Domain experiments.phywe.com
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-23 02:02
Last seen 2026-01-09 14:43
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 14:43
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-23 02:02
Last seen 2026-01-10 00:36
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-10 00:36
-
-
Open service 99.83.217.1:443 · experiments.phywe.com
2026-01-10 00:36
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Sat, 10 Jan 2026 00:36:15 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BCyK8muXPVA3YkvtO%2F1gZIxg00URzYqTY942iRuuGKc%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768005375"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BCyK8muXPVA3YkvtO%2F1gZIxg00URzYqTY942iRuuGKc%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1768005375" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2026-01-10 by HttpPluginCreate report
-
Open service 15.197.129.158:80 · experiments.phywe.com
2026-01-09 14:43
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Fri, 09 Jan 2026 14:44:49 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=V4cM%2FaabRNLkerxanQ51tPu0ojfoIVgrax8LooxvPiY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767969889"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=V4cM%2FaabRNLkerxanQ51tPu0ojfoIVgrax8LooxvPiY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767969889" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 99.83.217.1:443 · experiments.phywe.com
2026-01-02 20:05
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Fri, 02 Jan 2026 20:05:34 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=WT7URQVtJ2xsq7SXkMW3Y9jW41R%2FDp%2FZeAG4UdS4gDs%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767384334"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=WT7URQVtJ2xsq7SXkMW3Y9jW41R%2FDp%2FZeAG4UdS4gDs%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767384334" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.129.158:80 · experiments.phywe.com
2026-01-02 12:49
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Fri, 02 Jan 2026 12:49:12 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=HFOIERG6QtYP9RomPitWsBLS0QTGrRBib5kz7OEYjT8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767358152"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=HFOIERG6QtYP9RomPitWsBLS0QTGrRBib5kz7OEYjT8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767358152" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 99.83.217.1:443 · experiments.phywe.com
2025-12-22 23:21
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Mon, 22 Dec 2025 23:21:34 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ctrOmr0AWdrM0Nk7BuXOT3IKN9PVkEyzaybcTYo9aO4%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766445694"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ctrOmr0AWdrM0Nk7BuXOT3IKN9PVkEyzaybcTYo9aO4%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766445694" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2025-12-22 by HttpPluginCreate report
-
Open service 15.197.129.158:80 · experiments.phywe.com
2025-12-22 09:37
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Mon, 22 Dec 2025 09:37:40 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=FuIil6oeFh7ixgYa7NSTgugxjdHAi%2B%2BkU9fMh813FsM%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766396260"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=FuIil6oeFh7ixgYa7NSTgugxjdHAi%2B%2BkU9fMh813FsM%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766396260" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2025-12-22 by HttpPluginCreate report
-
Open service 99.83.217.1:443 · experiments.phywe.com
2025-12-21 01:12
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Sun, 21 Dec 2025 01:12:24 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2FKTjd9YjpbcKeHVQDXGZqtLAOq0Un1l1OjBTvbbhI8A%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766279544"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2FKTjd9YjpbcKeHVQDXGZqtLAOq0Un1l1OjBTvbbhI8A%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766279544" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 15.197.129.158:80 · experiments.phywe.com
2025-12-20 08:39
HTTP/1.1 401 Unauthorized Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, API-Key Access-Control-Allow-Origin: * Content-Length: 25 Content-Type: application/json; charset=utf-8 Date: Sat, 20 Dec 2025 08:39:36 GMT Etag: W/"19-K04AcffuY4Au67NM3QvqJ0wQeVA" Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=7ag4mBcIsQrRfW2qtG5npjnS5pnVa8fT9yo3DTRj9sY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766219976"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=7ag4mBcIsQrRfW2qtG5npjnS5pnVa8fT9yo3DTRj9sY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766219976" Server: Heroku Via: 1.1 heroku-router X-Powered-By: Express Connection: close {"status":"unauthorised"}Found 2025-12-20 by HttpPluginCreate report