Domain devticketsapi.bluent.it
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-08 00:19
Last seen 2026-01-09 07:24
Open for 32 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 07:24
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-08 00:19
Last seen 2026-01-09 14:31
Open for 32 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 14:31
-
-
Open service 75.2.97.79:443 · devticketsapi.bluent.it
2026-01-09 14:31
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 14:31:21 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=JM7VlrMsz5j44NU1XqU9CB3pzVf98UJPdZADJB%2F6CWE%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767969081"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=JM7VlrMsz5j44NU1XqU9CB3pzVf98UJPdZADJB%2F6CWE%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767969081" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 35.71.145.101:80 · devticketsapi.bluent.it
2026-01-09 07:24
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 07:25:31 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=S2v%2BIALlfjq8NJ22WO%2FD5uzRT9IG4dw5mlfItzxbgFE%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767943531"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=S2v%2BIALlfjq8NJ22WO%2FD5uzRT9IG4dw5mlfItzxbgFE%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767943531" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 75.2.97.79:443 · devticketsapi.bluent.it
2026-01-02 15:04
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 15:04:53 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=E5bb4kpDsCi9K8N%2BDJhNZrsZ6POOVRzMA3aKihGRmj0%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767366293"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=E5bb4kpDsCi9K8N%2BDJhNZrsZ6POOVRzMA3aKihGRmj0%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767366293" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 35.71.145.101:80 · devticketsapi.bluent.it
2026-01-02 14:26
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 14:26:11 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=AFEZ6cUxJ7j9uQIr8dmvuP1rzznu55frHE0IHcnES2M%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767363971"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=AFEZ6cUxJ7j9uQIr8dmvuP1rzznu55frHE0IHcnES2M%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767363971" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 75.2.97.79:443 · devticketsapi.bluent.it
2025-12-23 06:17
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 23 Dec 2025 06:17:36 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Z0jyR9qyhYfS61ZaBGxOOVQeT5KBuYeKokqcYve6uYg%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766470656"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Z0jyR9qyhYfS61ZaBGxOOVQeT5KBuYeKokqcYve6uYg%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766470656" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 35.71.145.101:80 · devticketsapi.bluent.it
2025-12-23 02:46
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 23 Dec 2025 02:46:13 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=M9IgfaWd5rhThMmOnp85%2B3kIKTmNKENe8ZQ6GCaMZUQ%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766457973"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=M9IgfaWd5rhThMmOnp85%2B3kIKTmNKENe8ZQ6GCaMZUQ%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766457973" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 75.2.97.79:443 · devticketsapi.bluent.it
2025-12-21 02:57
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sun, 21 Dec 2025 02:57:21 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=xHnh%2FnCqvugyGo7Eqvb3W6sLWVBAgRwDPdj1JYf2jnU%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766285841"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=xHnh%2FnCqvugyGo7Eqvb3W6sLWVBAgRwDPdj1JYf2jnU%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766285841" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 35.71.145.101:80 · devticketsapi.bluent.it
2025-12-20 13:09
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 20 Dec 2025 13:09:09 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=T%2BWE%2Ff6vB27uK8a3T80AVAyg3jWYRT2OojbLM62ygQI%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766236149"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=T%2BWE%2Ff6vB27uK8a3T80AVAyg3jWYRT2OojbLM62ygQI%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766236149" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-20 by HttpPluginCreate report
-
Open service 75.2.97.79:443 · devticketsapi.bluent.it
2025-12-19 05:34
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Content-Type, Authorization Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: undefined Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 19 Dec 2025 05:34:24 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=6APR%2FpOqrpzdbnZb5BZ7%2BsOLOx3xJO7GJiEZpwhKFEE%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766122464"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=6APR%2FpOqrpzdbnZb5BZ7%2BsOLOx3xJO7GJiEZpwhKFEE%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766122464" Server: Heroku Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: DENY X-Permitted-Cross-Domain-Policies: none X-Xss-Protection: 0 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>Found 2025-12-19 by HttpPluginCreate report