LeakIX - Host api-utils-preprod.carshoe.com

Domain api-utils-preprod.carshoe.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.145
Domain: api-utils-preprod.carshoe.com
Port: 443
URL: https://api-utils-preprod.carshoe.com

First seen 2025-11-16 11:29
Last seen 2026-01-09 16:53
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f5e22fb450568cc07178d73e7178d73e7178d73e7178d73e
```
Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /liveness
POST /cybersource/responseUrl
```
  Found on 2026-01-09 16:53
Create report

Open service 23.50.131.145:443 · api-utils-preprod.carshoe.com

2026-01-09 16:53

HTTP/1.1 200 OK
Content-Type: text/html
Request-Context: appId=cid-v1:bb7b9f97-a0e0-4d08-b644-f2cf8886ab8a
Expires: Fri, 09 Jan 2026 16:53:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Jan 2026 16:53:30 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
x-api-request-correlation-id: 7b2fa947-1bea-4868-9a65-31e8392ef2e7
Strict-Transport-Security: max-age=15768000 ; includeSubDomains ; preload

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.50.131.145:443 · api-utils-preprod.carshoe.com

2026-01-02 17:58

HTTP/1.1 200 OK
Content-Type: text/html
Request-Context: appId=cid-v1:bb7b9f97-a0e0-4d08-b644-f2cf8886ab8a
Expires: Fri, 02 Jan 2026 17:58:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jan 2026 17:58:44 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
x-api-request-correlation-id: 1f4e341e-6d57-41e5-bd89-6b144c1ecd31
Strict-Transport-Security: max-age=15768000 ; includeSubDomains ; preload

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.50.131.145:443 · api-utils-preprod.carshoe.com

2025-12-23 07:39

HTTP/1.1 200 OK
Content-Type: text/html
Request-Context: appId=cid-v1:bb7b9f97-a0e0-4d08-b644-f2cf8886ab8a
Expires: Tue, 23 Dec 2025 07:39:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 23 Dec 2025 07:39:22 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
x-api-request-correlation-id: 5ba09551-4c97-41ad-8a63-c7bf9fe8e522
Strict-Transport-Security: max-age=15768000 ; includeSubDomains ; preload

Found 2025-12-23 by HttpPlugin

Create report

Open service 23.50.131.145:443 · api-utils-preprod.carshoe.com

2025-12-20 23:25

HTTP/1.1 200 OK
Content-Type: text/html
Request-Context: appId=cid-v1:bb7b9f97-a0e0-4d08-b644-f2cf8886ab8a
Expires: Sat, 20 Dec 2025 23:25:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 20 Dec 2025 23:25:28 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
x-api-request-correlation-id: 29e51e0f-6386-4cc7-97d1-b6491e413438
Strict-Transport-Security: max-age=15768000 ; includeSubDomains ; preload

Found 2025-12-20 by HttpPlugin

Create report

pradaemployee.prada.comapi-utils.church-footwear.comapi-utils.marchesi1824.comapi-utils.miumiu.cnapi-utils.miumiu.comapi-utils.prada.cnapi-utils.prada.comapi-utils.pradagroup.comapi.carshoe.comapi.church-footwear.comapi.marchesi1824.comapi.miumiu.cnapi.miumiu.comapi.prada.cnapi.prada.comapi.pradagroup.comaurablockchain-dev.prada.comaurablockchain-preprod.prada.comaurablockchain.prada.combeta2-pradaemployee.prada.combeta2-pradaoutlet.prada.combeta3-employeesonlinestore.prada.combeta3-pradaoutlet.prada.combeta3-preview.church-footwear.combeta3.church-footwear.comdev.carshoe.comdev.church-footwear.comdev.miumiu.comdev.pasticceriamarchesi.comdev.prada.comdev3.carshoe.comdev3.church-footwear.comdev4.carshoe.comdev4.church-footwear.comdev5.carshoe.comdev5.church-footwear.comdev5.miumiu.comdev5.prada.comdev65.carshoe.comdev65.church-footwear.comdev65.miumiu.comdev65.prada.comdevperf.carshoe.comdevperf.church-footwear.comdevperf.pasticceriamarchesi.comdevtest.carshoe.comdevtest.church-footwear.comdevtest.miumiu.comdevtest.prada.comemployeesonlinestore.prada.compradaoutlet.prada.compuntivendita-dev.prada.compuntivendita-tst.prada.compuntivendita.prada.comqas3.church-footwear.comvemtool-dev.prada.comvemtool-preprod.prada.comvemtool.prada.comwww3-pradaoutlet.prada.comwww3-preview.church-footwear.comwww3.church-footwear.comapi-dev.prada.cnapi-dev.prada.comapi-oms-noprod.prada.cnapi-oms-noprod.prada.comapi-oms.prada.cnapi-oms.prada.comapi-preprod.carshoe.comapi-preprod.church-footwear.comapi-preprod.marchesi1824.comapi-preprod.miumiu.cnapi-preprod.miumiu.comapi-preprod.prada.cnapi-preprod.prada.comapi-preprod.pradagroup.comapi-qfe.prada.cnapi-qfe.prada.comapi-utils-dev.prada.cnapi-utils-dev.prada.comapi-utils-preprod.carshoe.comapi-utils-preprod.church-footwear.comapi-utils-preprod.marchesi1824.comapi-utils-preprod.miumiu.cnapi-utils-preprod.miumiu.comapi-utils-preprod.prada.cnapi-utils-preprod.prada.comapi-utils-preprod.pradagroup.comapi-utils-qfe.prada.cnapi-utils-qfe.prada.comapi-utils.carshoe.com

Fingerprint:

a7a93c3fd6f31f4be5030771b6994eebbcf64470a3563563735829b9dbf5f268

CN:

pradaemployee.prada.com

Key:

ECDSA-256

Issuer:

DigiCert TLS Hybrid ECC SHA384 2020 CA1

Not before:

2025-03-02 00:00

Not after:

2026-03-04 23:59

Domain summary

api-utils-preprod.carshoe.com 4

1 recorded

IP summary

23.50.131.145 2

1 recorded

Domain api-utils-preprod.carshoe.com

Germany

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Domain summary

IP summary