LeakIX - Host api.izpet.com.br

Domain api.izpet.com.br

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.248.244.96
Domain: api.izpet.com.br
Port: 80
URL: http://api.izpet.com.br

First seen 2025-10-28 00:49
Last seen 2026-01-09 12:17
Open for 73 days

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf70f97eea75afb898bef94d04dc2f4f653f5b0839b

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /agendamento/excluir/{id}
DELETE /usuarios/deletar-animal/{id}
GET /agendamento/atendentes
GET /agendamento/listar
GET /agendamento/listar-diarias
GET /dominios/animal
GET /dominios/servicos
GET /empresas/listar
GET /hooks/whatsapp
GET /imagens/recuperar
GET /imagens/recuperar-teste
GET /usuarios/animais
GET /usuarios/empresas-favoritas
GET /usuarios/usuario
POST /agendamento/inserir
POST /hooks/teste-wab
POST /imagens/enviar-atendente
POST /imagens/enviar-teste
POST /usuarios/criar-animal
POST /usuarios/criar-usuario
POST /usuarios/desfavoritar-empresa
POST /usuarios/favoritar-empresa
POST /usuarios/find-uuid
POST /usuarios/reset-senha
PUT /usuarios/atualizar-animal
PUT /usuarios/atualizar-tutor

Found on 2026-01-09 12:17

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 35.71.179.82
Domain: api.izpet.com.br
Port: 443
URL: https://api.izpet.com.br

First seen 2025-10-28 00:49
Last seen 2026-01-09 09:48
Open for 73 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd18553ecf70f97eea75afb898bef94d04dc2f4f653f5b0839b
```
Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
DELETE /agendamento/excluir/{id}
DELETE /usuarios/deletar-animal/{id}
GET /agendamento/atendentes
GET /agendamento/listar
GET /agendamento/listar-diarias
GET /dominios/animal
GET /dominios/servicos
GET /empresas/listar
GET /hooks/whatsapp
GET /imagens/recuperar
GET /imagens/recuperar-teste
GET /usuarios/animais
GET /usuarios/empresas-favoritas
GET /usuarios/usuario
POST /agendamento/inserir
POST /hooks/teste-wab
POST /imagens/enviar-atendente
POST /imagens/enviar-teste
POST /usuarios/criar-animal
POST /usuarios/criar-usuario
POST /usuarios/desfavoritar-empresa
POST /usuarios/favoritar-empresa
POST /usuarios/find-uuid
POST /usuarios/reset-senha
PUT /usuarios/atualizar-animal
PUT /usuarios/atualizar-tutor
```
  Found on 2026-01-09 09:48
Create report

Open service 13.248.244.96:80 · api.izpet.com.br

2026-01-09 12:17

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Fri, 09 Jan 2026 12:18:07 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=9Kl6FHqfLIABLPZSGZhKHHNUpD2BT2FTUxku9eN3GII%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767961087"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=9Kl6FHqfLIABLPZSGZhKHHNUpD2BT2FTUxku9eN3GII%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767961087"
Server: Heroku
Set-Cookie: JSESSIONID=17D1237644F45453191A028B67938E90; Path=/; HttpOnly
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2026-01-09 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.izpet.com.br

2026-01-09 09:48

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Fri, 09 Jan 2026 09:48:51 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=5NbaJHLOSewX9LtMq5Rk3aIOuYNYcbbF7E%2FjlaQMqj0%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767952131"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=5NbaJHLOSewX9LtMq5Rk3aIOuYNYcbbF7E%2FjlaQMqj0%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767952131"
Server: Heroku
Set-Cookie: JSESSIONID=A770D23402A78691385F9F5B2FE25E5F; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2026-01-09 by HttpPlugin

Create report

Open service 13.248.244.96:80 · api.izpet.com.br

2026-01-02 20:35

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Fri, 02 Jan 2026 20:35:15 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=cJOQ8zfCwMbr1Bvw80kQsNizfH6qEHj7IKDbMRw2L4M%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767386116"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=cJOQ8zfCwMbr1Bvw80kQsNizfH6qEHj7IKDbMRw2L4M%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767386116"
Server: Heroku
Set-Cookie: JSESSIONID=1DE61950C42D1B3FB39AF2EE31D228DC; Path=/; HttpOnly
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.izpet.com.br

2026-01-02 16:07

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Fri, 02 Jan 2026 16:07:05 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Mc4vAQonfQ0DmKKW2nJDDM6ctcmpoZyIxL8yn%2B7hKI0%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767370025"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Mc4vAQonfQ0DmKKW2nJDDM6ctcmpoZyIxL8yn%2B7hKI0%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767370025"
Server: Heroku
Set-Cookie: JSESSIONID=CE22A8A9D364F2D354DE5FDD20CEA5AA; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.izpet.com.br

2025-12-23 01:01

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Tue, 23 Dec 2025 01:01:53 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=yRxF5Q3KGzw0vAYMdFbJF9Eedaqs%2BXngsUoQyIO1mkQ%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766451713"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=yRxF5Q3KGzw0vAYMdFbJF9Eedaqs%2BXngsUoQyIO1mkQ%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766451713"
Server: Heroku
Set-Cookie: JSESSIONID=7ED3CEF10F5467B6A44F823B86A4AAC2; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-23 by HttpPlugin

Create report

Open service 13.248.244.96:80 · api.izpet.com.br

2025-12-22 19:46

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Mon, 22 Dec 2025 19:46:04 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=usitv3Kl9CHIM5UkSjiz1MTdYseH8yJWWe3GRzl7%2BtU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766432764"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=usitv3Kl9CHIM5UkSjiz1MTdYseH8yJWWe3GRzl7%2BtU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766432764"
Server: Heroku
Set-Cookie: JSESSIONID=628F25C150B46DEBB17E3A4941D19765; Path=/; HttpOnly
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-22 by HttpPlugin

Create report

Open service 13.248.244.96:80 · api.izpet.com.br

2025-12-20 19:41

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Sat, 20 Dec 2025 19:41:41 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Sc6J75EcXahfqCjd9NibirhHyf1LIZRAEpLuooZwl7c%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766259701"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Sc6J75EcXahfqCjd9NibirhHyf1LIZRAEpLuooZwl7c%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766259701"
Server: Heroku
Set-Cookie: JSESSIONID=FB6C027733D7191C590BAF9CB10AE3B3; Path=/; HttpOnly
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-20 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.izpet.com.br

2025-12-20 16:56

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Sat, 20 Dec 2025 16:56:32 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Xhdlbfcwz5OnG%2FVc7O%2BPEaQbLHMIZbIsJgszpsRJtME%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766249792"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Xhdlbfcwz5OnG%2FVc7O%2BPEaQbLHMIZbIsJgszpsRJtME%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766249792"
Server: Heroku
Set-Cookie: JSESSIONID=2201FE65C63598055B5CBB068DB73555; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-20 by HttpPlugin

Create report

Open service 35.71.179.82:443 · api.izpet.com.br

2025-12-19 08:10

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Fri, 19 Dec 2025 08:10:19 GMT
Expires: 0
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=18mrMqmal9teo0N6vSEPjRhNK1PVXKBa75pnRnnJF9E%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766131819"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=18mrMqmal9teo0N6vSEPjRhNK1PVXKBa75pnRnnJF9E%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766131819"
Server: Heroku
Set-Cookie: JSESSIONID=1F13505FE66C04A1819900432363A05A; Path=/; Secure; HttpOnly
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Via: 1.1 heroku-router
Www-Authenticate: Bearer
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-19 by HttpPlugin

Create report

api.izpet.com.br

Fingerprint:

95012ac45febb225ac753aef941810ae6f2560eaff33472a851cf00966dd0e42

CN:

api.izpet.com.br

Key:

RSA-2048

Issuer:

R13

Not before:

2025-12-27 00:13

Not after:

2026-03-27 00:13

api.izpet.com.br

Fingerprint:

2825bb6a8e81505a9f2416a26366bcb87194502a88effdd4c4e85f3110152c19

CN:

api.izpet.com.br

Key:

RSA-2048

Issuer:

R13

Not before:

2025-10-27 23:51

Not after:

2026-01-25 23:51

Domain summary

api.izpet.com.br 10

1 recorded

IP summary

13.248.244.96 1 35.71.179.82 1

2 recorded