Domain talk-ai-dev.goingmerry.xyz
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 15.197.149.68
Domain: talk-ai-dev.goingmerry.xyz
Port: 80
URL: http://talk-ai-dev.goingmerry.xyzFirst seen 2025-10-17 01:01
Last seen 2026-01-09 12:47
Open for 84 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-09 12:47
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 15.197.149.68
Domain: talk-ai-dev.goingmerry.xyz
Port: 443
URL: https://talk-ai-dev.goingmerry.xyzFirst seen 2025-10-17 01:01
Last seen 2026-01-09 13:02
Open for 84 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-09 13:02
-
-
Open service 15.197.149.68:443 · talk-ai-dev.goingmerry.xyz
2026-01-09 13:02
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Fri, 09 Jan 2026 13:02:48 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=enFuDKqjWPBUYNc5YJ9EG7lZoV9mmEO2YPYVQhdkdSU%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767963768"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=enFuDKqjWPBUYNc5YJ9EG7lZoV9mmEO2YPYVQhdkdSU%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767963768" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2 days ago by HttpPluginCreate report
-
Open service 15.197.149.68:80 · talk-ai-dev.goingmerry.xyz
2026-01-09 12:47
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Fri, 09 Jan 2026 12:48:32 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=uRhpkXmVV1c1BChuUOkiMFBVqc%2FNoEqsEic6MW%2FAkKg%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767962912"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=uRhpkXmVV1c1BChuUOkiMFBVqc%2FNoEqsEic6MW%2FAkKg%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767962912" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2 days ago by HttpPluginCreate report
-
Open service 15.197.149.68:443 · talk-ai-dev.goingmerry.xyz
2026-01-02 15:04
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Fri, 02 Jan 2026 15:04:33 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=C0KsMxLC2eK07iKj%2B4dZJ21tvlPR2VkRCCbPJuxiv9A%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767366273"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=C0KsMxLC2eK07iKj%2B4dZJ21tvlPR2VkRCCbPJuxiv9A%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767366273" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · talk-ai-dev.goingmerry.xyz
2026-01-02 08:26
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Fri, 02 Jan 2026 08:26:37 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=TiSAcROawXDaYfDyLUubqiDYX1yE6WUkWaMqQDJIUrg%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767342397"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=TiSAcROawXDaYfDyLUubqiDYX1yE6WUkWaMqQDJIUrg%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767342397" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · talk-ai-dev.goingmerry.xyz
2025-12-30 14:55
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Tue, 30 Dec 2025 14:55:14 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Z5YR%2ByRrEtRpot1qp0nR6ImR8AiMKZD5%2FJqeoyx8vZo%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767106514"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Z5YR%2ByRrEtRpot1qp0nR6ImR8AiMKZD5%2FJqeoyx8vZo%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767106514" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2025-12-30 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · talk-ai-dev.goingmerry.xyz
2025-12-23 07:58
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Tue, 23 Dec 2025 07:58:54 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2Bk9zYutgLQWUUdhLslCAOARV7hKPuvTrEvTgtHprLBE%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766476734"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2Bk9zYutgLQWUUdhLslCAOARV7hKPuvTrEvTgtHprLBE%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766476734" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2025-12-23 by HttpPluginCreate report
-
Open service 15.197.149.68:443 · talk-ai-dev.goingmerry.xyz
2025-12-22 21:32
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Mon, 22 Dec 2025 21:32:52 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ZUIXTRioBa26c2bKU7kkzuPcdnT%2Fp8iOn4Rcuhnj59Q%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766439172"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ZUIXTRioBa26c2bKU7kkzuPcdnT%2Fp8iOn4Rcuhnj59Q%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766439172" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2025-12-22 by HttpPluginCreate report
-
Open service 15.197.149.68:443 · talk-ai-dev.goingmerry.xyz
2025-12-20 21:24
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Sat, 20 Dec 2025 21:24:24 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=z0p1HZlulQPv5%2BkQLt2zsXvkcEWQAWaJFkgKRtOGBGY%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766265864"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=z0p1HZlulQPv5%2BkQLt2zsXvkcEWQAWaJFkgKRtOGBGY%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766265864" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2025-12-20 by HttpPluginCreate report
-
Open service 15.197.149.68:80 · talk-ai-dev.goingmerry.xyz
2025-12-20 20:54
HTTP/1.1 404 Not Found Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token, X-Admin-Key Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Content-Length: 19 Content-Type: text/plain; charset=utf-8 Date: Sat, 20 Dec 2025 20:54:36 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=YqP5dock%2FckjSTczeF%2F6q4Lei99nu7ofG6OoyJBetwI%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766264076"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=YqP5dock%2FckjSTczeF%2F6q4Lei99nu7ofG6OoyJBetwI%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766264076" Server: Heroku Via: 1.1 heroku-router X-Content-Type-Options: nosniff Connection: close 404 page not foundFound 2025-12-20 by HttpPluginCreate report