LeakIX - Host api.orthosuite.net

Domain api.orthosuite.net

United States

GOOGLE

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 172.217.208.121
Domain: api.orthosuite.net
Port: 443
URL: https://api.orthosuite.net

First seen 2025-12-07 15:10
Last seen 2026-01-09 05:10
Open for 32 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 05:10
Create report

Open service 172.217.208.121:443 · api.orthosuite.net

2026-01-09 05:10

HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-uid, x-auth-token
access-control-expose-headers: x-auth-token
etag: W/"73-Zecyi9niSAyNhp34rnrgptaoTD0"
x-cloud-trace-context: d1d8f5b4e2345e064b74ede2cd3ca543
date: Fri, 09 Jan 2026 05:10:49 GMT
server: Google Frontend
Content-Length: 115
Connection: close


{"success":true,"status_code":{"key":"SUCCESS","value":200,"name":"ok"},"data":"API Version is 1.0 and env is dev"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 172.217.208.121:443 · api.orthosuite.net

2026-01-02 12:02

HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-uid, x-auth-token
access-control-expose-headers: x-auth-token
etag: W/"73-Zecyi9niSAyNhp34rnrgptaoTD0"
x-cloud-trace-context: bce6863b63793a2f274179033b6b0407
date: Fri, 02 Jan 2026 12:02:13 GMT
server: Google Frontend
Content-Length: 115
Connection: close


{"success":true,"status_code":{"key":"SUCCESS","value":200,"name":"ok"},"data":"API Version is 1.0 and env is dev"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 172.217.208.121:443 · api.orthosuite.net

2025-12-30 13:37

HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-uid, x-auth-token
access-control-expose-headers: x-auth-token
etag: W/"73-Zecyi9niSAyNhp34rnrgptaoTD0"
x-cloud-trace-context: 2ddefaf9b2d36b546531b9db93967dc5
date: Tue, 30 Dec 2025 13:37:07 GMT
server: Google Frontend
Content-Length: 115
Connection: close


{"success":true,"status_code":{"key":"SUCCESS","value":200,"name":"ok"},"data":"API Version is 1.0 and env is dev"}

Found 2025-12-30 by HttpPlugin

Create report

Open service 172.217.208.121:443 · api.orthosuite.net

2025-12-22 13:04

HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-uid, x-auth-token
access-control-expose-headers: x-auth-token
etag: W/"73-Zecyi9niSAyNhp34rnrgptaoTD0"
x-cloud-trace-context: f738a33afa0310c08b870644f56690ca
date: Mon, 22 Dec 2025 13:05:01 GMT
server: Google Frontend
Content-Length: 115
Connection: close


{"success":true,"status_code":{"key":"SUCCESS","value":200,"name":"ok"},"data":"API Version is 1.0 and env is dev"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 172.217.208.121:443 · api.orthosuite.net

2025-12-20 09:21

HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, x-uid, x-auth-token
access-control-expose-headers: x-auth-token
etag: W/"73-Zecyi9niSAyNhp34rnrgptaoTD0"
x-cloud-trace-context: ff00c55728ad97f8ff02c40650e09701
date: Sat, 20 Dec 2025 09:21:54 GMT
server: Google Frontend
Content-Length: 115
Connection: close


{"success":true,"status_code":{"key":"SUCCESS","value":200,"name":"ok"},"data":"API Version is 1.0 and env is dev"}

Found 2025-12-20 by HttpPlugin

Create report

api.orthosuite.net

Fingerprint:

7971c3f4c7580adfaa2c87bb2026762943becae9d2bb987d711bebc7c865d3a5

CN:

api.orthosuite.net

Key:

RSA-2048

Issuer:

WR3

Not before:

2025-12-07 14:08

Not after:

2026-03-07 14:59

Domain summary

api.orthosuite.net 5

1 recorded

IP summary

172.217.208.121 2

1 recorded

Domain api.orthosuite.net

United States

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

api.orthosuite.net

Domain summary

IP summary