Domain backend.mapit.sa
United States
Software information
Heroku
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-14 00:35
Last seen 2026-01-13 04:15
Open for 60 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-13 04:15
-
-
Open service 3.33.241.96:443 · backend.mapit.sa
2026-01-09 11:37
HTTP/1.1 404 Not Found Access-Control-Allow-Origin: * Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 11:37:16 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=dmBLaEes1DMbLAm7O8Ve6xjEN0rLGf8aql68UBWAOLE%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767958636"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=dmBLaEes1DMbLAm7O8Ve6xjEN0rLGf8aql68UBWAOLE%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767958636" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · backend.mapit.sa
2026-01-02 16:38
HTTP/1.1 404 Not Found Access-Control-Allow-Origin: * Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 02 Jan 2026 16:38:47 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=bHfzXXsBhdj%2Bfry4FbKPzow2WbJSoWVfE6Q6y9YQksg%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767371927"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=bHfzXXsBhdj%2Bfry4FbKPzow2WbJSoWVfE6Q6y9YQksg%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767371927" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · backend.mapit.sa
2025-12-23 01:56
HTTP/1.1 404 Not Found Access-Control-Allow-Origin: * Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Tue, 23 Dec 2025 01:56:21 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=AuXke4vc52KN%2BPQM5MOMoMspqIN8vr8x88Nrf4aqKt8%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766454981"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=AuXke4vc52KN%2BPQM5MOMoMspqIN8vr8x88Nrf4aqKt8%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766454981" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · backend.mapit.sa
2025-12-21 08:48
HTTP/1.1 404 Not Found Access-Control-Allow-Origin: * Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Sun, 21 Dec 2025 08:48:43 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=CgnDApKv15D7Wwhrz5BZePkcBS2Of6TaNvlfvaju9YQ%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766306923"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=CgnDApKv15D7Wwhrz5BZePkcBS2Of6TaNvlfvaju9YQ%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766306923" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 3.33.241.96:443 · backend.mapit.sa
2025-12-19 05:07
HTTP/1.1 404 Not Found Access-Control-Allow-Origin: * Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 19 Dec 2025 05:07:43 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=fOpdrEQNhy2Mj3Oy%2B6hPhLRt2f6hMEZTbcmVSXR4lbw%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766120863"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=fOpdrEQNhy2Mj3Oy%2B6hPhLRt2f6hMEZTbcmVSXR4lbw%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766120863" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-19 by HttpPluginCreate report