LeakIX - Host bharatpd-mobileapi.nidemo.com

Domain bharatpd-mobileapi.nidemo.com

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.105.216.40
Domain: bharatpd-mobileapi.nidemo.com
Port: 443
URL: https://bharatpd-mobileapi.nidemo.com

First seen 2026-01-02 14:56

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492cbcee0cc401d1729981bdafc66348676500d1ad

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Account
GET /api/Business/{portalId}/{businessId}
GET /api/BusinessRequest/formTypes
GET /api/BusinessRequest/requestFormTemplates
GET /api/BusinessRequest/summary
GET /api/BusinessSearch
GET /api/Case/{caseId}/Evidence
GET /api/Case/{caseId}/Summary
GET /api/CaseSearch
GET /api/CitizenRequest/formTypes
GET /api/CitizenRequest/requestFormTemplates
GET /api/CitizenRequest/summary
GET /api/Config
GET /api/Config/announcementBanner
GET /api/Config/authentication/{agencyId}
GET /api/Config/loginBanner
GET /api/Dispatch
GET /api/Evidence/{evidenceId}/variants
GET /api/IncidentMedia/{cadItemId}
GET /api/Media/evidence/{evidenceId}
GET /api/Media/evidence/{evidenceId}/status
GET /api/Media/evidence/{evidenceId}/thumbnail
GET /service/Health/ping
POST /api/Account/logout
POST /api/BusinessRequest
POST /api/CitizenRequest
POST /api/FileUpload
POST /api/FileUpload/token
POST /api/IncidentMedia
POST /api/IncidentMedia/Retrieval/{indexItemId}
POST /api/IncidentMedia/RetrievalStatus
POST /api/Media/evidence/{evidenceId}/playing
POST /api/Media/evidence/{evidenceId}/segmentPlayed

Found on 2026-01-02 14:56

Create report

Open service 20.105.216.40:443 · bharatpd-mobileapi.nidemo.com

2026-01-23 05:09

HTTP/1.1 403 Ip Forbidden
Content-Length: 1892
Connection: close
Content-Type: text/html
Date: Fri, 23 Jan 2026 05:10:15 GMT
x-ms-forbidden-ip: 143.110.213.72

Page title: Web App - Unavailable

<!DOCTYPE html>
<html>
<head>
    <title>Web App - Unavailable</title>
    <style type="text/css">
        html {
            height: 100%;
            width: 100%;
        }

        #feature {
            width: 960px;
            margin: 95px auto 0 auto;
            overflow: auto;
        }

        #content {
            font-family: "Segoe UI";
            font-weight: normal;
            font-size: 22px;
            color: #ffffff;
            float: left;
            width: 460px;
            margin-top: 68px;
            margin-left: 0px;
            vertical-align: middle;
        }

            #content h1 {
                font-family: "Segoe UI Light";
                color: #ffffff;
                font-weight: normal;
                font-size: 60px;
                line-height: 48pt;
                width: 800px;
            }

        p a, p a:visited, p a:active, p a:hover {
            color: #ffffff;
        }

        #content a.button {
            background: #0DBCF2;
            border: 1px solid #FFFFFF;
            color: #FFFFFF;
            display: inline-block;
            font-family: Segoe UI;
            font-size: 24px;
            line-height: 46px;
            margin-top: 10px;
            padding: 0 15px 3px;
            text-decoration: none;
        }

            #content a.button img {
                float: right;
                padding: 10px 0 0 15px;
            }

            #content a.button:hover {
                background: #1C75BC;
            }
    </style>
</head>
<body bgcolor="#00abec">
    <div id="feature">
        <div id="content">
            <h1 id="unavailable">Error 403 - Forbidden</h1>
            <p id="tryAgain">The web app you have attempted to reach has blocked your access.</p>
        </div>
    </div>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 20.105.216.40:443 · bharatpd-mobileapi.nidemo.com

2026-01-09 09:59

HTTP/1.1 403 Ip Forbidden
Content-Length: 1892
Connection: close
Content-Type: text/html
Date: Fri, 09 Jan 2026 10:00:27 GMT
x-ms-forbidden-ip: 142.93.129.190

Page title: Web App - Unavailable

<!DOCTYPE html>
<html>
<head>
    <title>Web App - Unavailable</title>
    <style type="text/css">
        html {
            height: 100%;
            width: 100%;
        }

        #feature {
            width: 960px;
            margin: 95px auto 0 auto;
            overflow: auto;
        }

        #content {
            font-family: "Segoe UI";
            font-weight: normal;
            font-size: 22px;
            color: #ffffff;
            float: left;
            width: 460px;
            margin-top: 68px;
            margin-left: 0px;
            vertical-align: middle;
        }

            #content h1 {
                font-family: "Segoe UI Light";
                color: #ffffff;
                font-weight: normal;
                font-size: 60px;
                line-height: 48pt;
                width: 800px;
            }

        p a, p a:visited, p a:active, p a:hover {
            color: #ffffff;
        }

        #content a.button {
            background: #0DBCF2;
            border: 1px solid #FFFFFF;
            color: #FFFFFF;
            display: inline-block;
            font-family: Segoe UI;
            font-size: 24px;
            line-height: 46px;
            margin-top: 10px;
            padding: 0 15px 3px;
            text-decoration: none;
        }

            #content a.button img {
                float: right;
                padding: 10px 0 0 15px;
            }

            #content a.button:hover {
                background: #1C75BC;
            }
    </style>
</head>
<body bgcolor="#00abec">
    <div id="feature">
        <div id="content">
            <h1 id="unavailable">Error 403 - Forbidden</h1>
            <p id="tryAgain">The web app you have attempted to reach has blocked your access.</p>
        </div>
    </div>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 20.105.216.40:80 · bharatpd-mobileapi.nidemo.com

2026-01-02 14:56

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Fri, 02 Jan 2026 14:56:17 GMT
Location: https://bharatpd-mobileapi.nidemo.com/

Found 2026-01-02 by HttpPlugin

Create report

Open service 20.105.216.40:443 · bharatpd-mobileapi.nidemo.com

2026-01-02 14:56

HTTP/1.1 401 Unauthorized
Content-Length: 0
Connection: close
Date: Fri, 02 Jan 2026 14:56:15 GMT
WWW-Authenticate: Bearer
WWW-Authenticate: Bearer
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:02966725-0b0d-4a2b-a9f9-05c8e486f78e
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: Deny
Referrer-Policy: same-origin
Feature-Policy: fullscreen 'none'; geolocation 'none'; autoplay 'none'; layout-animations 'none'; oversized-images 'none'; accelerometer 'none'; ambient-light-sensor 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; sync-xhr 'none'; usb 'none'; wake-lock 'none';

Found 2026-01-02 by HttpPlugin

Create report

*.nidemo.comnidemo.com

Fingerprint:

54b95913e29d7fc034931adf08b2c72ffd628dfb815c654021f36d49b1b53a32

CN:

*.nidemo.com

Key:

RSA-2048

Issuer:

RapidSSL TLS RSA CA G1

Not before:

2025-09-01 00:00

Not after:

2026-09-29 23:59

Domain summary

bharatpd-mobileapi.nidemo.com 4

1 recorded

IP summary

20.105.216.40 2

1 recorded