Domain api.neereg.com
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-06 01:07
Last seen 2026-01-09 16:51
Open for 64 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 16:51
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-06 01:07
Last seen 2026-01-09 16:51
Open for 64 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 16:51
-
-
Open service 15.197.129.158:80 · api.neereg.com
2026-01-09 16:51
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 16:52:04 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=DuJodaY7FQGXJxVucf1hN2qgsp4bJxOkQ2ANR%2BZFWfE%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767977524"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=DuJodaY7FQGXJxVucf1hN2qgsp4bJxOkQ2ANR%2BZFWfE%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767977524" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 996 X-Ratelimit-Reset: 1767977581 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · api.neereg.com
2026-01-09 16:51
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 16:51:03 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=SVpLcpUUs6PnnYUDrtJr3cKCWXGN83fegsPg05afWbs%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767977463"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=SVpLcpUUs6PnnYUDrtJr3cKCWXGN83fegsPg05afWbs%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767977463" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 999 X-Ratelimit-Reset: 1767977584 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · api.neereg.com
2026-01-02 08:14
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 08:14:24 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=oOYmQoiqmDTNZzekjG27eyxeTAWRlXBDKqJbvzyDi%2B8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767341664"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=oOYmQoiqmDTNZzekjG27eyxeTAWRlXBDKqJbvzyDi%2B8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767341664" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 999 X-Ratelimit-Reset: 1767341785 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.129.158:80 · api.neereg.com
2026-01-01 22:48
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Thu, 01 Jan 2026 22:48:33 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=DYyTUhHZC4iTwFTszBALS3nMRXkirzHWz8wbx15Mz%2BI%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767307713"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=DYyTUhHZC4iTwFTszBALS3nMRXkirzHWz8wbx15Mz%2BI%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767307713" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 998 X-Ratelimit-Reset: 1767307834 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2026-01-01 by HttpPluginCreate report
-
Open service 15.197.129.158:80 · api.neereg.com
2025-12-30 06:12
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 30 Dec 2025 06:12:28 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=t2gqOyZmwknBzUJxF40DVi97PgjydF2TlAwdoAZS2HY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767075148"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=t2gqOyZmwknBzUJxF40DVi97PgjydF2TlAwdoAZS2HY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767075148" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 999 X-Ratelimit-Reset: 1767075269 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2025-12-30 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · api.neereg.com
2025-12-23 02:40
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 23 Dec 2025 02:40:58 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=2ARiQ7ihxyhoc%2BSP4C7FDVM0tYrk7%2BhMnh%2FVtnEPblA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766457658"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=2ARiQ7ihxyhoc%2BSP4C7FDVM0tYrk7%2BhMnh%2FVtnEPblA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766457658" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 999 X-Ratelimit-Reset: 1766457779 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2025-12-23 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · api.neereg.com
2025-12-20 20:13
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 20 Dec 2025 20:13:38 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=tdiynN3FKJmxmh6DV8tfWo04w5xPtur3W%2BkiFzoqX%2Fo%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766261618"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=tdiynN3FKJmxmh6DV8tfWo04w5xPtur3W%2BkiFzoqX%2Fo%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766261618" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 999 X-Ratelimit-Reset: 1766261739 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2025-12-20 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · api.neereg.com
2025-12-19 00:44
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Content-Length: 46 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 19 Dec 2025 00:44:31 GMT Etag: W/"2e-HDnue+KUfLFcpf/g2U3nvvin5TA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=YnBq8k8if7GHv%2FWA2rfU2HtLRiWny0gKUfi%2Ftom8pe4%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766105070"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=YnBq8k8if7GHv%2FWA2rfU2HtLRiWny0gKUfi%2Ftom8pe4%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766105070" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin, Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Ratelimit-Limit: 1000 X-Ratelimit-Remaining: 999 X-Ratelimit-Reset: 1766105192 X-Xss-Protection: 0 Connection: close {"status":"error","message":"Route not found"}Found 2025-12-19 by HttpPluginCreate report