Domain webhooks.quotetome.com
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-05 17:25
Last seen 2026-01-09 07:24
Open for 34 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43655729af6ab92a7d698995df565c4b6825c056a7Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /pos/ GET /pos/{id}/ GET /pos/{id}/receipts/ GET /receipts/ GET /rfqs/ GET /rfqs/{id}/ GET /rfqs/{id}/approvals/ GET /users/ GET /users/cost_codes/ GET /users/jobsites/ GET /users/jobsites/{id}/ GET /users/jobsites/{id}/cost_codes/ GET /vendors/ POST /users/cost_codes/bulk_cost_codes/ POST /users/cost_codes/bulk_delete_cost_codes/ POST /users/login/ POST /users/logout/ PUT /users/cost_codes/{id}/Found on 2026-01-09 07:24
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-05 17:25
Last seen 2026-01-09 06:13
Open for 34 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43655729af6ab92a7d698995df565c4b6825c056a7Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /pos/ GET /pos/{id}/ GET /pos/{id}/receipts/ GET /receipts/ GET /rfqs/ GET /rfqs/{id}/ GET /rfqs/{id}/approvals/ GET /users/ GET /users/cost_codes/ GET /users/jobsites/ GET /users/jobsites/{id}/ GET /users/jobsites/{id}/cost_codes/ GET /vendors/ POST /users/cost_codes/bulk_cost_codes/ POST /users/cost_codes/bulk_delete_cost_codes/ POST /users/login/ POST /users/logout/ PUT /users/cost_codes/{id}/Found on 2026-01-09 06:13
-
-
Open service 75.2.60.68:443 · webhooks.quotetome.com
2026-01-09 07:24
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Fri, 09 Jan 2026 07:24:09 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=xBzZnO4ugYfbe%2Fe91cWIxaid4nppC5uP8oGKL1YeuTE%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767943449"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=xBzZnO4ugYfbe%2Fe91cWIxaid4nppC5uP8oGKL1YeuTE%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767943449" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2026-01-09 by HttpPluginCreate report
-
Open service 35.71.179.82:80 · webhooks.quotetome.com
2026-01-09 06:13
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Fri, 09 Jan 2026 06:14:52 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rWHNiMhPyqSP6ywRBYj%2FIDN2AjkxvtKfoVBsQlwOdn4%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767939292"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rWHNiMhPyqSP6ywRBYj%2FIDN2AjkxvtKfoVBsQlwOdn4%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767939292" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2026-01-09 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · webhooks.quotetome.com
2026-01-02 14:26
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Fri, 02 Jan 2026 14:26:24 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=0dGEoe0fJGk28OZM%2Bop%2B6NugE%2FkervTm4SOX%2BQ5ERA8%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1767363984"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=0dGEoe0fJGk28OZM%2Bop%2B6NugE%2FkervTm4SOX%2BQ5ERA8%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1767363984" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2026-01-02 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · webhooks.quotetome.com
2025-12-23 02:45
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Tue, 23 Dec 2025 02:45:23 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=NvnWAhb0kvnxbtTplwyyc4a%2BH1fDKp3IPLCw4D6ONnM%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766457923"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=NvnWAhb0kvnxbtTplwyyc4a%2BH1fDKp3IPLCw4D6ONnM%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766457923" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2025-12-23 by HttpPluginCreate report
-
Open service 35.71.179.82:80 · webhooks.quotetome.com
2025-12-23 00:42
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Tue, 23 Dec 2025 00:42:57 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4WXKxjG0flWQg39vMdg6r25iPM%2FmuJHmxUMuVfL2jc8%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766450577"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4WXKxjG0flWQg39vMdg6r25iPM%2FmuJHmxUMuVfL2jc8%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766450577" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2025-12-23 by HttpPluginCreate report
-
Open service 35.71.179.82:80 · webhooks.quotetome.com
2025-12-21 09:34
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Sun, 21 Dec 2025 09:34:49 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=aWXzfwX4NPnrk5f1kCDRkTnv6c%2Fir0qf2OPeTi%2FnYvY%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766309689"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=aWXzfwX4NPnrk5f1kCDRkTnv6c%2Fir0qf2OPeTi%2FnYvY%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766309689" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2025-12-21 by HttpPluginCreate report
-
Open service 75.2.60.68:443 · webhooks.quotetome.com
2025-12-20 13:09
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Sat, 20 Dec 2025 13:09:57 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=HZ%2BEGLKdMUvje2bQpd9y8vFlSJDwJCHEi6NDDPiMU2c%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766236197"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=HZ%2BEGLKdMUvje2bQpd9y8vFlSJDwJCHEi6NDDPiMU2c%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766236197" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2025-12-20 by HttpPluginCreate report
-
Open service 35.71.179.82:80 · webhooks.quotetome.com
2025-12-19 01:04
HTTP/1.1 301 Moved Permanently Content-Length: 0 Content-Type: text/html; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Date: Fri, 19 Dec 2025 01:04:10 GMT Location: api/admin/ Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: same-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=hOOgYneVXBWpJQnrdDwKiPG2cJkgLgcxAiNYDHZeR1c%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1766106250"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=hOOgYneVXBWpJQnrdDwKiPG2cJkgLgcxAiNYDHZeR1c%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1766106250" Server: Heroku Vary: Cookie, origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: DENY Connection: closeFound 2025-12-19 by HttpPluginCreate report