Domain admin.therealreward.com
United States
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-05 19:29
Last seen 2026-01-09 12:43
Open for 34 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43cc64d3904ab85d458746a6e9b5ef39606ce8b484Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /api/blogs GET /api/blogs/slug/{slug} GET /api/brands GET /api/careers GET /api/categories GET /api/events GET /api/pages GET /api/pages/id/{id} GET /api/pages/slug/{slug} GET /api/privileges GET /api/promotions GET /api/promotions/{id} GET /api/settings/env GET /api/stores GET /api/vouchers GET /api/vouchers/{id} POST /api/auth/loginFound on 2026-01-09 12:43
-
-
Open service 64.29.17.1:443 · admin.therealreward.com
2026-01-09 12:43
HTTP/1.1 307 Temporary Redirect Age: 0 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Content-Length: 6 Content-Type: text/plain; charset=utf-8 Date: Fri, 09 Jan 2026 12:43:58 GMT Location: /login Server: Vercel Strict-Transport-Security: max-age=63072000 X-Matched-Path: / X-Vercel-Cache: MISS X-Vercel-Id: fra1::sin1::zmtsp-1767962638200-adff0202b478 Connection: close /login
Found 2026-01-09 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · admin.therealreward.com
2026-01-02 08:31
HTTP/1.1 307 Temporary Redirect Age: 0 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Content-Length: 6 Content-Type: text/plain; charset=utf-8 Date: Fri, 02 Jan 2026 08:31:56 GMT Location: /login Server: Vercel Strict-Transport-Security: max-age=63072000 X-Matched-Path: / X-Vercel-Cache: MISS X-Vercel-Id: sin1::sin1::v4l72-1767342716475-fa30f757055a Connection: close /login
Found 2026-01-02 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · admin.therealreward.com
2025-12-22 14:12
HTTP/1.1 307 Temporary Redirect Age: 0 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Content-Length: 6 Content-Type: text/plain; charset=utf-8 Date: Mon, 22 Dec 2025 14:12:35 GMT Location: /login Server: Vercel Strict-Transport-Security: max-age=63072000 X-Matched-Path: / X-Vercel-Cache: MISS X-Vercel-Id: sfo1::sin1::fb9vz-1766412754981-cd5a99624a5b Connection: close /login
Found 2025-12-22 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · admin.therealreward.com
2025-12-20 16:52
HTTP/1.1 307 Temporary Redirect Age: 0 Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Content-Length: 6 Content-Type: text/plain; charset=utf-8 Date: Sat, 20 Dec 2025 16:52:19 GMT Location: /login Server: Vercel Strict-Transport-Security: max-age=63072000 X-Matched-Path: / X-Vercel-Cache: MISS X-Vercel-Id: fra1::sin1::vbs27-1766249539192-3f88fb99f419 Connection: close /login
Found 2025-12-20 by HttpPluginCreate report