Domain dev.o2e.sa
United States
AMAZON-02
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-11 01:05
Last seen 2026-01-09 12:35
Open for 29 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecb3069b91a7defb6a429d57bd48c622f3e00cb877Public Swagger UI/API detected at path: /v2/api-docs - sample paths: DELETE /api/account/{email} DELETE /api/admin/users/{id} DELETE /api/bookmarks/offer/{id} DELETE /api/family-user/{email} GET /api/account GET /api/admin/admin-users GET /api/admin/advertising GET /api/admin/advertising/{id} GET /api/admin/catering-requests GET /api/admin/catering-requests/{id} GET /api/admin/company/{companyId}/users GET /api/admin/company/{companyId}/users/filter GET /api/admin/dashboard GET /api/admin/dashboard/redeemers GET /api/admin/gifts GET /api/admin/report GET /api/admin/report/businesses GET /api/admin/report/consumed-offer-per-business GET /api/admin/report/most-visited-business GET /api/admin/report/offers GET /api/admin/report/pdf GET /api/admin/report/redeemers GET /api/admin/report/top-users GET /api/admin/report/users GET /api/admin/report/xlsx GET /api/admin/users GET /api/admin/users/list GET /api/admin/users/{login} GET /api/authenticate GET /api/authorities GET /api/bookmarks GET /api/bookmarks/{id} GET /api/business-categories GET /api/business-categories-page GET /api/business-categories/{id} GET /api/businesses GET /api/businesses/summary GET /api/businesses/{id} GET /api/businesses/{id}/visited GET /api/companies GET /api/companies/list GET /api/companies/{id} GET /api/company-admins GET /api/company-admins/{id} GET /api/company-types GET /api/company-types/{id} GET /api/config/whatsapp GET /api/contact-us GET /api/contact-us/{id} GET /api/contacts GET /api/contacts/{id} GET /api/enabled/businesses GET /api/generate-qr GET /api/gifts GET /api/gifts/count GET /api/gifts/{id} GET /api/join-us GET /api/join-us/{id} GET /api/locations GET /api/locations/{id} GET /api/mobile/advertising GET /api/notifications GET /api/notifications/{id} GET /api/offer-logs/company/{companyId} GET /api/offers GET /api/offers/available-priority GET /api/offers/exclusive GET /api/offers/with-priority GET /api/offers/{id} GET /api/scan-qr GET /api/storges/{uuid} GET /api/users GET /api/v2/offers GET /v3/api-docs GET /v3/api-docs.yaml GET /v3/api-docs.yaml/{group} GET /v3/api-docs/{group} PATCH /api/admin/user/{id} POST /api/account/change-password POST /api/account/family/reset-password/finish POST /api/account/resend-otp POST /api/account/reset-password/check POST /api/account/reset-password/finish POST /api/account/reset-password/init POST /api/activate POST /api/businesses/bulk POST /api/family-user POST /api/migrate/files POST /api/offer POST /api/offer-logs POST /api/offers/{id}/priority POST /api/register POST /api/supportFound on 2026-01-09 12:35
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-11 01:05
Last seen 2026-01-09 02:55
Open for 29 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecb3069b91a7defb6a429d57bd48c622f3e00cb877Public Swagger UI/API detected at path: /v2/api-docs - sample paths: DELETE /api/account/{email} DELETE /api/admin/users/{id} DELETE /api/bookmarks/offer/{id} DELETE /api/family-user/{email} GET /api/account GET /api/admin/admin-users GET /api/admin/advertising GET /api/admin/advertising/{id} GET /api/admin/catering-requests GET /api/admin/catering-requests/{id} GET /api/admin/company/{companyId}/users GET /api/admin/company/{companyId}/users/filter GET /api/admin/dashboard GET /api/admin/dashboard/redeemers GET /api/admin/gifts GET /api/admin/report GET /api/admin/report/businesses GET /api/admin/report/consumed-offer-per-business GET /api/admin/report/most-visited-business GET /api/admin/report/offers GET /api/admin/report/pdf GET /api/admin/report/redeemers GET /api/admin/report/top-users GET /api/admin/report/users GET /api/admin/report/xlsx GET /api/admin/users GET /api/admin/users/list GET /api/admin/users/{login} GET /api/authenticate GET /api/authorities GET /api/bookmarks GET /api/bookmarks/{id} GET /api/business-categories GET /api/business-categories-page GET /api/business-categories/{id} GET /api/businesses GET /api/businesses/summary GET /api/businesses/{id} GET /api/businesses/{id}/visited GET /api/companies GET /api/companies/list GET /api/companies/{id} GET /api/company-admins GET /api/company-admins/{id} GET /api/company-types GET /api/company-types/{id} GET /api/config/whatsapp GET /api/contact-us GET /api/contact-us/{id} GET /api/contacts GET /api/contacts/{id} GET /api/enabled/businesses GET /api/generate-qr GET /api/gifts GET /api/gifts/count GET /api/gifts/{id} GET /api/join-us GET /api/join-us/{id} GET /api/locations GET /api/locations/{id} GET /api/mobile/advertising GET /api/notifications GET /api/notifications/{id} GET /api/offer-logs/company/{companyId} GET /api/offers GET /api/offers/available-priority GET /api/offers/exclusive GET /api/offers/with-priority GET /api/offers/{id} GET /api/scan-qr GET /api/storges/{uuid} GET /api/users GET /api/v2/offers GET /v3/api-docs GET /v3/api-docs.yaml GET /v3/api-docs.yaml/{group} GET /v3/api-docs/{group} PATCH /api/admin/user/{id} POST /api/account/change-password POST /api/account/family/reset-password/finish POST /api/account/resend-otp POST /api/account/reset-password/check POST /api/account/reset-password/finish POST /api/account/reset-password/init POST /api/activate POST /api/businesses/bulk POST /api/family-user POST /api/migrate/files POST /api/offer POST /api/offer-logs POST /api/offers/{id}/priority POST /api/register POST /api/supportFound on 2026-01-09 02:55
-
-
Open service 76.223.11.49:80 · dev.o2e.sa
2026-01-09 12:35
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Fri, 09 Jan 2026 12:36:03 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2FSuCSLQuAAjfhd7ITlLmC%2BlWuOrdB7S2kuTGq5ikDVo%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767962163"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2FSuCSLQuAAjfhd7ITlLmC%2BlWuOrdB7S2kuTGq5ikDVo%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767962163" Server: Heroku Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 75.2.43.161:443 · dev.o2e.sa
2026-01-09 02:55
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Fri, 09 Jan 2026 02:55:38 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=9P%2FPd9ZPF4%2BW8aU2fTBuIpLBADWxBpnMgzKEcY6A%2FYA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767927338"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=9P%2FPd9ZPF4%2BW8aU2fTBuIpLBADWxBpnMgzKEcY6A%2FYA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767927338" Server: Heroku Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 76.223.11.49:80 · dev.o2e.sa
2026-01-02 09:07
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Fri, 02 Jan 2026 09:07:34 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=8qzWTWO9YHLXFE7i2JE18DoOQRz5lZ0nWgT1RE3GBYo%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767344854"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=8qzWTWO9YHLXFE7i2JE18DoOQRz5lZ0nWgT1RE3GBYo%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767344854" Server: Heroku Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 75.2.43.161:443 · dev.o2e.sa
2026-01-02 00:07
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Fri, 02 Jan 2026 00:07:17 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2BTpKOSMvMi8ierojttu8tpd32zYU45gMe1W8ZgeYHw8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767312437"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2BTpKOSMvMi8ierojttu8tpd32zYU45gMe1W8ZgeYHw8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767312437" Server: Heroku Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 75.2.43.161:443 · dev.o2e.sa
2025-12-30 09:52
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Tue, 30 Dec 2025 09:52:47 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=mJZ3gGqCb%2BBlKGfixBr%2BeUBOn4KtG2AbAuRVFhjKnKA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767088367"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=mJZ3gGqCb%2BBlKGfixBr%2BeUBOn4KtG2AbAuRVFhjKnKA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767088367" Server: Heroku Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2025-12-30 by HttpPluginCreate report
-
Open service 76.223.11.49:80 · dev.o2e.sa
2025-12-22 18:03
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Mon, 22 Dec 2025 18:03:19 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wiu6ojPQknKwBqZ2OY%2Fw3JkA9UPca4rmQzoh2BRAwrU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766426599"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wiu6ojPQknKwBqZ2OY%2Fw3JkA9UPca4rmQzoh2BRAwrU%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766426599" Server: Heroku Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 76.223.11.49:80 · dev.o2e.sa
2025-12-20 20:35
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Sat, 20 Dec 2025 20:35:32 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WX%2BAzHjsfwqsR76p06u8ibPUlZNO%2FIG0JzJXxmacf30%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766262932"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WX%2BAzHjsfwqsR76p06u8ibPUlZNO%2FIG0JzJXxmacf30%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766262932" Server: Heroku Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2025-12-20 by HttpPluginCreate report
-
Open service 75.2.43.161:443 · dev.o2e.sa
2025-12-20 08:36
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 2601 Content-Security-Policy: default-src * 'self'; frame-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://maps.googleapis.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data: Content-Type: text/html Date: Sat, 20 Dec 2025 08:36:31 GMT Expires: 0 Last-Modified: Wed, 18 Jun 2025 17:27:40 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Permissions-Policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=() Pragma: no-cache Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=OLcCnD6Ldfwb%2B9RslBe2Xa%2BL%2B6O5F0ecioMuEe%2B7sQY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766219791"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=OLcCnD6Ldfwb%2B9RslBe2Xa%2BL%2B6O5F0ecioMuEe%2B7sQY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766219791" Server: Heroku Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Connection: close Page title: O2E <!DOCTYPE html> <html class="no-js" lang="ar-ly" dir="ltr"> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>O2E</title> <meta name="description" content="Loyalty Program" /> <meta name="google" content="notranslate" /> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /> <meta name="theme-color" content="#000000" /> <link rel="icon" type="image/svg+xml" href="favicon.svg" /> <link rel="manifest" href="manifest.webapp" /> <link rel="stylesheet" href="content/css/loading.css" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css" /> <!-- jhipster-needle-add-resources-to-root - JHipster will add new resources here --> <base href="/"></head> <body> <!--[if lt IE 9]> <p class="browserupgrade"> You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience. </p> <![endif]--> <div id="root"> <div class="app-loading"> <p></p> </div> </div> <noscript> <h1>You must enable JavaScript to view this page.</h1> </noscript> <script type="text/javascript"> // show an error message if the app loading takes more than 4 sec window.onload = function () { setTimeout(showError, 4000); }; function showError() { var errorElm = document.getElementById('jhipster-error'); if (errorElm && errorElm.style) { errorElm.style.display = 'block'; } } </script> <!-- uncomment this for adding service worker <script> if ('serviceWorker' in navigator) { window.addEventListener('load', function() { navigator.serviceWorker.register('/service-worker.js') .then(function () { console.log('Service Worker Registered'); }); }); } </script> --> <!-- Google Analytics: uncomment and change UA-XXXXX-X to be your site's ID. <script> (function(b,o,i,l,e,r){b.GoogleAnalyticsObject=l;b[l]||(b[l]= function(){(b[l].q=b[l].q||[]).push(arguments)});b[l].l=+new Date; e=o.createElement(i);r=o.getElementsByTagName(i)[0]; e.src='//www.google-analytics.com/analytics.js'; r.parentNode.insertBefore(e,r)}(window,document,'script','ga')); ga('create','UA-XXXXX-X');ga('send','pageview'); </script>--> <script defer src="main.854dd3b6.js"></script></body> </html>Found 2025-12-20 by HttpPluginCreate report
dev.o2e.sa
CN:
dev.o2e.sa
Not before:
2025-12-11 00:06
Not after:
2026-03-11 00:06