Domain cmp-api.atom.international
United States
Software information
nginx 1.17.10
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 54.230.228.46
Domain: cmp-api.atom.international
Port: 443
URL: https://cmp-api.atom.internationalFirst seen 2025-11-16 04:11
Last seen 2026-01-09 19:59
Open for 54 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43ab2196e69cde8e79c2e4ea045e0c2cd8e60e682cPublic Swagger UI/API detected at path: /swagger.json - sample paths: DELETE /program/campaigns/{campaign_id} GET /high_level_campaign/programs GET /high_level_campaign/programs/campaigns/comparison GET /high_level_campaign/programs/campaigns/map GET /library/material/categories GET /library/material/library-tag-key GET /library/material/library-tag-key-n-value GET /library/material/library-tag-value GET /library/material/material-tag GET /library/material/types GET /library/material/{material_id} GET /library/materials GET /program/ GET /program/asset/ctas GET /program/asset/ctas-categories GET /program/asset/multipart-upload/get-url GET /program/asset/options GET /program/asset/tag/key-value GET /program/asset/{asset_id} GET /program/assets GET /program/assets/countries GET /program/assets/download GET /program/assets/regions GET /program/campaigns GET /quicksight/dashboard GET /quicksight/dashboard-list GET /report/options GET /reports/ GET /reports/activities/comparison GET /reports/activities/locations GET /reports/activities/ranking GET /reports/activities/time-series GET /reports/download GET /reports/engagement-rate/image GET /reports/engagement-rate/video GET /reports/format-type/clicks GET /role/app/{app_id} GET /role/apps GET /role/campaign_permissions GET /role/email_notification GET /role/function_permissions GET /role/groups GET /role/program_permissions GET /role/role_campaign_relationship/{rel_id} GET /role/role_campaign_relationships GET /role/role_function_relationship GET /role/user/me GET /role/user/programs/campaigns GET /role/user/{user_id} GET /role/user_campaign_relationship/{rel_id} GET /role/user_campaign_relationships GET /role/users GET /tmp/asset/formats GET /tmp/asset/languages GET /tmp/asset/platforms GET /tmp/asset/sizes GET /tmp/user/ GET /user/cookie GET /user/{user_id}/programs PATCH /library/material/click/{id} PATCH /library/material/{id}/thumbnail PATCH /role/user/program/{program_id} POST /program/asset/file/duplicate POST /program/asset/files POST /program/asset/multipart-upload/complete POST /program/asset/multipart-upload/init POST /role/user/programs POST /role/user_program_campaign_relationships/{program_id} POST /user/token/validation PUT /library/material/library-tag-key/{key_id} PUT /library/material/library-tag-value/{value_id} PUT /library/material/material-tag/{material_tag_id} PUT /program/asset/tag/key-value/{key_name}Found on 2026-01-09 19:59
-
-
Open service 54.230.228.46:443 · cmp-api.atom.international
2026-01-09 19:59
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Content-Length: 1638 Connection: close Date: Fri, 09 Jan 2026 19:59:06 GMT X-Frame-Options: SAMEORIGIN Server: nginx/1.17.10 Allow: GET, HEAD, OPTIONS Expires: Fri, 09 Jan 2026 20:00:43 GMT Cache-Control: max-age=0, no-cache, no-store, must-revalidate Vary: Accept,Cookie,Authorization,Origin X-Cache: Miss from cloudfront Via: 1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P5 X-Amz-Cf-Id: KSxjLthsCnjZJcZJrRI3_aKBbVeZqzURyM3XHx9V8q7I8ZWhjPZ_6A== Page title: CMP API <!DOCTYPE html> <html> <head> <meta charset="utf-8"/> <title>CMP API</title> <link rel="icon" type="image/png" href="/static/drf-yasg/swagger-ui-dist/favicon-32x32.png"/> <link rel="stylesheet" type="text/css" href="/static/drf-yasg/style.css"/> <link rel="stylesheet" type="text/css" href="/static/drf-yasg/swagger-ui-dist/swagger-ui.css"> </head> <body class="swagger-body"> <div id="swagger-ui"></div> <script id="swagger-settings" type="application/json">{"docExpansion": "list", "deepLinking": false, "showExtensions": true, "defaultModelRendering": "model", "defaultModelExpandDepth": 3, "defaultModelsExpandDepth": 3, "showCommonExtensions": true, "supportedSubmitMethods": ["get", "put", "post", "delete", "options", "head", "patch", "trace"], "displayOperationId": true, "persistAuth": false, "refetchWithAuth": true, "refetchOnLogout": true, "fetchSchemaWithQuery": true}</script> <script id="oauth2-config" type="application/json">{}</script> <script src="/static/drf-yasg/swagger-ui-dist/swagger-ui-bundle.js"></script> <script src="/static/drf-yasg/swagger-ui-dist/swagger-ui-standalone-preset.js"></script> <script src="/static/drf-yasg/insQ.min.js"></script> <script src="/static/drf-yasg/immutable.min.js"></script> <script src="/static/drf-yasg/url-polyfill.min.js"></script> <script src="/static/drf-yasg/swagger-ui-init.js"></script> <a id="oauth2-redirect-url" href="/static/drf-yasg/swagger-ui-dist/oauth2-redirect.html" class="hidden"></a> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 54.230.228.46:443 · cmp-api.atom.international
2026-01-02 18:00
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Content-Length: 1638 Connection: close Date: Fri, 02 Jan 2026 18:00:34 GMT X-Frame-Options: SAMEORIGIN Server: nginx/1.17.10 Allow: GET, HEAD, OPTIONS Expires: Fri, 02 Jan 2026 18:02:14 GMT Cache-Control: max-age=0, no-cache, no-store, must-revalidate Vary: Accept,Cookie,Authorization,Origin X-Cache: Miss from cloudfront Via: 1.1 39665d11bf385fb9aabc991f857b37dc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P5 X-Amz-Cf-Id: inbLZ-a36_BwIK9BCEgi0RKE-yNe89smBr5HiGUPBxJDOVFdNIOz3A== Page title: CMP API <!DOCTYPE html> <html> <head> <meta charset="utf-8"/> <title>CMP API</title> <link rel="icon" type="image/png" href="/static/drf-yasg/swagger-ui-dist/favicon-32x32.png"/> <link rel="stylesheet" type="text/css" href="/static/drf-yasg/style.css"/> <link rel="stylesheet" type="text/css" href="/static/drf-yasg/swagger-ui-dist/swagger-ui.css"> </head> <body class="swagger-body"> <div id="swagger-ui"></div> <script id="swagger-settings" type="application/json">{"docExpansion": "list", "deepLinking": false, "showExtensions": true, "defaultModelRendering": "model", "defaultModelExpandDepth": 3, "defaultModelsExpandDepth": 3, "showCommonExtensions": true, "supportedSubmitMethods": ["get", "put", "post", "delete", "options", "head", "patch", "trace"], "displayOperationId": true, "persistAuth": false, "refetchWithAuth": true, "refetchOnLogout": true, "fetchSchemaWithQuery": true}</script> <script id="oauth2-config" type="application/json">{}</script> <script src="/static/drf-yasg/swagger-ui-dist/swagger-ui-bundle.js"></script> <script src="/static/drf-yasg/swagger-ui-dist/swagger-ui-standalone-preset.js"></script> <script src="/static/drf-yasg/insQ.min.js"></script> <script src="/static/drf-yasg/immutable.min.js"></script> <script src="/static/drf-yasg/url-polyfill.min.js"></script> <script src="/static/drf-yasg/swagger-ui-init.js"></script> <a id="oauth2-redirect-url" href="/static/drf-yasg/swagger-ui-dist/oauth2-redirect.html" class="hidden"></a> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 54.230.228.46:443 · cmp-api.atom.international
2025-12-20 20:20
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Content-Length: 1638 Connection: close Date: Sat, 20 Dec 2025 20:20:50 GMT X-Frame-Options: SAMEORIGIN Server: nginx/1.17.10 Allow: GET, HEAD, OPTIONS Expires: Sat, 20 Dec 2025 20:22:30 GMT Cache-Control: max-age=0, no-cache, no-store, must-revalidate Vary: Accept,Cookie,Authorization,Origin X-Cache: Miss from cloudfront Via: 1.1 1457b39f2ccd71582289928342a87178.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P5 X-Amz-Cf-Id: akCHw0xCbk1mlQrjExesM47f0uQ-ESj4wIlMwbjYTGpmirwOfuCNgA== Page title: CMP API <!DOCTYPE html> <html> <head> <meta charset="utf-8"/> <title>CMP API</title> <link rel="icon" type="image/png" href="/static/drf-yasg/swagger-ui-dist/favicon-32x32.png"/> <link rel="stylesheet" type="text/css" href="/static/drf-yasg/style.css"/> <link rel="stylesheet" type="text/css" href="/static/drf-yasg/swagger-ui-dist/swagger-ui.css"> </head> <body class="swagger-body"> <div id="swagger-ui"></div> <script id="swagger-settings" type="application/json">{"docExpansion": "list", "deepLinking": false, "showExtensions": true, "defaultModelRendering": "model", "defaultModelExpandDepth": 3, "defaultModelsExpandDepth": 3, "showCommonExtensions": true, "supportedSubmitMethods": ["get", "put", "post", "delete", "options", "head", "patch", "trace"], "displayOperationId": true, "persistAuth": false, "refetchWithAuth": true, "refetchOnLogout": true, "fetchSchemaWithQuery": true}</script> <script id="oauth2-config" type="application/json">{}</script> <script src="/static/drf-yasg/swagger-ui-dist/swagger-ui-bundle.js"></script> <script src="/static/drf-yasg/swagger-ui-dist/swagger-ui-standalone-preset.js"></script> <script src="/static/drf-yasg/insQ.min.js"></script> <script src="/static/drf-yasg/immutable.min.js"></script> <script src="/static/drf-yasg/url-polyfill.min.js"></script> <script src="/static/drf-yasg/swagger-ui-init.js"></script> <a id="oauth2-redirect-url" href="/static/drf-yasg/swagger-ui-dist/oauth2-redirect.html" class="hidden"></a> </body> </html>Found 2025-12-20 by HttpPluginCreate report