LeakIX - Host amt.sunculture.io

Domain amt.sunculture.io

United States

AMAZON-02

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 18.239.208.53
Domain: amt.sunculture.io
Port: 443
URL: https://amt.sunculture.io

First seen 2025-12-05 12:18
Last seen 2026-01-23 12:53
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-23 12:53
Create report

Open service 18.239.208.53:443 · amt.sunculture.io

2026-01-23 12:53

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1260
Connection: close
Date: Fri, 23 Jan 2026 12:53:34 GMT
Set-Cookie: connect.sid=s%3AmVwsfQJNHje9PXd5a1bi5qTgbV6c8aAz.xtF5s%2BdG2bo1ypncSaNOjvlb0SNZ8TeEutjVESrHu9M; Path=/; HttpOnly
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self' https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"4ec-w1kcQCc3P7Wa3BXT5n1Sw5V8NxQ"
Vary: Origin,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 ccaf1a504c744888ea0273ccf57116f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BRU50-P1
X-Amz-Cf-Id: 5M7DfX6orhdBPc5g1KKMbs4GEnDOvD32WG78psTWkYUF2DMsNUPkzQ==

Page title: We've Moved!


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>We've Moved!</title>
</head>
<body style="display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background-color: #f7f7f7;">
    <div style="text-align: center; background-color: #fff; border-radius: 8px; box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1); padding: 20px; max-width: 400px; font-family: Arial, sans-serif;">
        <h1 style="color: #0060FF; font-size: 24px; margin-bottom: 16px;">We've Moved!</h1>
        <p style="color: #555; font-size: 16px; margin-bottom: 24px;">We are excited to announce that our platform has moved from <strong>
        amt.sunculture.io
        </strong> to <strong>
        360.sunculture.io
        </strong>.</p>
        <p style="color: #555; font-size: 14px; margin-bottom: 32px;">Please update your bookmarks and join us at our new and improved location for a better experience.</p>
        <a href="https://360.sunculture.io" style="display: inline-block; padding: 12px 24px; background-color: #0060FF; color: #fff; text-decoration: none; border-radius: 4px; font-size: 16px;">Visit 360.sunculture.io</a>
    </div>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 18.239.105.92:443 · amt.sunculture.io

2026-01-10 05:19

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1260
Connection: close
Date: Sat, 10 Jan 2026 05:20:00 GMT
Set-Cookie: connect.sid=s%3Apo7Ja0ZEa7PET9SuDmK6Qzq0Tf15qg0F.rbHKV%2F%2BJa2X9Ay3jS0e39yLlv6rWujcliPz%2FskVPi%2FY; Path=/; HttpOnly
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self' https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"4ec-w1kcQCc3P7Wa3BXT5n1Sw5V8NxQ"
Vary: Origin,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 6553b2bbd8fca4153c739e94065a1184.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-P3
X-Amz-Cf-Id: ROq_I2dSV8-qfNTaahSnSrHpDkgxZW5ibGZhf3ZX57MB9EXp-G-TBg==

Page title: We've Moved!


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>We've Moved!</title>
</head>
<body style="display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background-color: #f7f7f7;">
    <div style="text-align: center; background-color: #fff; border-radius: 8px; box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1); padding: 20px; max-width: 400px; font-family: Arial, sans-serif;">
        <h1 style="color: #0060FF; font-size: 24px; margin-bottom: 16px;">We've Moved!</h1>
        <p style="color: #555; font-size: 16px; margin-bottom: 24px;">We are excited to announce that our platform has moved from <strong>
        amt.sunculture.io
        </strong> to <strong>
        360.sunculture.io
        </strong>.</p>
        <p style="color: #555; font-size: 14px; margin-bottom: 32px;">Please update your bookmarks and join us at our new and improved location for a better experience.</p>
        <a href="https://360.sunculture.io" style="display: inline-block; padding: 12px 24px; background-color: #0060FF; color: #fff; text-decoration: none; border-radius: 4px; font-size: 16px;">Visit 360.sunculture.io</a>
    </div>
</body>
</html>

Found 2026-01-10 by HttpPlugin

Create report

Open service 18.239.208.53:443 · amt.sunculture.io

2026-01-09 01:42

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1260
Connection: close
Date: Fri, 09 Jan 2026 01:42:42 GMT
Set-Cookie: connect.sid=s%3ADj-PrGk99Ylc95ADpfULWYS8jVHkWNuL.jsFw1vFBq1P0TAuGGPQdJZmEWNeA%2FbnZQbGtMd7qGjU; Path=/; HttpOnly
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self' https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"4ec-w1kcQCc3P7Wa3BXT5n1Sw5V8NxQ"
Vary: Origin,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 c3d6d200ef5f4cf0d47638dabac5a9c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BRU50-P1
X-Amz-Cf-Id: gQVAoTS1mlo6P9cSJvj0M7A-bXLie5R6yjkiGYMPMaXU92csb6X-Tw==

Page title: We've Moved!


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>We've Moved!</title>
</head>
<body style="display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background-color: #f7f7f7;">
    <div style="text-align: center; background-color: #fff; border-radius: 8px; box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1); padding: 20px; max-width: 400px; font-family: Arial, sans-serif;">
        <h1 style="color: #0060FF; font-size: 24px; margin-bottom: 16px;">We've Moved!</h1>
        <p style="color: #555; font-size: 16px; margin-bottom: 24px;">We are excited to announce that our platform has moved from <strong>
        amt.sunculture.io
        </strong> to <strong>
        360.sunculture.io
        </strong>.</p>
        <p style="color: #555; font-size: 14px; margin-bottom: 32px;">Please update your bookmarks and join us at our new and improved location for a better experience.</p>
        <a href="https://360.sunculture.io" style="display: inline-block; padding: 12px 24px; background-color: #0060FF; color: #fff; text-decoration: none; border-radius: 4px; font-size: 16px;">Visit 360.sunculture.io</a>
    </div>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 18.239.208.53:443 · amt.sunculture.io

2026-01-02 05:20

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1260
Connection: close
Date: Fri, 02 Jan 2026 05:20:30 GMT
Set-Cookie: connect.sid=s%3ADKT9ndXRMH74_Hd2OV0Uew5KVwo2cxLv.rkgScASUiz2X7RIxC2x8pIebzgZ9Ha%2FaXFROpbKS3AI; Path=/; HttpOnly
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self' https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"4ec-w1kcQCc3P7Wa3BXT5n1Sw5V8NxQ"
Vary: Origin,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 44d88ba206b56c0540bbbe3f1fa2b8ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BRU50-P1
X-Amz-Cf-Id: RGYUxhgB3dd1TbPix15ps0DH5batMlvWLOlUwPz6IMLiIBwIpiusQg==

Page title: We've Moved!


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>We've Moved!</title>
</head>
<body style="display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background-color: #f7f7f7;">
    <div style="text-align: center; background-color: #fff; border-radius: 8px; box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1); padding: 20px; max-width: 400px; font-family: Arial, sans-serif;">
        <h1 style="color: #0060FF; font-size: 24px; margin-bottom: 16px;">We've Moved!</h1>
        <p style="color: #555; font-size: 16px; margin-bottom: 24px;">We are excited to announce that our platform has moved from <strong>
        amt.sunculture.io
        </strong> to <strong>
        360.sunculture.io
        </strong>.</p>
        <p style="color: #555; font-size: 14px; margin-bottom: 32px;">Please update your bookmarks and join us at our new and improved location for a better experience.</p>
        <a href="https://360.sunculture.io" style="display: inline-block; padding: 12px 24px; background-color: #0060FF; color: #fff; text-decoration: none; border-radius: 4px; font-size: 16px;">Visit 360.sunculture.io</a>
    </div>
</body>
</html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 18.239.208.53:443 · amt.sunculture.io

2025-12-22 13:37

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1260
Connection: close
Date: Mon, 22 Dec 2025 13:37:25 GMT
Set-Cookie: connect.sid=s%3An09wYbH2GlQ8WDUX7tB1vq8F2Vlu6K3j.PfeqctPK1B8V2fgfmI6GSP6q4tOxAQPsfaT9R0gZ%2Fo4; Path=/; HttpOnly
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src 'self' https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;style-src 'self' 'unsafe-inline';img-src 'self' data: https:;script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com https://dev.amt.sunculture.io https://amt-test.sunculture.io https://360.sunculture.io https://test.360.sunculture.io https://amt-api.sunculture.io https://amt.sunculture.io;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"4ec-w1kcQCc3P7Wa3BXT5n1Sw5V8NxQ"
Vary: Origin,Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 20bac96d0c0df74d5e600294d22661e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BRU50-P1
X-Amz-Cf-Id: Nf-IktkH8bL-WcShJZfSxiAFiv5PxDxXMPTIyi8oD9KNHdZdKXxcNw==

Page title: We've Moved!


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>We've Moved!</title>
</head>
<body style="display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background-color: #f7f7f7;">
    <div style="text-align: center; background-color: #fff; border-radius: 8px; box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1); padding: 20px; max-width: 400px; font-family: Arial, sans-serif;">
        <h1 style="color: #0060FF; font-size: 24px; margin-bottom: 16px;">We've Moved!</h1>
        <p style="color: #555; font-size: 16px; margin-bottom: 24px;">We are excited to announce that our platform has moved from <strong>
        amt.sunculture.io
        </strong> to <strong>
        360.sunculture.io
        </strong>.</p>
        <p style="color: #555; font-size: 14px; margin-bottom: 32px;">Please update your bookmarks and join us at our new and improved location for a better experience.</p>
        <a href="https://360.sunculture.io" style="display: inline-block; padding: 12px 24px; background-color: #0060FF; color: #fff; text-decoration: none; border-radius: 4px; font-size: 16px;">Visit 360.sunculture.io</a>
    </div>
</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

*.sunculture.ioapi.sales.sunculture.ioapi.marketplace.sunculture.ionotification.sunculture.ioapi.my.sunculture.ioamt.sunculture.ioapi.field.sunculture.ioapi.mopesa.sunculture.iosunculture.ioproducts.sunculture.io

Fingerprint:

ef351bae9d2f5958250a414dfdeda9a2c3a0bd01638046b6d803916286c75efc

CN:

*.sunculture.io

Key:

RSA-2048

Issuer:

Amazon RSA 2048 M02

Not before:

2025-09-04 00:00

Not after:

2026-10-03 23:59

Domain summary

amt.sunculture.io 5

1 recorded

IP summary

18.239.208.53 1 18.239.105.92 1

2 recorded

Domain amt.sunculture.io

United States

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

*.sunculture.ioapi.sales.sunculture.ioapi.marketplace.sunculture.ionotification.sunculture.ioapi.my.sunculture.ioamt.sunculture.ioapi.field.sunculture.ioapi.mopesa.sunculture.iosunculture.ioproducts.sunculture.io

Domain summary

IP summary