LeakIX - Host api.coreo.io

Domain api.coreo.io

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 52.223.53.203
Domain: api.coreo.io
Port: 443
URL: https://api.coreo.io

First seen 2025-11-03 00:48
Last seen 2026-01-02 08:06
Open for 60 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3c15d8f5475c1b698fec6991ef40bdfb93f459b09
```
GraphQL introspection enabled at /graphql
Types: 273 (by kind: ENUM: 11, INPUT_OBJECT: 171, OBJECT: 83, SCALAR: 8)
Operations:
- Query: RootQueryType | fields: projects, record, records, user, users
- Mutation: RootMutationType | fields: createProject, createProjectPage, createProjectTemplate, updateProject, updateProjectPage
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-02 08:06
  
  423.0 kBytes
Create report

Open service 52.223.53.203:443 · api.coreo.io

2026-01-09 09:21

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Jan 2026 09:21:40 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=5HV4T1d5O8JRT8dvh7H7MwVjL1BSdpGE2smzWU2eOyg%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767950500"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=5HV4T1d5O8JRT8dvh7H7MwVjL1BSdpGE2smzWU2eOyg%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767950500"
Server: Heroku
Set-Cookie: connect.sid=s%3AvYa_a82R7LnXUnfFKVwM6NaiN2vumVLS.Kr%2FuiKuPoeM9NIKF1wHzTvjXxOHHX8EXPIXW2UJ9DE0; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2026-01-09 by HttpPlugin

Create report

Open service 52.223.53.203:443 · api.coreo.io

2026-01-02 08:06

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 08:06:37 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=270dEKPto2333ihrksUAbiLNlxhh1M%2BXpsAtzj8kN2Q%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767341197"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=270dEKPto2333ihrksUAbiLNlxhh1M%2BXpsAtzj8kN2Q%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767341197"
Server: Heroku
Set-Cookie: connect.sid=s%3AtClYYIS-Er6B_Khne5dg-hAUC_XGiTgY.qvrOqJCH7kZKOTtmYdY5ld2JhfygydeBjMVtG%2Fa7J18; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2026-01-02 by HttpPlugin

Create report

Open service 52.223.53.203:443 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:03 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4gCVYeV9wmGk8N3ZoU%2BUYjcNRIfoglylUqcODKXH6N8%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316683"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4gCVYeV9wmGk8N3ZoU%2BUYjcNRIfoglylUqcODKXH6N8%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316683"
Server: Heroku
Set-Cookie: connect.sid=s%3AZoD1pB_BY29T67ZOXbAYob-LAx8BaX7R.mo8i%2Fe4LIjAbeRWsAt%2B6UNsAj%2FuIS4q6RxuK13BETLY; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2026-01-02 by HttpPlugin

Create report

Open service 52.223.53.203:80 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Content-Length: 55
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:06 GMT
Location: https://api.coreo.io/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=PTGrMyZ6oL9XHXEStRZQeP8lZQlpdtehpPZ06v%2FCl58%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316686"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=PTGrMyZ6oL9XHXEStRZQeP8lZQlpdtehpPZ06v%2FCl58%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316686"
Server: Heroku
Vary: Accept
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://api.coreo.io/

Found 2026-01-02 by HttpPlugin

Create report

Open service 15.197.253.240:443 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:03 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4gCVYeV9wmGk8N3ZoU%2BUYjcNRIfoglylUqcODKXH6N8%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316683"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4gCVYeV9wmGk8N3ZoU%2BUYjcNRIfoglylUqcODKXH6N8%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316683"
Server: Heroku
Set-Cookie: connect.sid=s%3AaqMa1AXvUoDvdxDhIi6-dTuU8ddD1I4t.9ck1UIzrIwSaz5PI2xT5LQwJU0lke99jyd%2FVM0DaNKg; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Content-Length: 55
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:05 GMT
Location: https://api.coreo.io/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=38%2F5B2WEaRc6DnYNMb4uzhk4CWt6Loli9B4p3WNzMg0%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316685"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=38%2F5B2WEaRc6DnYNMb4uzhk4CWt6Loli9B4p3WNzMg0%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316685"
Server: Heroku
Vary: Accept
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://api.coreo.io/

Found 2026-01-02 by HttpPlugin

Create report

Open service 15.197.253.240:80 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Content-Length: 55
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:05 GMT
Location: https://api.coreo.io/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=38%2F5B2WEaRc6DnYNMb4uzhk4CWt6Loli9B4p3WNzMg0%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316685"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=38%2F5B2WEaRc6DnYNMb4uzhk4CWt6Loli9B4p3WNzMg0%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316685"
Server: Heroku
Vary: Accept
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://api.coreo.io/

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.185.157:443 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:03 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4gCVYeV9wmGk8N3ZoU%2BUYjcNRIfoglylUqcODKXH6N8%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316683"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4gCVYeV9wmGk8N3ZoU%2BUYjcNRIfoglylUqcODKXH6N8%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316683"
Server: Heroku
Set-Cookie: connect.sid=s%3AldBJNppJO677JJvg136BvN7mLO5nNXXy.B6uajXYGR3rCaV%2F5j0wgq25Xhb%2FqQeu7l%2FgFeeTVJ6g; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2026-01-02 by HttpPlugin

Create report

Open service 3.33.249.164:80 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Content-Length: 55
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:05 GMT
Location: https://api.coreo.io/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=38%2F5B2WEaRc6DnYNMb4uzhk4CWt6Loli9B4p3WNzMg0%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316685"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=38%2F5B2WEaRc6DnYNMb4uzhk4CWt6Loli9B4p3WNzMg0%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316685"
Server: Heroku
Vary: Accept
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://api.coreo.io/

Found 2026-01-02 by HttpPlugin

Create report

Open service 3.33.249.164:443 · api.coreo.io

2026-01-02 01:18

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 01:18:02 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=hEgDofawaYrkpb0dyFo%2Ba6k%2F1T7zAiT1YeEo2iFt7BY%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767316682"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=hEgDofawaYrkpb0dyFo%2Ba6k%2F1T7zAiT1YeEo2iFt7BY%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767316682"
Server: Heroku
Set-Cookie: connect.sid=s%3A6LbTaZLWaKWrELVImXk0WQWC8i7dhPRp.WSS7SI2fadQSxBejZjnvuidlNSe8FWB3ofe19bvTrxs; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2026-01-02 by HttpPlugin

Create report

Open service 52.223.53.203:443 · api.coreo.io

2025-12-23 02:09

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Content-Length: 50
Content-Type: text/plain; charset=utf-8
Date: Tue, 23 Dec 2025 02:09:18 GMT
Location: https://coreo.io
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=7UWEjvLymBx7pRPupwX3wt5dtew8mb7jN0DBfbEb7js%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766455758"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=7UWEjvLymBx7pRPupwX3wt5dtew8mb7jN0DBfbEb7js%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766455758"
Server: Heroku
Set-Cookie: connect.sid=s%3A35VEoZWaPQiS9DkuY-s6eQ76nDzS83YI.M0fHexsRQglksuMq8vsNqstIQ%2Bd8%2BntHSSQvOeEgfFg; Path=/; HttpOnly
Vary: Accept, Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Moved Permanently. Redirecting to https://coreo.io

Found 2025-12-23 by HttpPlugin

Create report

api.coreo.io

Fingerprint:

b470a2dff94abe63dc8b306909a08800d2f58b343071d40fd3754117fd3499cb

CN:

api.coreo.io

Key:

RSA-2048

Issuer:

R13

Not before:

2026-01-02 00:18

Not after:

2026-04-02 00:18

api.coreo.io

Fingerprint:

44dbca129deb0287f41994817141f6426bc9b3a024252d406f613aa4ce8ae3b7

CN:

api.coreo.io

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-02 23:49

Not after:

2026-01-31 23:49

Domain summary

api.coreo.io 11

1 recorded

IP summary

52.223.53.203 2 15.197.253.240 1 99.83.185.157 1 3.33.249.164 1

4 recorded

Domain api.coreo.io

United States

Software information

GraphQL introspection is enabled.

api.coreo.io

api.coreo.io

Domain summary

IP summary