LeakIX - Host api.devcase.test.sytac.io

Domain api.devcase.test.sytac.io

United States

AMAZON-02

Software information

Heroku

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.devcase.test.sytac.io
Port: 443
URL: https://api.devcase.test.sytac.io

First seen 2025-11-20 00:02
Last seen 2026-01-09 18:11
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-09 18:11
Create report

Open service 75.2.43.161:443 · api.devcase.test.sytac.io

2026-01-09 18:11

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 09 Jan 2026 18:12:00 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=tyIu7%2B47ESFoWkYvny34tv7YiO4yoN1%2Bjv5dQpBpEz4%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767982320"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=tyIu7%2B47ESFoWkYvny34tv7YiO4yoN1%2Bjv5dQpBpEz4%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767982320"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 3 days ago by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.devcase.test.sytac.io

2026-01-02 22:23

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 02 Jan 2026 22:23:48 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rtQuLgtoRMp8iv9VrMmFnUdIfKtOpzRmxWs5jwr0cAc%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767392629"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rtQuLgtoRMp8iv9VrMmFnUdIfKtOpzRmxWs5jwr0cAc%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767392629"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2026-01-02 by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.devcase.test.sytac.io

2025-12-22 22:05

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Mon, 22 Dec 2025 22:05:54 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wOfXrem7QEso5vrTBZIyhfJsQNWpMFLlFLibLrrIj9M%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766441154"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wOfXrem7QEso5vrTBZIyhfJsQNWpMFLlFLibLrrIj9M%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766441154"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2025-12-22 by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.devcase.test.sytac.io

2025-12-21 04:05

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Sun, 21 Dec 2025 04:05:35 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Tl%2FTWIsIfP0ZUsEwIHSY0NyiXrQZVr%2F1ITXGs84XCjc%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766289936"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Tl%2FTWIsIfP0ZUsEwIHSY0NyiXrQZVr%2F1ITXGs84XCjc%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766289936"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2025-12-21 by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.devcase.test.sytac.io

2025-12-19 02:24

HTTP/1.1 404 Not Found
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json
Date: Fri, 19 Dec 2025 02:24:24 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=I%2F0Qxp6vu0jh7vg308k8Tdkxa4aQvMQlDtoKHpz7gXs%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766111064"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=I%2F0Qxp6vu0jh7vg308k8Tdkxa4aQvMQlDtoKHpz7gXs%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766111064"
Server: Heroku
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 50
Connection: close


{"message":"","cause":"GenericError","status":404}

Found 2025-12-19 by HttpPlugin

Create report

api.devcase.test.sytac.io

Fingerprint:

6069e5cbda389dfc87cc0308ba9e18fd1cc5a646bb3ca8ae3e256888b7c3bf3d

CN:

api.devcase.test.sytac.io

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-19 23:03

Not after:

2026-02-17 23:03

Domain summary

api.devcase.test.sytac.io 5

1 recorded

IP summary

75.2.43.161 2

1 recorded

Domain api.devcase.test.sytac.io

United States

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

api.devcase.test.sytac.io

Domain summary

IP summary