LeakIX - Host backend-staging.guidable.com

Domain backend-staging.guidable.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 99.83.217.1
Domain: backend-staging.guidable.com
Port: 80
URL: http://backend-staging.guidable.com

First seen 2025-11-24 01:26
Last seen 2026-01-02 00:39
Open for 38 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa365ebb7bca8f19d80b7e19fb2fa4183646b57b837

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 12, INPUT_OBJECT: 49, OBJECT: 60, SCALAR: 6)
Operations:
- Query: Query | fields: applicationSettings, groupSharing, storyEvaluation, tourReview, user
- Mutation: Mutation | fields: auth, groupSharing, storyEvaluation, user, userTour
- Subscription: Subscription | fields: groupSharingChanged, storyCreationRequestUpdated, supportedAppVersionChanged, tourCreationRequestUpdated, transactionCreated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 00:39

104.6 kBytes

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 76.223.11.49
Domain: backend-staging.guidable.com
Port: 443
URL: https://backend-staging.guidable.com

First seen 2025-11-24 01:26
Last seen 2026-01-02 00:37
Open for 38 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa365ebb7bca8f19d80b7e19fb2fa4183646b57b837

GraphQL introspection enabled at /graphql
Types: 127 (by kind: ENUM: 12, INPUT_OBJECT: 49, OBJECT: 60, SCALAR: 6)
Operations:
- Query: Query | fields: applicationSettings, groupSharing, storyEvaluation, tourReview, user
- Mutation: Mutation | fields: auth, groupSharing, storyEvaluation, user, userTour
- Subscription: Subscription | fields: groupSharingChanged, storyCreationRequestUpdated, supportedAppVersionChanged, tourCreationRequestUpdated, transactionCreated
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-02 00:37

104.6 kBytes

Create report

Open service 76.223.11.49:443 · backend-staging.guidable.com

2026-01-09 02:35

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 02:35:35 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2BkFegCsnPWJFPYrG67e85xdPBGvD6DPSHRR3CLjBoiw%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767926135"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2BkFegCsnPWJFPYrG67e85xdPBGvD6DPSHRR3CLjBoiw%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767926135"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2026-01-09 by HttpPlugin

Create report

Open service 99.83.217.1:80 · backend-staging.guidable.com

2026-01-09 02:34

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 02:35:50 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BfIlZ%2FV3ATEjY4bx%2B645Ydq%2FD%2BdqkVBVl3pdHH7SoXg%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767926150"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BfIlZ%2FV3ATEjY4bx%2B645Ydq%2FD%2BdqkVBVl3pdHH7SoXg%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767926150"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2026-01-09 by HttpPlugin

Create report

Open service 99.83.217.1:80 · backend-staging.guidable.com

2026-01-02 00:39

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 00:39:23 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=xN87nDtWKQJbdwv1XUs2EKo1o0nHC7ed%2BF3z0RqLSOM%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767314363"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=xN87nDtWKQJbdwv1XUs2EKo1o0nHC7ed%2BF3z0RqLSOM%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767314363"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2026-01-02 by HttpPlugin

Create report

Open service 76.223.11.49:443 · backend-staging.guidable.com

2026-01-02 00:37

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 00:37:59 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wO%2FH2AQV34QKNCnDbJG%2F2jfiH4XiJP4HU%2BFmol30naw%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767314279"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wO%2FH2AQV34QKNCnDbJG%2F2jfiH4XiJP4HU%2BFmol30naw%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767314279"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2026-01-02 by HttpPlugin

Create report

Open service 76.223.11.49:443 · backend-staging.guidable.com

2025-12-30 08:07

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Dec 2025 08:07:31 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WXbCCPwV%2B53ad%2FLKofGVO9reMF56WZviiZ7rStopFO8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767082051"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WXbCCPwV%2B53ad%2FLKofGVO9reMF56WZviiZ7rStopFO8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767082051"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2025-12-30 by HttpPlugin

Create report

Open service 99.83.217.1:80 · backend-staging.guidable.com

2025-12-30 08:06

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Dec 2025 08:06:19 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=jc52SzKvyhxlAbBV2qaFbBkRIEBoWh88xtj9bKiI3g0%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767081979"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=jc52SzKvyhxlAbBV2qaFbBkRIEBoWh88xtj9bKiI3g0%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767081979"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2025-12-30 by HttpPlugin

Create report

Open service 76.223.11.49:443 · backend-staging.guidable.com

2025-12-23 01:35

HTTP/1.1 200 OK
Content-Length: 17
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Dec 2025 01:35:01 GMT
Etag: W/"11-uHyBxMeNlIJAQfw7PJuBJSmOJ9E"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=5zI6rK3U2%2BpdFJ9d%2BLHXU5podR4UHQoharvVkH4cd2Q%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766453701"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=5zI6rK3U2%2BpdFJ9d%2BLHXU5podR4UHQoharvVkH4cd2Q%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766453701"
Server: Heroku
Vary: Origin
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Server is running

Found 2025-12-23 by HttpPlugin

Create report

backend-staging.guidable.com

Fingerprint:

49e840feff1bb19825d10c4c1aefec9b66a93754ca8b71b6b27e3fd476a10b5b

CN:

backend-staging.guidable.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-24 00:27

Not after:

2026-02-22 00:27

Domain summary

backend-staging.guidable.com 8

1 recorded

IP summary

76.223.11.49 1 99.83.217.1 1

2 recorded