I don’t think it makes much sense to invest time in troubleshooting CORS in this environment. Before doing anything else, I would organize things so that your backend is hosted somewhere with (a) proper forward and reverse DNS, and (b) a valid SSL certificate. Additionally, every endpoint in your Ionic code should use a hostname (no IP addresses, no localhost) and begin with https.
When you deploy the app, those things are going to need to be true anyway.