Domain api.dev.wms2.cloudxsystems.net
Canada
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 128.203.96.163
Domain: api.dev.wms2.cloudxsystems.net
Port: 443
URL: https://api.dev.wms2.cloudxsystems.netFirst seen 2025-10-25 05:49
Last seen 2026-01-09 20:33
Open for 76 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e6f48b15c2aa1b812a718912dac54bb6855f3684Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/inventories GET /api/inventories/by-lot GET /api/inventories/manual-inventory-adjustments GET /api/inventories/not-shipped GET /api/inventories/with-lots GET /api/pick-tickets/add-status GET /api/pick-tickets/batch-import-status GET /api/pick-tickets/by-barcode GET /api/pick-tickets/by-order-number GET /api/pick-tickets/by-status-date GET /api/pick-tickets/by-status-date-paginated GET /api/pick-tickets/imported-with-errors GET /api/pick-tickets/object-items-in-boxes GET /api/pick-tickets/order-sources GET /api/pick-tickets/package-traceability-codes GET /api/pick-tickets/shipment-info GET /api/pick-tickets/statuses-by-date-import-status GET /api/pick-tickets/statuses-by-date-paginated GET /api/pick-tickets/statuses-by-pick-ticket-numbers GET /api/pick-tickets/statuses-by-ship-date-paginated GET /api/products/by-upc GET /api/receiving-tickets GET /api/receiving-tickets/add-status GET /api/receiving-tickets/by-po GET /api/receiving-tickets/by-status GET /api/receiving-tickets/imported-with-errors GET /api/receiving-tickets/sources GET /api/receiving-tickets/status/by-date GET /api/receiving-tickets/status/by-date-paginated GET /api/style-master-product GET /api/style-master-product/status POST /api/pick-tickets POST /api/pick-tickets/add-by-batch POST /api/receiving-tickets/{receivingTicketId}/serial-numbers PUT /api/pick-tickets/bill-to-address PUT /api/pick-tickets/cancel PUT /api/pick-tickets/cancel-import PUT /api/pick-tickets/ship-to-address PUT /api/receiving-tickets/cancel PUT /api/receiving-tickets/receiving-ticket-updateFound on 2026-01-09 20:33
-
-
Open service 128.203.96.163:443 · api.dev.wms2.cloudxsystems.net
2026-01-09 20:33
HTTP/1.1 404 Not Found Date: Fri, 09 Jan 2026 20:33:26 GMT Content-Length: 0 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains
Found 2026-01-09 by HttpPluginCreate report
-
Open service 128.203.96.163:443 · api.dev.wms2.cloudxsystems.net
2026-01-02 17:12
HTTP/1.1 404 Not Found Date: Fri, 02 Jan 2026 17:12:39 GMT Content-Length: 0 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains
Found 2026-01-02 by HttpPluginCreate report
-
Open service 128.203.96.163:443 · api.dev.wms2.cloudxsystems.net
2025-12-23 01:46
HTTP/1.1 404 Not Found Date: Tue, 23 Dec 2025 01:46:21 GMT Content-Length: 0 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains
Found 2025-12-23 by HttpPluginCreate report
-
Open service 128.203.96.163:443 · api.dev.wms2.cloudxsystems.net
2025-12-20 14:47
HTTP/1.1 404 Not Found Date: Sat, 20 Dec 2025 14:47:47 GMT Content-Length: 0 Connection: close Strict-Transport-Security: max-age=31536000; includeSubDomains
Found 2025-12-20 by HttpPluginCreate report