LeakIX - Host api.devcase.sytac.io

Domain api.devcase.sytac.io

United States

AMAZON-02

Software information

Heroku

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.devcase.sytac.io
Port: 443
URL: https://api.devcase.sytac.io

First seen 2025-11-15 00:10
Last seen 2026-01-14 03:56
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-14 03:56
Create report

Open service 76.223.11.49:443 · api.devcase.sytac.io

2026-01-09 10:10

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 09 Jan 2026 10:10:38 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4EYSdWtQr6SgurhhcJwBILkP3i4iVa5jpTdxkqb2mZg%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767953438"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4EYSdWtQr6SgurhhcJwBILkP3i4iVa5jpTdxkqb2mZg%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767953438"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2026-01-09 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.devcase.sytac.io

2026-01-02 10:19

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 02 Jan 2026 10:19:39 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LsgvjAE8dIgyFbQZxkikpEUmGK6SMrhTM%2FWPoLJ5sXY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767349179"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LsgvjAE8dIgyFbQZxkikpEUmGK6SMrhTM%2FWPoLJ5sXY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767349179"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2026-01-02 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.devcase.sytac.io

2025-12-23 00:51

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Tue, 23 Dec 2025 00:51:44 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3%2FPvljLMFZsApXTcPQp4CYoqOmI4xi%2BH9fZwS0%2Bp5f8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766451105"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3%2FPvljLMFZsApXTcPQp4CYoqOmI4xi%2BH9fZwS0%2Bp5f8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766451105"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2025-12-23 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.devcase.sytac.io

2025-12-21 09:29

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Sun, 21 Dec 2025 09:29:10 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3zbRtcsPxti7OjuiEltFCot6mgBaJc3WDEh4LXPEgF0%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766309351"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3zbRtcsPxti7OjuiEltFCot6mgBaJc3WDEh4LXPEgF0%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766309351"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2025-12-21 by HttpPlugin

Create report

Open service 76.223.11.49:443 · api.devcase.sytac.io

2025-12-19 01:13

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 19 Dec 2025 01:13:09 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=RFSMqXkviXNgPr%2BEtL%2BWqqi2Pb4bS2H6fE96DpS%2BW6w%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766106790"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=RFSMqXkviXNgPr%2BEtL%2BWqqi2Pb4bS2H6fE96DpS%2BW6w%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766106790"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2025-12-19 by HttpPlugin

Create report

api.devcase.sytac.io

Fingerprint:

a0c5236ed04f8ade319c6a77f8f62ee7aac5dc85da15603736c1ffe773664cd2

CN:

api.devcase.sytac.io

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-14 23:12

Not after:

2026-02-12 23:12

Domain summary

api.devcase.sytac.io 5

1 recorded

IP summary

76.223.11.49 2

1 recorded

Domain api.devcase.sytac.io

United States

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

api.devcase.sytac.io

Domain summary

IP summary