LeakIX - Host api.zigned.io

Domain api.zigned.io

United States

AMAZON-02

Software information

Heroku

tcp/443

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: api.zigned.io
Port: 443
URL: https://api.zigned.io

First seen 2025-11-14 02:53
Last seen 2026-01-02 04:21
Open for 49 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3ee6fa6d9866f42bbb83cac51f32be31ecde1994a
```
GraphQL introspection enabled at /graphql
Types: 291 (by kind: ENUM: 40, INPUT_OBJECT: 61, OBJECT: 180, SCALAR: 10)
Operations:
- Query: Query | fields: agreement, agreementEvents, getAgreementAuthor, getTeamAgreementByPublicId, me
- Mutation: Mutation | fields: bankId, otp, teams, truid, zealId
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2026-01-02 04:21
  
  272.4 kBytes
Create report

Open service 76.223.11.49:443 · api.zigned.io

2026-01-09 10:46

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Accept, Content-Type, authorization, content-length, x-requested-with, origin, token, x-zigned-verify, x-refresh-token, x-zigned-api-key, apollographql-client-name, apollographql-client-version, x-zigned-proxy-user-id
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Access-Control-Allow-Origin: undefined
Access-Control-Expose-Headers: x-refresh-token
Access-Control-Expose-Headers: token
Allow: POST, GET, OPTIONS
Content-Length: 139
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 10:46:52 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=X8id0JwyJoLw17gnEJC9K9IUEfXfp5b9mq0LV2W3o%2FA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767955612"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=X8id0JwyJoLw17gnEJC9K9IUEfXfp5b9mq0LV2W3o%2FA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767955612"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.zigned.io

2026-01-02 04:21

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Accept, Content-Type, authorization, content-length, x-requested-with, origin, token, x-zigned-verify, x-refresh-token, x-zigned-api-key, apollographql-client-name, apollographql-client-version, x-zigned-proxy-user-id
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Access-Control-Allow-Origin: undefined
Access-Control-Expose-Headers: x-refresh-token
Access-Control-Expose-Headers: token
Allow: POST, GET, OPTIONS
Content-Length: 139
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 04:21:36 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=XITWQuw6OPx%2Bv282EY%2BnomYaqRRrTGX91v3%2FuRu5mQs%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767327696"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=XITWQuw6OPx%2Bv282EY%2BnomYaqRRrTGX91v3%2FuRu5mQs%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767327696"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.zigned.io

2025-12-22 19:16

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Accept, Content-Type, authorization, content-length, x-requested-with, origin, token, x-zigned-verify, x-refresh-token, x-zigned-api-key, apollographql-client-name, apollographql-client-version, x-zigned-proxy-user-id
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Access-Control-Allow-Origin: undefined
Access-Control-Expose-Headers: x-refresh-token
Access-Control-Expose-Headers: token
Allow: POST, GET, OPTIONS
Content-Length: 139
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Dec 2025 19:16:51 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=a5wAoq5C85ZmOOLAY3rXKTtunTHMqlwd3DlslvnK3ys%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766431011"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=a5wAoq5C85ZmOOLAY3rXKTtunTHMqlwd3DlslvnK3ys%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766431011"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.zigned.io

2025-12-20 18:41

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Accept, Content-Type, authorization, content-length, x-requested-with, origin, token, x-zigned-verify, x-refresh-token, x-zigned-api-key, apollographql-client-name, apollographql-client-version, x-zigned-proxy-user-id
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Access-Control-Allow-Origin: undefined
Access-Control-Expose-Headers: x-refresh-token
Access-Control-Expose-Headers: token
Allow: POST, GET, OPTIONS
Content-Length: 139
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Dec 2025 18:41:09 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=kSb2zxsUPT4Ph9VQYdpxVNJPM4wghvAbbka6sDU6Vrw%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766256069"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=kSb2zxsUPT4Ph9VQYdpxVNJPM4wghvAbbka6sDU6Vrw%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766256069"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2025-12-20 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.zigned.io

2025-12-19 01:36

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Allow-Origin, Accept, Content-Type, authorization, content-length, x-requested-with, origin, token, x-zigned-verify, x-refresh-token, x-zigned-api-key, apollographql-client-name, apollographql-client-version, x-zigned-proxy-user-id
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Access-Control-Allow-Origin: undefined
Access-Control-Expose-Headers: x-refresh-token
Access-Control-Expose-Headers: token
Allow: POST, GET, OPTIONS
Content-Length: 139
Content-Security-Policy: default-src 'none'
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Dec 2025 01:36:15 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=7qtVZkTmo%2BfZulVEBo7sRPwx2oSfXicpCkaqiBEH7ws%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766108175"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=7qtVZkTmo%2BfZulVEBo7sRPwx2oSfXicpCkaqiBEH7ws%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766108175"
Server: Heroku
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2025-12-19 by HttpPlugin

Create report

api.zigned.io

Fingerprint:

f200356b2dacc5c883eb6c33044ef1d136ac5037504cc0360cf54fdb55173e0d

CN:

api.zigned.io

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-14 01:54

Not after:

2026-02-12 01:54

Domain summary

api.zigned.io 5

1 recorded

IP summary

76.223.11.49 2

1 recorded

Domain api.zigned.io

United States

Software information

GraphQL introspection is enabled.

Create report

Create report

Create report

Create report

Create report

api.zigned.io

Domain summary

IP summary