LeakIX - Host api.terracoregame.com

Domain api.terracoregame.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.57.73
Domain: api.terracoregame.com
Port: 80
URL: http://api.terracoregame.com

First seen 2025-11-24 02:16
Last seen 2026-01-09 12:42
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 12:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.248.213.92
Domain: api.terracoregame.com
Port: 443
URL: https://api.terracoregame.com

First seen 2025-11-24 02:16
Last seen 2026-01-09 02:34
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 02:34
Create report

Open service 76.223.57.73:80 · api.terracoregame.com

2026-01-09 12:42

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 12:43:09 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BzMhNs8CFRcK0jXOtZxxib7uSUE%2BdwML%2BG9cC31t2fc%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767962589"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BzMhNs8CFRcK0jXOtZxxib7uSUE%2BdwML%2BG9cC31t2fc%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767962589"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 59
X-Ratelimit-Reset: 1767962641
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 13.248.213.92:443 · api.terracoregame.com

2026-01-09 02:34

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 02:34:51 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2Fc60i7nfBch3tq09QLJhJwl4lnxCY45HIS9oZCj2DYw%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767926091"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2Fc60i7nfBch3tq09QLJhJwl4lnxCY45HIS9oZCj2DYw%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767926091"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1767926100
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 76.223.57.73:80 · api.terracoregame.com

2026-01-02 20:18

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 20:18:16 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Kzwe3eYKCQ%2FSCmpz2zoO%2Fqf0Akw5XV0QW4sA2gsTj8g%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767385096"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Kzwe3eYKCQ%2FSCmpz2zoO%2Fqf0Akw5XV0QW4sA2gsTj8g%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767385096"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1767385150
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 13.248.213.92:443 · api.terracoregame.com

2026-01-02 00:39

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 00:39:18 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ULqlhLGMdeUkAlqc08HVqKFOYUddqvjbb7ZjHmyLgM0%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767314358"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ULqlhLGMdeUkAlqc08HVqKFOYUddqvjbb7ZjHmyLgM0%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767314358"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1767314387
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 13.248.213.92:443 · api.terracoregame.com

2025-12-30 08:06

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Tue, 30 Dec 2025 08:06:18 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=25TDFdZvzah4QaN2SXkHVOa0d1rKvXrKyn2n49mfzrw%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767081978"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=25TDFdZvzah4QaN2SXkHVOa0d1rKvXrKyn2n49mfzrw%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767081978"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1767081981
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2025-12-30 by HttpPlugin

Create report

Open service 13.248.213.92:443 · api.terracoregame.com

2025-12-23 01:37

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Tue, 23 Dec 2025 01:37:06 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Jza1G13THa0e3yQxLOHE6T9jwFVPnqw9F4hN06Fnf%2FU%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766453826"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Jza1G13THa0e3yQxLOHE6T9jwFVPnqw9F4hN06Fnf%2FU%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766453826"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1766453838
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2025-12-23 by HttpPlugin

Create report

Open service 76.223.57.73:80 · api.terracoregame.com

2025-12-22 18:35

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 18:35:56 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rtAPunMrmeODafkUPohgLGS0Iw0yi48A6NTI%2BPDpo5s%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766428556"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rtAPunMrmeODafkUPohgLGS0Iw0yi48A6NTI%2BPDpo5s%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766428556"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1766428577
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 76.223.57.73:80 · api.terracoregame.com

2025-12-20 22:37

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 22:38:01 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ligG2YKJz92mjWj2w4PYVl9mvEUlldBAl29mOYV4NUM%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766270281"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ligG2YKJz92mjWj2w4PYVl9mvEUlldBAl29mOYV4NUM%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766270281"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1766270329
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2025-12-20 by HttpPlugin

Create report

Open service 76.223.57.73:80 · api.terracoregame.com

2025-12-19 02:30

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 42
Content-Type: application/json; charset=utf-8
Date: Fri, 19 Dec 2025 02:30:50 GMT
Etag: W/"2a-VHNkqsjotii/aTh5e5h2V8MPYmo"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=mvJCu3jvOGvN86f7AwQQeRZ45YnMYXWbVNmzB14VjFU%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766111450"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=mvJCu3jvOGvN86f7AwQQeRZ45YnMYXWbVNmzB14VjFU%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766111450"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 58
X-Ratelimit-Reset: 1766111484
Connection: close


{"message":"Welcome to the Terracore API"}

Found 2025-12-19 by HttpPlugin

Create report

api.terracoregame.com

Fingerprint:

4df55210a99b070b74586940c45ae7182404ec396b1b221979d8896fd7afe4cf

CN:

api.terracoregame.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-24 01:17

Not after:

2026-02-22 01:17

Domain summary

api.terracoregame.com 10

1 recorded

IP summary

76.223.57.73 1 13.248.213.92 1

2 recorded

Domain api.terracoregame.com

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

api.terracoregame.com

Domain summary

IP summary