LeakIX - Host api.talentoin.app

Domain api.talentoin.app

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 35.71.179.82
Domain: api.talentoin.app
Port: 80
URL: http://api.talentoin.app

First seen 2025-12-06 00:48
Last seen 2026-01-09 19:42
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43086c61006931b2f8e75c9308ab2b892cdc6920c3
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /me
GET /me/notifications
GET /me/organizations
POST /me/picture
POST /me/video
```
  Found on 2026-01-09 19:42
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.220.108
Domain: api.talentoin.app
Port: 443
URL: https://api.talentoin.app

First seen 2025-12-06 00:48
Last seen 2026-01-09 03:25
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43086c61006931b2f8e75c9308ab2b892cdc6920c3
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /me
GET /me/notifications
GET /me/organizations
POST /me/picture
POST /me/video
```
  Found on 2026-01-09 03:25
Create report

Open service 35.71.179.82:80 · api.talentoin.app

2026-01-09 19:42

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 19:43:07 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=yFtNXzc4T7xuU2jOkB%2BrcOuFu15106XNRihYIUqhzNk%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767987787"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=yFtNXzc4T7xuU2jOkB%2BrcOuFu15106XNRihYIUqhzNk%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767987787"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2026-01-09 by HttpPlugin

Create report

Open service 99.83.220.108:443 · api.talentoin.app

2026-01-09 03:25

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 03:25:48 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=md%2F7mFlJFUQzDn9qqgU8d0G8WsC4SBt7zfzTu0HCaoI%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767929148"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=md%2F7mFlJFUQzDn9qqgU8d0G8WsC4SBt7zfzTu0HCaoI%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767929148"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2026-01-09 by HttpPlugin

Create report

Open service 35.71.179.82:80 · api.talentoin.app

2026-01-02 18:20

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 18:20:46 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=AlRa0%2FnpWnSRYckXQns7TgwQRiMEF%2BI29R4FiAZ%2BEP0%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767378046"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=AlRa0%2FnpWnSRYckXQns7TgwQRiMEF%2BI29R4FiAZ%2BEP0%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767378046"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.220.108:443 · api.talentoin.app

2026-01-02 10:06

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 10:06:43 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=r934aS3Dz%2BVcgCOJVajFd4Dsiks75SjXo0GpmMVc%2FZ8%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767348403"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=r934aS3Dz%2BVcgCOJVajFd4Dsiks75SjXo0GpmMVc%2FZ8%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767348403"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.220.108:443 · api.talentoin.app

2025-12-22 08:10

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 08:10:31 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=jdkoCip78tKm9DEhwtTJ7%2B14Rh8D%2FuhUe4O6Oq%2F2hYI%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766391031"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=jdkoCip78tKm9DEhwtTJ7%2B14Rh8D%2FuhUe4O6Oq%2F2hYI%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766391031"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2025-12-22 by HttpPlugin

Create report

Open service 35.71.179.82:80 · api.talentoin.app

2025-12-22 08:10

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 08:10:32 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=bLun98s8jBHbJOIL%2Bcfncyk9ZSh1sjoO0yMPU49f9Vw%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766391032"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=bLun98s8jBHbJOIL%2Bcfncyk9ZSh1sjoO0yMPU49f9Vw%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766391032"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2025-12-22 by HttpPlugin

Create report

Open service 35.71.179.82:80 · api.talentoin.app

2025-12-20 09:02

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 09:02:38 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=8cGDOfbg0LOCvGt4rKs2JqJWmoII0Hr3%2Bt%2Ba4bj%2Fju4%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766221358"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=8cGDOfbg0LOCvGt4rKs2JqJWmoII0Hr3%2Bt%2Ba4bj%2Fju4%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766221358"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2025-12-20 by HttpPlugin

Create report

Open service 99.83.220.108:443 · api.talentoin.app

2025-12-20 09:02

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 11
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 09:02:33 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BbFIN%2BhHSCh%2BYXhTMSH9nAdD2feqHZWEzb4q1ICa7oU%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766221353"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BbFIN%2BhHSCh%2BYXhTMSH9nAdD2feqHZWEzb4q1ICa7oU%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766221353"
Server: Heroku
Vary: origin
Via: 1.1 heroku-router
Connection: close


{"up":true}

Found 2025-12-20 by HttpPlugin

Create report

api.talentoin.app

Fingerprint:

1d7c7efbca41e3510cfe19e18a06ec4e8c8a3973a8f041691690de4b9d70982e

CN:

api.talentoin.app

Key:

RSA-2048

Issuer:

R13

Not before:

2025-12-05 23:49

Not after:

2026-03-05 23:49

Domain summary

api.talentoin.app 9

1 recorded

IP summary

35.71.179.82 1 99.83.220.108 1

2 recorded

Domain api.talentoin.app

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

api.talentoin.app

Domain summary

IP summary