LeakIX - Host dev.api.mailer.hotlens.com

Domain dev.api.mailer.hotlens.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 15.197.129.158
Domain: dev.api.mailer.hotlens.com
Port: 80
URL: http://dev.api.mailer.hotlens.com

First seen 2025-10-17 13:53
Last seen 2026-01-09 03:09
Open for 83 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec0197faf3da10c07fcaed

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
GET /api/backoffice/Mailer/potencional-players-mails
HEAD /api/Sendgrid/health-check
HEAD /api/backoffice/Mailer/health-check
POST /api/Sendgrid/player-open-email
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/change-potencional-player-segment
PUT /api/backoffice/Mailer/edit-player-segment-period
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2026-01-09 03:09

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec0197faf3da10a69516d5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
GET /api/backoffice/Mailer/potencional-players-mails
HEAD /api/Sendgrid/health-check
HEAD /api/backoffice/Mailer/health-check
POST /api/Sendgrid/player-open-email
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/change-potencional-player-segment
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2025-12-16 13:46

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec019740bcc8dfdbbd7c73

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
HEAD /api/backoffice/Mailer/health-check
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2025-10-17 13:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: dev.api.mailer.hotlens.com
Port: 443
URL: https://dev.api.mailer.hotlens.com

First seen 2025-10-17 13:53
Last seen 2026-01-08 23:35
Open for 83 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec0197faf3da10c07fcaed

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
GET /api/backoffice/Mailer/potencional-players-mails
HEAD /api/Sendgrid/health-check
HEAD /api/backoffice/Mailer/health-check
POST /api/Sendgrid/player-open-email
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/change-potencional-player-segment
PUT /api/backoffice/Mailer/edit-player-segment-period
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2026-01-08 23:35

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec0197faf3da10a69516d5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
GET /api/backoffice/Mailer/potencional-players-mails
HEAD /api/Sendgrid/health-check
HEAD /api/backoffice/Mailer/health-check
POST /api/Sendgrid/player-open-email
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/change-potencional-player-segment
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2025-12-16 16:04

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939890807d99b8e7b95ec019740bcc8dfdbbd7c73

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/backoffice/Mailer/potencional-player-segment-periods
GET /api/backoffice/Mailer/potencional-player-segments
GET /api/backoffice/Mailer/potencional-players
HEAD /api/backoffice/Mailer/health-check
POST /api/backoffice/Mailer/create-player-segment
POST /api/backoffice/Mailer/create-player-segment-period
POST /api/backoffice/Mailer/create-potencional-player-segment
POST /api/backoffice/Mailer/send-player-invite
POST /api/backoffice/Mailer/send-players-invite
POST /api/backoffice/Mailer/upload-potencional-players
PUT /api/backoffice/Mailer/unsubscribe-crm-email

Found on 2025-10-17 13:53

Create report

Open service 15.197.129.158:80 · dev.api.mailer.hotlens.com

2026-01-09 03:09

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 03:10:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=NCtnThUWpDWLjCMk%2BeWrXsk%2FhpBnWjqYAXydmtkl6J8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767928248"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=NCtnThUWpDWLjCMk%2BeWrXsk%2FhpBnWjqYAXydmtkl6J8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767928248"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 233
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000723",
  "checks": [
    {
      "name": "HealthCheck",
      "status": "Healthy",
      "description": null,
      "duration": "00:00:00.0000006",
      "data": {}
    }
  ]
}

Found 2026-01-09 by HttpPlugin

Create report

Open service 99.83.217.1:443 · dev.api.mailer.hotlens.com

2026-01-08 23:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Thu, 08 Jan 2026 23:35:13 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=XvFOldTRuICBgnQaIM%2BfmsQZY7xPSE9SyRpUuGW715o%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767915313"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=XvFOldTRuICBgnQaIM%2BfmsQZY7xPSE9SyRpUuGW715o%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767915313"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 233
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000605",
  "checks": [
    {
      "name": "HealthCheck",
      "status": "Healthy",
      "description": null,
      "duration": "00:00:00.0000007",
      "data": {}
    }
  ]
}

Found 2026-01-08 by HttpPlugin

Create report

Open service 15.197.129.158:80 · dev.api.mailer.hotlens.com

2026-01-02 10:48

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 10:48:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=HMf%2Fg40qI58wcMc7YuTln9Z1jujdJabHKjL0vPp3lQU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767350913"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=HMf%2Fg40qI58wcMc7YuTln9Z1jujdJabHKjL0vPp3lQU%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767350913"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 80
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000063",
  "checks": []
}

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.217.1:443 · dev.api.mailer.hotlens.com

2026-01-01 22:02

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Thu, 01 Jan 2026 22:02:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=j39MH%2F8QL%2FnHT6gloLGXZMfC5yOvR%2FRvWFk2W0mki8I%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767304968"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=j39MH%2F8QL%2FnHT6gloLGXZMfC5yOvR%2FRvWFk2W0mki8I%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767304968"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 80
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000053",
  "checks": []
}

Found 2026-01-01 by HttpPlugin

Create report

Open service 99.83.217.1:443 · dev.api.mailer.hotlens.com

2025-12-30 06:30

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Tue, 30 Dec 2025 06:30:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=B%2FV8GBd%2Fot1wPf8sxa68L9chWwFqEDQmLWiYJTDWTus%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767076239"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=B%2FV8GBd%2Fot1wPf8sxa68L9chWwFqEDQmLWiYJTDWTus%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767076239"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 80
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0008872",
  "checks": []
}

Found 2025-12-30 by HttpPlugin

Create report

Open service 15.197.129.158:80 · dev.api.mailer.hotlens.com

2025-12-22 19:02

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 19:02:27 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=KXj3ErsvKs5QoBpVMehPpPm%2BYTRolf3%2F1bSyGBsb3rE%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766430148"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=KXj3ErsvKs5QoBpVMehPpPm%2BYTRolf3%2F1bSyGBsb3rE%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766430148"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 80
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000066",
  "checks": []
}

Found 2025-12-22 by HttpPlugin

Create report

Open service 15.197.129.158:80 · dev.api.mailer.hotlens.com

2025-12-20 20:47

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 20:47:54 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=plzUMIhB4XNEwUdIuWYfh2h1Fm0%2FILx2OF1WDE0q0BA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766263674"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=plzUMIhB4XNEwUdIuWYfh2h1Fm0%2FILx2OF1WDE0q0BA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766263674"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 80
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000345",
  "checks": []
}

Found 2025-12-20 by HttpPlugin

Create report

Open service 99.83.217.1:443 · dev.api.mailer.hotlens.com

2025-12-20 11:28

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 11:28:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Pragma: no-cache
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=GumDaQ%2B2idQyJzQiuq%2BA1vSwjECbn0ZaIu3X06T3Do8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766230083"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=GumDaQ%2B2idQyJzQiuq%2BA1vSwjECbn0ZaIu3X06T3Do8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766230083"
Request-Context: appId=cid-v1:b2a92933-f605-4915-b34d-082014777d4b
Server: Heroku
Via: 1.1 heroku-router
Content-Length: 80
Connection: close


{
  "status": "Healthy",
  "totalDuration": "00:00:00.0000061",
  "checks": []
}

Found 2025-12-20 by HttpPlugin

Create report

dev.api.mailer.hotlens.com

Fingerprint:

92c7038dda2a28b817da235122e61c7cbe810472305ac47c3c9778f42794303c

CN:

dev.api.mailer.hotlens.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-12-16 23:24

Not after:

2026-03-16 23:24

Domain summary

dev.api.mailer.hotlens.com 13

1 recorded

IP summary

15.197.129.158 1 99.83.217.1 1

2 recorded