LeakIX - Host api-us11.flostack.io

Domain api-us11.flostack.io

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.157
Domain: api-us11.flostack.io
Port: 443
URL: https://api-us11.flostack.io

First seen 2025-11-16 09:05
Last seen 2026-01-23 09:50
Open for 68 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-23 09:50
Create report

Open service 23.50.131.157:443 · api-us11.flostack.io

2026-01-23 09:50

HTTP/1.1 404 Not Found
Content-Type: application/json
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,PATCH,OPTIONS,DELETE
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-Forwarded-For,Content-Type,x-lsq-accesskey,x-lsq-secretkey,x-lsq-connectorid,x-lsq-orgshortcode,x-lsq-providerid,x-referer,x-request-id,x-custom-source,x-custom-origin,X-LSQ-ClientIP
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Content-Length: 89
Cache-Control: max-age=0
Date: Fri, 23 Jan 2026 09:50:22 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=82
Server-Timing: origin; dur=40
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1769161822276_389224221_647209236_12241_4694_6_14_-";dur=1


{"timestamp":"2026-01-23T09:50:22.373+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-23 by HttpPlugin

Create report

Open service 23.50.131.157:443 · api-us11.flostack.io

2026-01-08 19:38

HTTP/1.1 404 Not Found
Content-Type: application/json
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,PATCH,OPTIONS,DELETE
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-Forwarded-For,Content-Type,x-lsq-accesskey,x-lsq-secretkey,x-lsq-connectorid,x-lsq-orgshortcode,x-lsq-providerid,x-referer,x-request-id,x-custom-source,x-custom-origin,X-LSQ-ClientIP
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Content-Length: 89
Cache-Control: max-age=0
Date: Thu, 08 Jan 2026 19:38:19 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=386
Server-Timing: origin; dur=10
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767901099300_389224208_799984381_39522_50923_11_234_-";dur=1


{"timestamp":"2026-01-08T19:38:19.905+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-08 by HttpPlugin

Create report

Open service 23.50.131.157:443 · api-us11.flostack.io

2025-12-22 13:09

HTTP/1.1 404 Not Found
Content-Type: application/json
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,PATCH,OPTIONS,DELETE
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-Forwarded-For,Content-Type,x-lsq-accesskey,x-lsq-secretkey,x-lsq-connectorid,x-lsq-orgshortcode,x-lsq-providerid,x-referer,x-request-id,x-custom-source,x-custom-origin,X-LSQ-ClientIP
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Content-Length: 89
Cache-Control: max-age=0
Date: Mon, 22 Dec 2025 13:09:07 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=374
Server-Timing: origin; dur=17
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1766408947024_389224208_1846750424_39015_4598_87_301_-";dur=1


{"timestamp":"2025-12-22T13:09:07.676+00:00","status":404,"error":"Not Found","path":"/"}

Found 2025-12-22 by HttpPlugin

Create report

api.service-in.leadsquared.coma.lsq.mxa.openl.inkapi-external.scrm-me61.leadsquared.comapi-external.scrm-us11.leadsquared.comapi-external.service-cloud.lsq-staging.comapi-external.service-crm-sgp.lsq-staging.comapi-external.service-in.leadsquared.comapi-external.service-us.leadsquared.comapi-portal.scrm-me61.leadsquared.comapi-portal.scrm-us11.leadsquared.comapi-portal.service-cloud.lsq-staging.comapi-portal.service-crm-sgp.lsq-staging.comapi-portal.service-in.leadsquared.comapi-us11.dev.flostack.ioapi-us11.flostack.ioapi-us11.stage.flostack.ioapi.c360-in.leadsquared.comapi.c360-me61.leadsquared.comapi.c360-sgp.lsq-staging.comapi.c360-us11.leadsquared.comapi.customer360.lsq-staging.comapi.scrm-me61.leadsquared.comapi.scrm-us11.leadsquared.comapi.service-cloud.lsq-staging.comapi.service-crm-sgp.lsq-staging.comapi.service-us.leadsquared.comapigateway.converse.leadsquared.comapigateway.converse.lsq-staging.comapigw.scrm-me61.leadsquared.comapigw.scrm-us11.leadsquared.comapigw.service-cloud.lsq-staging.comapigw.service-crm-sgp.lsq-staging.comapigw.service-in.leadsquared.comapigw.service-us.leadsquared.comapv-api-stage-in21.lending.lsq-staging.comapv-api-stage.lending.leadsquared.comb.openl.inkc.openl.inkcustomapps-api-in21.mxradon.lsq-staging.comd.openl.inke-ca12.gtolink.ine-in21.gtolink.ine-in22.gtolink.ine-ir31.gtolink.ine-me61.gtolink.ine-us11.gtolink.ine.gtolink.inemailsync-us11.stage.lsqmarketplaceqa.comintegrationcloud-ca12.leadsquaredapps.comintegrationcloud-in21.leadsquaredapps.comintegrationcloud-in22.leadsquaredapps.comintegrationcloud-us11.leadsquaredapps.comintegrationcloud-us11.stage.lsqmarketplaceqa.comire-apigateway.converse.leadsquared.comlandingpagespro-api-in21.mxradon.lsq-staging.comlogin-ace-api.stage.lsqgoals.comlogin-api-in21.ace.lsqgoals.comlos-api-stage-in21.lending.lsq-staging.comlos-api-stage.lending.leadsquared.comLs2.inLsq.mxlsqcustomcache-in21.leadsquaredapps.comlsqcustomcache-ir31.leadsquaredapps.comlsqcustomcache-us11.leadsquaredapps.comlsqcustomcache.leadsquaredapps.comme61-apigateway.converse.leadsquared.compoonawalla-integrationcloud.leadsquaredapps.compoonawalla-uat-integrationcloud.leadsquaredapps.comportal-widgets-api-in21.mxradon.lsq-staging.comportalmgmt-api-in21.mxradon.lsq-staging.comprocessbuilderapi.scrm-me61.leadsquared.comprocessbuilderapi.scrm-us11.leadsquared.comprocessbuilderapi.service-cloud.lsq-staging.comprocessbuilderapi.service-crm-in.lsq-staging.comprocessbuilderapi.service-crm-sgp.lsq-staging.comprocessbuilderapi.service-in.leadsquared.compublisherapi.customui.leadsquared.compublisherportal.customui.leadsquared.comsgp-apigateway.converse.leadsquared.comstage-marvin-api-akamai.lsq-staging.comstage-publisherapi.customui-test.leadsquared.comstage.appfsp-fieldsales.lsq-staging.comTrack-us11.lsqd.ioulc-api.leadsquaredapps.comulc-in21.stage.lsqmarketplaceqa.comus-apigateway.converse.leadsquared.comwa-api.stage.lsqmarketplaceqa.comwa-in21.leadsquaredapps.comwhatsapp-api.leadsquaredapps.com

Fingerprint:

d6e649960a4fb5e54c8480fa6314643cdfec5e0dc301a7a4febc3df16c689494

CN:

api.service-in.leadsquared.com

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2025-11-25 00:00

Not after:

2026-08-07 23:59

Domain summary

api-us11.flostack.io 3

1 recorded

IP summary

23.50.131.157 2

1 recorded

Domain api-us11.flostack.io

Germany

Swagger API description is publicly available

Create report

Create report

Create report

Domain summary

IP summary