LeakIX - Host aslot.io

Domain aslot.io

CLOUDFLARENET

Software information

cloudflare

tcp/443 tcp/80 tcp/8443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 172.67.172.77
Domain: async.aslot.io
Port: 443
URL: https://async.aslot.io

First seen 2025-11-28 20:03
Last seen 2026-01-23 13:41
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43714a58ce12db6a8b9a84c2fcc0f68ffd17875504
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /
GET /emails/verify/link/{id}/{token}
GET /emails/verify/send
GET /health
GET /ready
POST /emails/send/creds
POST /emails/verify/emailcode
POST /emails/verify/emailcode/forgot
POST /emails/verify/promo
POST /emails/verify/send/forgot
POST /ips/load/details
POST /win-bets
POST /win-bets/process
```
  Found on 2026-01-23 13:41
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff433fac9c02a8f3703711d1b5f49556da2c02f89e30
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /emails/verify/link/{id}/{token}
GET /emails/verify/send
GET /health
GET /ready
GET /swagger.json
POST /emails/send/creds
POST /emails/verify/emailcode
POST /emails/verify/emailcode/forgot
POST /emails/verify/promo
POST /emails/verify/send/forgot
POST /ips/load/details
```
  Found on 2025-12-01 13:35
Create report

Open service 2606:4700:3037::6815:5823:80 · aslot.io

2026-01-24 16:56

HTTP/1.1 308 Permanent Redirect
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Location: https://aslot.io
cf-cache-status: DYNAMIC
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=15,cfOrigin;dur=194
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=b10jx8%2FJ%2By%2B3Gysn12qm2aFngkUuWKyCdZ%2FwLvJFRu8Iw7tdHxL49M6ieWIFJhIB2hIc0q7IAfltI3SRypd2FPvvqtGC3vbST7k85a3%2Fh9vKLLmj"}]}
Server: cloudflare
CF-RAY: 9c311086a802abf1-YYZ
alt-svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015" integrity="sha512-ZpsOmlRQV6y907TI0dKBHq9Md29nnaEIPlkf84rnaERnq6zvWvPUqr2ft8M1aS28oN72PdrCzSjY4U6VaAw1EQ==" data-cf-beacon='{"version":"2024.11.0","token":"df334b19448d4fcf9a3179ef6ded396b","r":1,"server_timing":{"name":{"cfCacheStatus":true,"cfEdge":true,"cfExtPri":true,"cfL4":true,"cfOrigin":true,"cfSpeedBrain":true},"location_startswith":null}}' crossorigin="anonymous"></script>
</body>
</html>

Found 2026-01-24 by HttpPlugin

Create report

Open service 172.67.172.77:80 · aslot.io

2026-01-24 16:56

HTTP/1.1 308 Permanent Redirect
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Location: https://aslot.io
cf-cache-status: DYNAMIC
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=14,cfOrigin;dur=107
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=q27YUg2ExgQQtU93idJqtD%2FWrqDp%2F2vxWbchmrJ2bJ8seTmBCN1AlOI3Q%2FdOxojd8eoqI6Zp5QlYan2vNIh1%2F2vgsUhqVh1k"}]}
Server: cloudflare
CF-RAY: 9c3110867efdac30-YYZ
alt-svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015" integrity="sha512-ZpsOmlRQV6y907TI0dKBHq9Md29nnaEIPlkf84rnaERnq6zvWvPUqr2ft8M1aS28oN72PdrCzSjY4U6VaAw1EQ==" data-cf-beacon='{"version":"2024.11.0","token":"df334b19448d4fcf9a3179ef6ded396b","r":1,"server_timing":{"name":{"cfCacheStatus":true,"cfEdge":true,"cfExtPri":true,"cfL4":true,"cfOrigin":true,"cfSpeedBrain":true},"location_startswith":null}}' crossorigin="anonymous"></script>
</body>
</html>

Found 2026-01-24 by HttpPlugin

Create report

Open service 2606:4700:3037::6815:5823:443 · aslot.io

2026-01-24 16:56

HTTP/1.1 200 OK
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
x-powered-by: Next.js
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=8,cfOrigin;dur=121
vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=j5GAF4hTjmhk4qWUhgE1c72QdoFXQdgX2ecaggi4CeXfw2LfDTgoirv93O6YmmVOQmQDE9Fybg7C7NzHv7eTaFIcGKdJtk2R265EWC%2FDtUH4VOh3"}]}
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
CF-RAY: 9c3110874f49b404-YYZ
alt-svc: h3=":443"; ma=86400

Found 2026-01-24 by HttpPlugin

Create report

Open service 2606:4700:3035::ac43:ac4d:443 · aslot.io

2026-01-24 16:56

HTTP/1.1 200 OK
Date: Sat, 24 Jan 2026 16:56:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
x-powered-by: Next.js
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=7,cfOrigin;dur=904
vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BhG081hz4Y8MNiK2OTuEyjW3%2FZ0i7LY5pSlZ0ZR%2BStHhLjmq85hGE51pWvN2rICMHY4XKcwPnmOK4DZFQaddzXhwztYKgfYHCRaQcQmVR7Ky1Y73"}]}
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
CF-RAY: 9c311087e96f2157-SJC
alt-svc: h3=":443"; ma=86400

Found 2026-01-24 by HttpPlugin

Create report

Open service 104.21.88.35:80 · aslot.io

2026-01-24 16:56

HTTP/1.1 308 Permanent Redirect
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Location: https://aslot.io
cf-cache-status: DYNAMIC
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=21,cfOrigin;dur=168
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pD52VlW3K%2BNHYM3CwxxqtxLVr4HfMnAoFAWvj%2F601srnNkHyRQz3j9tC0ifmMHrAkeqLEeD0HA2MIzHscjRPQ7a0Qe9G96zj"}]}
Server: cloudflare
CF-RAY: 9c311085bd148c05-EWR
alt-svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
<script defer src="https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015" integrity="sha512-ZpsOmlRQV6y907TI0dKBHq9Md29nnaEIPlkf84rnaERnq6zvWvPUqr2ft8M1aS28oN72PdrCzSjY4U6VaAw1EQ==" data-cf-beacon='{"version":"2024.11.0","token":"df334b19448d4fcf9a3179ef6ded396b","r":1,"server_timing":{"name":{"cfCacheStatus":true,"cfEdge":true,"cfExtPri":true,"cfL4":true,"cfOrigin":true,"cfSpeedBrain":true},"location_startswith":null}}' crossorigin="anonymous"></script>
</body>
</html>

Found 2026-01-24 by HttpPlugin

Create report

Open service 104.21.88.35:8443 · aslot.io

2026-01-24 16:56

HTTP/1.1 522 <none>
Date: Sat, 24 Jan 2026 16:56:50 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Server: cloudflare
CF-RAY: 9c31108a888263ec-LHR
alt-svc: h3=":8443"; ma=86400


error code: 522

Found 2026-01-24 by HttpPlugin

Create report

Open service 2606:4700:3035::ac43:ac4d:8443 · aslot.io

2026-01-24 16:56

HTTP/1.1 522 <none>
Date: Sat, 24 Jan 2026 16:56:50 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
Server-Timing: cfEdge;dur=19422,cfOrigin;dur=0
X-Frame-Options: SAMEORIGIN
Server: cloudflare
CF-RAY: 9c31108a78351f2f-SJC
alt-svc: h3=":8443"; ma=86400


error code: 522

Found 2026-01-24 by HttpPlugin

Create report

Open service 2606:4700:3037::6815:5823:8443 · aslot.io

2026-01-24 16:56

HTTP/1.1 522 <none>
Date: Sat, 24 Jan 2026 16:56:50 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
Server-Timing: cfEdge;dur=19453,cfOrigin;dur=0
X-Frame-Options: SAMEORIGIN
Server: cloudflare
CF-RAY: 9c31108a5aa30702-YYZ
alt-svc: h3=":8443"; ma=86400


error code: 522

Found 2026-01-24 by HttpPlugin

Create report

Open service 2606:4700:3035::ac43:ac4d:80 · aslot.io

2026-01-24 16:56

HTTP/1.1 308 Permanent Redirect
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Location: https://aslot.io
cf-cache-status: DYNAMIC
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ymx6SlXCUx1vpks46uF%2FAJG%2BL9AJxfxIyAdM97ff9R0pHTcHrSHW4WcJ9GBZ6MRS63bzUwzCI5fuga1WR5mfApqnqf%2FBy%2BlzVdJC4IKMpHKoHw%3D%3D"}]}
Server: cloudflare
CF-RAY: 9c3110842f885c9e-FRA
alt-svc: h3=":443"; ma=86400

Page title: 308 Permanent Redirect

<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-24 by HttpPlugin

Create report

Open service 172.67.172.77:443 · aslot.io

2026-01-24 16:56

HTTP/1.1 200 OK
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
x-powered-by: Next.js
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=v97Pjn6jatfUNdGWbghoKTHaoKqAsIr6iWuWqyNV9wpnwmV9kBMJfwx3V4o4CTmORtO%2BOy51fuSaQy%2BHaibpTZ01tl6qwHwA"}]}
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 9c3110846879913d-FRA
alt-svc: h3=":443"; ma=86400

Found 2026-01-24 by HttpPlugin

Create report

Open service 104.21.88.35:443 · aslot.io

2026-01-24 16:56

HTTP/1.1 200 OK
Date: Sat, 24 Jan 2026 16:56:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
x-powered-by: Next.js
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Rw4J5RpKFxBAmBzMsKXbEV5W%2FVa32iaeF3%2BhPxZ5DnItzgD%2FIUuDOYBuF8dXv1T1LzUqfD%2BmDr3PiwhXRip5YMITELRRjdvw"}]}
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 9c311083deec57f0-AMS
alt-svc: h3=":443"; ma=86400

Found 2026-01-24 by HttpPlugin

Create report

Open service 172.67.172.77:8443 · aslot.io

2026-01-24 16:56

HTTP/1.1 522 <none>
Date: Sat, 24 Jan 2026 16:56:50 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 15
Connection: close
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Server: cloudflare
CF-RAY: 9c311089de15db0f-FRA
alt-svc: h3=":8443"; ma=86400


error code: 522

Found 2026-01-24 by HttpPlugin

Create report

Open service 172.67.172.77:443 · async.aslot.io

2026-01-23 13:41

HTTP/1.1 200 OK
Date: Fri, 23 Jan 2026 13:41:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2
Connection: close
vary: Origin
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-ratelimit-limit-global: 50
x-ratelimit-remaining-global: 49
x-ratelimit-reset-global: 1
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=4,cfOrigin;dur=83
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CcbwxZQtn2xZL5c%2BI25ODQX4RoCN2wLQsw96xrHqyEO2wQB1qTAVV2qoRlPbGo6hIQdUjOrolBnLetTDiJfg9ysk6EBpfC2NfssCflsb"}]}
Server: cloudflare
CF-RAY: 9c27b54d5883de97-EWR
alt-svc: h3=":443"; ma=86400


OK

Found 2026-01-23 by HttpPlugin

Create report

Open service 172.67.172.77:443 · async.aslot.io

2026-01-09 13:45

HTTP/1.1 200 OK
Date: Fri, 09 Jan 2026 13:45:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2
Connection: close
vary: Origin
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-ratelimit-limit-global: 50
x-ratelimit-remaining-global: 49
x-ratelimit-reset-global: 1
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=8,cfOrigin;dur=252
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=isvI%2BQr2Quxpyr%2FyLmDQn6SBpxaCVXYswkS9PaFlnhkz70dQ0zWxIAD9lvR0C9M8PEieVsoHjXE9moLOVtFupOledhuuZcLLliXj6dkD"}]}
Server: cloudflare
CF-RAY: 9bb4602518f77aea-EWR
alt-svc: h3=":443"; ma=86400


OK

Found 2026-01-09 by HttpPlugin

Create report

Open service 172.67.172.77:443 · async.aslot.io

2026-01-02 13:33

HTTP/1.1 200 OK
Date: Fri, 02 Jan 2026 13:33:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2
Connection: close
vary: Origin
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-ratelimit-limit-global: 50
x-ratelimit-remaining-global: 48
x-ratelimit-reset-global: 1
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=7,cfOrigin;dur=248
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lWv7p8Qlh%2BX%2BsJS6WtBr4bd%2Blr4gDYthyp2PSc69YMwGLK89JY6cJ3V2QS08GioPqbnk8tTDpVWdrZnu5YGr%2Fouk2S0cTD349yzo0dsL"}]}
Server: cloudflare
CF-RAY: 9b7aa19eedfb5f74-EWR
alt-svc: h3=":443"; ma=86400


OK

Found 2026-01-02 by HttpPlugin

Create report

aslot.io*.aslot.io

Fingerprint:

b8f4c9d5742f99bef911581c946f57ae2d144b9c816c2b91208d4d9e94aa6308

CN:

aslot.io

Key:

ECDSA-256

Issuer:

WE1

Not before:

2025-11-26 15:45

Not after:

2026-02-24 16:44

Domain summary

async.aslot.io 4 aslot.io 11

2 recorded

IP summary

172.67.172.77 3 2606:4700:3037::6815:5823 1 2606:4700:3035::ac43:ac4d 1 104.21.88.35 1

4 recorded

Domain aslot.io

Software information

Swagger API description is publicly available

aslot.io*.aslot.io

Domain summary

IP summary