Domain api.dev.coreo.io
United States
Software information
Heroku
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-11-21 02:09
Last seen 2026-01-02 08:14
Open for 42 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3c15d8f5475c1b698fec6991ef40bdfb93f459b09GraphQL introspection enabled at /graphql Types: 273 (by kind: ENUM: 11, INPUT_OBJECT: 171, OBJECT: 83, SCALAR: 8) Operations: - Query: RootQueryType | fields: projects, record, records, user, users - Mutation: RootMutationType | fields: createProject, createProjectPage, createProjectTemplate, updateProject, updateProjectPage Directives: deprecated, include, skip (total: 3)
Found on 2026-01-02 08:14423.0 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3GraphQL introspection enabled at /graphql
Found on 2025-11-21 02:09
-
-
Open service 99.83.185.157:443 · api.dev.coreo.io
2026-01-09 09:12
HTTP/1.1 301 Moved Permanently Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 50 Content-Type: text/plain; charset=utf-8 Date: Fri, 09 Jan 2026 09:12:40 GMT Location: https://coreo.io Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=HgePAPnl9Srly9wJAFJctI9Gs6L%2FwiyPOWOqI24M3Eg%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767949960"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=HgePAPnl9Srly9wJAFJctI9Gs6L%2FwiyPOWOqI24M3Eg%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767949960" Server: Heroku Set-Cookie: connect.sid=s%3AD_7mcXLMlwMp0wiC1Uv9TS9doGZn3ARA.2PiQeCZO8wDH61nTaUt05sEeJa48yhkhJiiwNSXRc3g; Path=/; HttpOnly Vary: Accept, Accept-Encoding Via: 1.1 heroku-router X-Powered-By: Express Connection: close Moved Permanently. Redirecting to https://coreo.ioFound 2026-01-09 by HttpPluginCreate report
-
Open service 99.83.185.157:443 · api.dev.coreo.io
2026-01-02 08:14
HTTP/1.1 301 Moved Permanently Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 50 Content-Type: text/plain; charset=utf-8 Date: Fri, 02 Jan 2026 08:14:52 GMT Location: https://coreo.io Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=OafA7qemtfzmFaEt5OeJ7BpHD%2Bs8lTKFsvcigyGreeQ%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767341692"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=OafA7qemtfzmFaEt5OeJ7BpHD%2Bs8lTKFsvcigyGreeQ%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767341692" Server: Heroku Set-Cookie: connect.sid=s%3A-eLdvjgs6wH605CL-8VO83L8OeJOdYWX.R1%2B2dYxbv86uqR8JOxK%2Bd0YNsL80%2Btqk7rAy13OxTUc; Path=/; HttpOnly Vary: Accept, Accept-Encoding Via: 1.1 heroku-router X-Powered-By: Express Connection: close Moved Permanently. Redirecting to https://coreo.ioFound 2026-01-02 by HttpPluginCreate report
-
Open service 99.83.185.157:443 · api.dev.coreo.io
2025-12-23 02:32
HTTP/1.1 301 Moved Permanently Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 50 Content-Type: text/plain; charset=utf-8 Date: Tue, 23 Dec 2025 02:32:10 GMT Location: https://coreo.io Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3%2Fj4QUGFvnGBCYajzgVBu4ZYHpqGrgtVKGJfSmvlhBw%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766457130"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3%2Fj4QUGFvnGBCYajzgVBu4ZYHpqGrgtVKGJfSmvlhBw%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766457130" Server: Heroku Set-Cookie: connect.sid=s%3AjRxhPi5g-bzAFtkb_9xvt5cl9jQ_0tJv.X5JXgX9sWmStU88JhCxXXmYk1jW9VYOV%2B7VYOREObPI; Path=/; HttpOnly Vary: Accept, Accept-Encoding Via: 1.1 heroku-router X-Powered-By: Express Connection: close Moved Permanently. Redirecting to https://coreo.ioFound 2025-12-23 by HttpPluginCreate report
-
Open service 99.83.185.157:443 · api.dev.coreo.io
2025-12-20 20:33
HTTP/1.1 301 Moved Permanently Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 50 Content-Type: text/plain; charset=utf-8 Date: Sat, 20 Dec 2025 20:33:14 GMT Location: https://coreo.io Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=GozO5xjGuAAc6v9LIs%2BHSoCPeQfhVrnRGt4BHgftlEU%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766262794"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=GozO5xjGuAAc6v9LIs%2BHSoCPeQfhVrnRGt4BHgftlEU%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766262794" Server: Heroku Set-Cookie: connect.sid=s%3A4BieAz1s76_M4k--vs1veYT4EbGvCb9x.r3Yi1kE6a1Rd0cHDYrU2T4ch2GPBGKsjNOvdX0KqIrM; Path=/; HttpOnly Vary: Accept, Accept-Encoding Via: 1.1 heroku-router X-Powered-By: Express Connection: close Moved Permanently. Redirecting to https://coreo.ioFound 2025-12-20 by HttpPluginCreate report