LeakIX - Host api.altlas-app.com

Domain api.altlas-app.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.223.53.203
Domain: api.altlas-app.com
Port: 443
URL: https://api.altlas-app.com

First seen 2025-11-16 00:34
Last seen 2026-01-09 15:58
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 15:58
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.185.157
Domain: api.altlas-app.com
Port: 80
URL: http://api.altlas-app.com

First seen 2025-11-16 00:34
Last seen 2026-01-09 01:35
Open for 54 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 01:35
Create report

Open service 52.223.53.203:443 · api.altlas-app.com

2026-01-09 15:58

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 15:58:11 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=IsMxIYJ4PNpegf4QUcYwkFUrC3yHJ2CNPzf1BuUeKsg%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767974291"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=IsMxIYJ4PNpegf4QUcYwkFUrC3yHJ2CNPzf1BuUeKsg%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767974291"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2026-01-09 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.altlas-app.com

2026-01-09 01:35

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 01:36:11 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=CSwqW%2BXpbBNVpPD5X63xCqkta4NPBwH742ojSZN4ths%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767922571"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=CSwqW%2BXpbBNVpPD5X63xCqkta4NPBwH742ojSZN4ths%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767922571"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2026-01-09 by HttpPlugin

Create report

Open service 52.223.53.203:443 · api.altlas-app.com

2026-01-02 09:26

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 09:26:44 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=%2FyXAKTbjg6Hxhewy5%2BebWr5dYoqTzDlEfS9b8L3xUoM%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767346004"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=%2FyXAKTbjg6Hxhewy5%2BebWr5dYoqTzDlEfS9b8L3xUoM%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767346004"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.altlas-app.com

2026-01-02 05:05

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 05:05:05 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BkKETLlT73YumhSsZajdi6lfNwrySh6JkZ7iHytIbo4%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767330305"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BkKETLlT73YumhSsZajdi6lfNwrySh6JkZ7iHytIbo4%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767330305"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2026-01-02 by HttpPlugin

Create report

Open service 52.223.53.203:443 · api.altlas-app.com

2025-12-23 00:03

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Dec 2025 00:03:13 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=nMun2A4Ny%2FRDrrvzbgZTA5IvpjBC6%2B3IQysTZ45Ch%2Fo%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766448193"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=nMun2A4Ny%2FRDrrvzbgZTA5IvpjBC6%2B3IQysTZ45Ch%2Fo%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766448193"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2025-12-23 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.altlas-app.com

2025-12-22 13:53

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Dec 2025 13:53:25 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=c6KXCslyVe6Tyaip678RlZtBFqLg9OT3cMOk5%2F9KaxY%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766411605"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=c6KXCslyVe6Tyaip678RlZtBFqLg9OT3cMOk5%2F9KaxY%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766411605"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2025-12-22 by HttpPlugin

Create report

Open service 99.83.185.157:80 · api.altlas-app.com

2025-12-20 13:04

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Dec 2025 13:04:50 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=VxPdAVEJr1X3it7BzkYI4zn6V3emyH37y7Tk7aKwzh0%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766235890"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=VxPdAVEJr1X3it7BzkYI4zn6V3emyH37y7Tk7aKwzh0%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766235890"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2025-12-20 by HttpPlugin

Create report

Open service 52.223.53.203:443 · api.altlas-app.com

2025-12-20 05:26

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Dec 2025 05:26:56 GMT
Etag: W/"c-Lve95gjOVATpfV8EL5X4nxwjKHE"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=sQs9srcoFr1VQOYf6fOBqkAvtJLdQxvi5bYqE6kHEgU%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766208416"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=sQs9srcoFr1VQOYf6fOBqkAvtJLdQxvi5bYqE6kHEgU%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766208416"
Server: Heroku
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Hello World!

Found 2025-12-20 by HttpPlugin

Create report

api.altlas-app.com

Fingerprint:

39aed48c1f67c0ba42af4d658636bd0f3657daf77f321749c629eac727b90cf6

CN:

api.altlas-app.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-15 23:35

Not after:

2026-02-13 23:35

Domain summary

api.altlas-app.com 9

1 recorded

IP summary

52.223.53.203 1 99.83.185.157 1

2 recorded

Domain api.altlas-app.com

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

api.altlas-app.com

Domain summary

IP summary