LeakIX - Host www.readingeagle.com

Domain www.readingeagle.com

United States

AUTOMATTIC

Software information

nginx nginx

tcp/443 tcp/80

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 192.0.66.168
Domain: www.readingeagle.com
Port: 443
URL: https://www.readingeagle.com

First seen 2025-11-22 11:06
Last seen 2026-01-23 10:08
Open for 61 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3
```
GraphQL introspection enabled at /graphql
```
  Found on 2026-01-23 10:08
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa34ca6553388150d3183bc33efe12ce38ab58c932a
```
GraphQL introspection enabled at /graphql
Types: 947 (by kind: ENUM: 59, INPUT_OBJECT: 221, INTERFACE: 121, OBJECT: 539, SCALAR: 5, UNION: 2)
Operations:
- Query: RootQuery | fields: aiLog, aiLogBy, aiLogs, allGroupSubscriptions, allSettings
- Mutation: RootMutation | fields: addPostSubscription, addSubscriberSite, createAiLog, createAuthor, createCategory
Directives: deprecated, include, skip (total: 3)
```
  Found on 2025-12-01 04:45
  
  1.7 MBytes
Create report

Open service 192.0.66.168:443 · www.readingeagle.com

2026-01-23 10:08

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Jan 2026 10:08:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;
X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
X-Powered-By: WordPress VIP <https://wpvip.com>
Host-Header: a9130478a60e5f9135f765b23f26593b
Link: <https://www.readingeagle.com/wp-json/>; rel="https://api.w.org/"
Link: <https://wp.me/d2VX8>; rel=shortlink
x-rq: sin2 177 253 80
accept-ranges: bytes
x-cache: HIT
cache-control: private

Found 2026-01-23 by HttpPlugin

Create report

Open service 192.0.66.168:80 · www.readingeagle.com

2026-01-23 10:08

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Jan 2026 10:08:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://www.readingeagle.com/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 192.0.66.168:443 · www.readingeagle.com

2026-01-22 20:58

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 22 Jan 2026 20:58:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;
X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
X-Powered-By: WordPress VIP <https://wpvip.com>
Host-Header: a9130478a60e5f9135f765b23f26593b
Link: <https://www.readingeagle.com/wp-json/>; rel="https://api.w.org/"
Link: <https://wp.me/d2VX8>; rel=shortlink
x-cache: HIT
accept-ranges: bytes
cache-control: private
x-rq: ams6 0 20 9980

Found 2026-01-22 by HttpPlugin

Create report

Open service 192.0.66.168:443 · www.readingeagle.com

2026-01-08 19:21

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Jan 2026 19:21:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;
X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
X-Powered-By: WordPress VIP <https://wpvip.com>
Host-Header: a9130478a60e5f9135f765b23f26593b
Link: <https://www.readingeagle.com/wp-json/>; rel="https://api.w.org/"
Link: <https://wp.me/d2VX8>; rel=shortlink
x-rq: jfk2 0 20 9980
accept-ranges: bytes
x-cache: MISS
cache-control: private

Found 2026-01-08 by HttpPlugin

Create report

Open service 192.0.66.168:443 · www.readingeagle.com

2026-01-01 00:25

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jan 2026 00:25:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;
X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
X-Powered-By: WordPress VIP <https://wpvip.com>
Host-Header: a9130478a60e5f9135f765b23f26593b
Link: <https://www.readingeagle.com/wp-json/>; rel="https://api.w.org/"
Link: <https://wp.me/d2VX8>; rel=shortlink
x-rq: jfk2 0 20 9980
accept-ranges: bytes
cache-control: private
x-cache: HIT

Found 2026-01-01 by HttpPlugin

Create report

Open service 192.0.66.168:80 · www.readingeagle.com

2026-01-01 00:25

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Jan 2026 00:25:37 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://www.readingeagle.com/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-01 by HttpPlugin

Create report

Open service 192.0.66.168:443 · www.readingeagle.com

2025-12-22 10:11

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 Dec 2025 10:11:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;
X-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
X-Powered-By: WordPress VIP <https://wpvip.com>
Host-Header: a9130478a60e5f9135f765b23f26593b
Link: <https://www.readingeagle.com/wp-json/>; rel="https://api.w.org/"
Link: <https://wp.me/d2VX8>; rel=shortlink
cache-control: private
x-rq: sin2 177 253 80
accept-ranges: bytes
x-cache: HIT

Found 2025-12-22 by HttpPlugin

Create report

readingeagle.comwww.readingeagle.com

Fingerprint:

ebbf5577502be4ef54ca9a3e884dc1d945604fd3853cd755dac000e91a66df12

CN:

readingeagle.com

Key:

ECDSA-256

Issuer:

Not before:

2026-01-23 09:09

Not after:

2026-04-23 09:09

readingeagle.comwww.readingeagle.com

Fingerprint:

733b645f0bd510eed1165ee95c4c63dc87d370ed4c1edd97854d02916ed4333e

CN:

readingeagle.com

Key:

ECDSA-256

Issuer:

Not before:

2025-11-22 10:07

Not after:

2026-02-20 10:07

Domain summary

www.readingeagle.com 8

1 recorded

IP summary

192.0.66.168 2

1 recorded

Domain www.readingeagle.com

United States

Software information

GraphQL introspection is enabled.

Create report

Create report

Create report

Create report

Create report

Create report

Create report

readingeagle.comwww.readingeagle.com

readingeagle.comwww.readingeagle.com

Domain summary

IP summary