Domain api.tailrender.com
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-23 01:51
Last seen 2026-01-09 05:37
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 05:37
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-23 01:51
Last seen 2026-01-09 04:31
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 04:31
-
-
Open service 3.33.241.96:443 · api.tailrender.com
2026-01-09 05:37
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 05:37:37 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4NsWQzaajqkddzZr07cEDR3Fla%2FMGKJXZhZi%2FFYZHMA%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767937057"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4NsWQzaajqkddzZr07cEDR3Fla%2FMGKJXZhZi%2FFYZHMA%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767937057" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · api.tailrender.com
2026-01-09 04:31
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 04:32:52 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=0DW%2BfZ5KEh0pnGMLsliGdJhKRpbfGXxF6HQKUU69b5E%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767933172"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=0DW%2BfZ5KEh0pnGMLsliGdJhKRpbfGXxF6HQKUU69b5E%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767933172" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · api.tailrender.com
2026-01-02 04:58
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 02 Jan 2026 04:58:11 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=RdazhCP22AuFxheM3XBVnhf0ZOdfPZgizTc7wpuVrI8%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767329891"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=RdazhCP22AuFxheM3XBVnhf0ZOdfPZgizTc7wpuVrI8%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767329891" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · api.tailrender.com
2026-01-02 04:50
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 02 Jan 2026 04:50:16 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=dp8rfSfirRc2BOWCadHbjWxLJXFnjSlRbg%2FfcQK1NnE%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767329416"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=dp8rfSfirRc2BOWCadHbjWxLJXFnjSlRbg%2FfcQK1NnE%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767329416" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · api.tailrender.com
2025-12-30 14:41
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Tue, 30 Dec 2025 14:41:10 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=6mDT5apZSt8QNh0DLbrA1hnbyoQs0LWO7bWyCyKxB20%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767105670"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=6mDT5apZSt8QNh0DLbrA1hnbyoQs0LWO7bWyCyKxB20%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767105670" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-30 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · api.tailrender.com
2025-12-22 16:57
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Mon, 22 Dec 2025 16:57:10 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=PpuM3CiC9pNXF4wgAQAoG8Gv3pbE7Y%2FygayoqhH2DlE%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766422630"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=PpuM3CiC9pNXF4wgAQAoG8Gv3pbE7Y%2FygayoqhH2DlE%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766422630" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · api.tailrender.com
2025-12-22 10:50
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Mon, 22 Dec 2025 10:50:41 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wcP2I6PEonUsDhA4sIE4w3LuVb7iCetuhNvvrtcXd54%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766400641"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wcP2I6PEonUsDhA4sIE4w3LuVb7iCetuhNvvrtcXd54%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766400641" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · api.tailrender.com
2025-12-21 10:49
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Sun, 21 Dec 2025 10:49:19 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4F55OVZuHv1u3Mwizv0FRZTb3qHnVoRFNIcXm6QMeCo%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766314159"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4F55OVZuHv1u3Mwizv0FRZTb3qHnVoRFNIcXm6QMeCo%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766314159" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · api.tailrender.com
2025-12-20 15:03
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Sat, 20 Dec 2025 15:03:57 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=XDsBuooaahae%2BMp0vHu4DDNUmybWcYx0DL3vWkljr0s%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766243037"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=XDsBuooaahae%2BMp0vHu4DDNUmybWcYx0DL3vWkljr0s%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766243037" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-20 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · api.tailrender.com
2025-12-19 08:43
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Disposition Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 19 Dec 2025 08:44:00 GMT Expect-Ct: max-age=0 Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=I1%2FNwmc9ZdT67QRQG05utOXSPcmltRUw%2BxbknUMJjwM%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766133840"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=I1%2FNwmc9ZdT67QRQG05utOXSPcmltRUw%2BxbknUMJjwM%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766133840" Server: Heroku Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Accept-Encoding Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-19 by HttpPluginCreate report