERFACE: 3, OBJECT: 216, SCALAR: 6, UNION: 8)
Operations:
- Query: Query | fields: allocations, emailFunnel, segmentation, smsFunnel, weekdays
- Mutation: Mutation | fields: createAllocation, deleteAllocation, setAllocationVisibility, signInWithEmail, updateAllocation
- Subscription: Subscription | fields: emailAssistantResponse
Directives: auth, deprecated, include, oneOf, skip, specifiedBy (total: 6)
      Found on 2026-01-02 01:41
      475.3 kBytes
    Create report

  • Open service 99.83.220.108:80 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:25:35 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=8HNaVtz3Rs5T3wS8nryByzkVYSyVSchIZegOMae2xLE%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263935"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=8HNaVtz3Rs5T3wS8nryByzkVYSyVSchIZegOMae2xLE%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263935"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 75.2.60.68:443 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:24:34 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=qTEVj7dDOoM%2FstqpOR5DG%2Fbj%2F1w5702pG5VK6wQXyGU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263874"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=qTEVj7dDOoM%2FstqpOR5DG%2Fbj%2F1w5702pG5VK6wQXyGU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263874"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 99.83.220.108:443 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:24:33 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3TKOTUlRadnQJW7SHjQOAmouuMzL18NhnJsdJaLVs%2Fk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263873"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3TKOTUlRadnQJW7SHjQOAmouuMzL18NhnJsdJaLVs%2Fk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263873"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 35.71.179.82:443 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:24:33 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3TKOTUlRadnQJW7SHjQOAmouuMzL18NhnJsdJaLVs%2Fk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263873"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3TKOTUlRadnQJW7SHjQOAmouuMzL18NhnJsdJaLVs%2Fk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263873"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 35.71.179.82:80 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:25:34 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=POq35JxBWOPJFCr6xaSIpb95ur6kGJ0p%2FKkluQiKCtk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263934"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=POq35JxBWOPJFCr6xaSIpb95ur6kGJ0p%2FKkluQiKCtk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263934"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 13.248.244.96:443 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:24:33 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3TKOTUlRadnQJW7SHjQOAmouuMzL18NhnJsdJaLVs%2Fk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263873"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3TKOTUlRadnQJW7SHjQOAmouuMzL18NhnJsdJaLVs%2Fk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263873"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 75.2.60.68:80 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:25:34 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=POq35JxBWOPJFCr6xaSIpb95ur6kGJ0p%2FKkluQiKCtk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263934"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=POq35JxBWOPJFCr6xaSIpb95ur6kGJ0p%2FKkluQiKCtk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263934"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 13.248.244.96:80 · staging.api.kindest.com

    2026-01-13 00:24 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 13 Jan 2026 00:25:34 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=POq35JxBWOPJFCr6xaSIpb95ur6kGJ0p%2FKkluQiKCtk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1768263934"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=POq35JxBWOPJFCr6xaSIpb95ur6kGJ0p%2FKkluQiKCtk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1768263934"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2 days ago by HttpPlugin
    Create report

  • Open service 35.71.179.82:80 · staging.api.kindest.com

    2026-01-09 12:49 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 12:50:44 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rrUnG7vDDBJi%2F7ZlGclbNWYGHRYpBmavJNpz4LlJDL8%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767963044"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rrUnG7vDDBJi%2F7ZlGclbNWYGHRYpBmavJNpz4LlJDL8%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767963044"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2026-01-09 by HttpPlugin
    Create report

  • Open service 75.2.60.68:443 · staging.api.kindest.com

    2026-01-09 06:04 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 06:04:06 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=bZttg6u%2BxCeS%2BGOuH%2BbE37FSEvJicsM5QXHt35WuiVo%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767938646"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=bZttg6u%2BxCeS%2BGOuH%2BbE37FSEvJicsM5QXHt35WuiVo%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767938646"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2026-01-09 by HttpPlugin
    Create report

  • Open service 75.2.60.68:443 · staging.api.kindest.com

    2026-01-02 04:32 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 04:32:12 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=YKlo76G6qCl3mhIk9WU80n8mU2Nqf%2BgNhNVbGXgnZdk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767328332"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=YKlo76G6qCl3mhIk9WU80n8mU2Nqf%2BgNhNVbGXgnZdk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767328332"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2026-01-02 by HttpPlugin
    Create report

  • Open service 35.71.179.82:80 · staging.api.kindest.com

    2026-01-02 01:41 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 01:41:35 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=YXPZg74sSJu%2BcLm971PC9z4SyxWxvJo5xHwOqiAh%2BhU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767318095"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=YXPZg74sSJu%2BcLm971PC9z4SyxWxvJo5xHwOqiAh%2BhU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767318095"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2026-01-02 by HttpPlugin
    Create report

  • Open service 35.71.179.82:80 · staging.api.kindest.com

    2025-12-30 12:30 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Tue, 30 Dec 2025 12:30:59 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=obD9PuKIUmiIPrW4b1v3W1J1qe%2BTMpHl8RwgseZE%2Fl0%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767097859"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=obD9PuKIUmiIPrW4b1v3W1J1qe%2BTMpHl8RwgseZE%2Fl0%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767097859"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2025-12-30 by HttpPlugin
    Create report

  • Open service 75.2.60.68:443 · staging.api.kindest.com

    2025-12-22 18:54 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 18:54:42 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=fvrSsb7RLtbL0r8qnsdxtI%2BC3HLoDlQQ6MGpbw6kMHs%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766429682"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=fvrSsb7RLtbL0r8qnsdxtI%2BC3HLoDlQQ6MGpbw6kMHs%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766429682"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2025-12-22 by HttpPlugin
    Create report

  • Open service 35.71.179.82:80 · staging.api.kindest.com

    2025-12-22 08:11 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 08:11:25 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2B8XyJy8ll9o3R4%2B8ZR4%2B8yQWOoCAfKZgZI%2BL2M8RRPY%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766391085"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2B8XyJy8ll9o3R4%2B8ZR4%2B8yQWOoCAfKZgZI%2BL2M8RRPY%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766391085"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2025-12-22 by HttpPlugin
    Create report

  • Open service 75.2.60.68:443 · staging.api.kindest.com

    2025-12-20 20:28 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 20:28:06 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=6WMpbS3vk4HKOknW61kbSv9EvpGG5NXF8ArNbuLWi9Y%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766262486"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=6WMpbS3vk4HKOknW61kbSv9EvpGG5NXF8ArNbuLWi9Y%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766262486"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2025-12-20 by HttpPlugin
    Create report

  • Open service 35.71.179.82:80 · staging.api.kindest.com

    2025-12-20 05:50 

    HTTP/1.1 400 Bad Request
Access-Control-Allow-Origin: *
Content-Length: 406
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 05:50:07 GMT
Etag: W/"196-HUCJKwlQurC5GNaaJnH0d+HOnRw"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=D2tFdIEeSPuzeWcdsWsSBCdRREea676qQ3DuOh0YQJs%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766209807"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=D2tFdIEeSPuzeWcdsWsSBCdRREea676qQ3DuOh0YQJs%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766209807"
Server: Heroku
Via: 1.1 heroku-router
Connection: close


{"errors":[{"message":"This operation has been blocked as a potential Cross-Site Request Forgery (CSRF). Please either specify a 'content-type' header (with a type that is not one of application/x-www-form-urlencoded, multipart/form-data, text/plain) or provide a non-empty value for one of the following headers: x-apollo-operation-name, apollo-require-preflight\n","extensions":{"code":"BAD_REQUEST"}}]}
    Found 2025-12-20 by HttpPlugin
    Create report
staging.api.kindest.com
Fingerprint:
1db9b61234f67f2c4d50be2ec9508bbe6224b3a9e271793fa7e93317e4dd2937
CN:
staging.api.kindest.com
Key:
RSA-2048
Issuer:
R13
Not before:
2026-01-12 23:25
Not after:
2026-04-12 23:25
staging.api.kindest.com
Fingerprint:
7213dac3e50fb80acd2570a6028f560c5d58a43cca268160d2bdf556298a3dd4
CN:
staging.api.kindest.com
Key:
RSA-2048
Issuer:
R13
Not before:
2025-11-13 00:25
Not after:
2026-02-11 00:25
Domain summary

staging.api.kindest.com 18

1 recorded
IP summary

99.83.220.108 1 75.2.60.68 1 35.71.179.82 1 13.248.244.96 1

4 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice