LeakIX - Host symmetricds-dev.benjaminmoore.com

Domain symmetricds-dev.benjaminmoore.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.149
Domain: symmetricds-dev.benjaminmoore.com
Port: 443
URL: https://symmetricds-dev.benjaminmoore.com

First seen 2025-10-28 17:28
Last seen 2026-01-23 09:58
Open for 86 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b42ce23b94b3bbda1eba77fc8816d3f1fb3d31c6b

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/engine/channelstatus
GET /api/engine/children
GET /api/engine/node
GET /api/engine/outgoingBatchSummary
GET /api/engine/parameter/{name}
GET /api/engine/pulldata
GET /api/engine/snapshot
GET /api/engine/status
GET /api/engine/{engine}/channelstatus
GET /api/engine/{engine}/children
GET /api/engine/{engine}/node
GET /api/engine/{engine}/outgoingBatchSummary
GET /api/engine/{engine}/parameter/{name}
GET /api/engine/{engine}/pulldata
GET /api/engine/{engine}/snapshot
GET /api/engine/{engine}/status
GET /api/enginelist
POST /api/engine/dbpasswd
POST /api/engine/dbuser/{username}
POST /api/engine/droptriggers
POST /api/engine/install
POST /api/engine/kspasswd
POST /api/engine/openregistration
POST /api/engine/openregistrationwindow
POST /api/engine/profile
POST /api/engine/querynode
POST /api/engine/refreshcache
POST /api/engine/registernode
POST /api/engine/reinitialize
POST /api/engine/removenode
POST /api/engine/requestinitialload
POST /api/engine/requesttablereload
POST /api/engine/sendschema
POST /api/engine/start
POST /api/engine/stop
POST /api/engine/synctriggers
POST /api/engine/synctriggers/{table}
POST /api/engine/table/{table}/droptriggers
POST /api/engine/uninstall
POST /api/engine/useradd/{username}
POST /api/engine/userdel/{username}
POST /api/engine/userdisable/{username}
POST /api/engine/userenable/{username}
POST /api/engine/usermodify/{username}
POST /api/engine/userpasswd/{username}
POST /api/engine/{engine}/clearHeartbeat
POST /api/engine/{engine}/dbpasswd
POST /api/engine/{engine}/dbuser/{username}
POST /api/engine/{engine}/droptriggers
POST /api/engine/{engine}/importconfig
POST /api/engine/{engine}/invokejob
POST /api/engine/{engine}/kspasswd
POST /api/engine/{engine}/openregistration
POST /api/engine/{engine}/openregistrationwindow
POST /api/engine/{engine}/profile
POST /api/engine/{engine}/querynode
POST /api/engine/{engine}/refreshcache
POST /api/engine/{engine}/registernode
POST /api/engine/{engine}/reinitialize
POST /api/engine/{engine}/removenode
POST /api/engine/{engine}/requestinitialload
POST /api/engine/{engine}/requesttablereload
POST /api/engine/{engine}/sendschema
POST /api/engine/{engine}/start
POST /api/engine/{engine}/stop
POST /api/engine/{engine}/synctriggers
POST /api/engine/{engine}/synctriggers/{table}
POST /api/engine/{engine}/table/{table}/droptriggers
POST /api/engine/{engine}/uninstall
POST /api/engine/{engine}/useradd/{username}
POST /api/engine/{engine}/userdel/{username}
POST /api/engine/{engine}/userdisable/{username}
POST /api/engine/{engine}/userenable/{username}
POST /api/engine/{engine}/usermodify/{username}
POST /api/engine/{engine}/userpasswd/{username}
PUT /api/engine/acknowledgebatch
PUT /api/engine/heartbeat
PUT /api/engine/{engine}/acknowledgebatch
PUT /api/engine/{engine}/heartbeat

Found on 2026-01-23 09:58

Create report

Open service 23.50.131.149:443 · symmetricds-dev.benjaminmoore.com

2026-01-23 09:58

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Fri, 23 Jan 2026 09:58:23 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=1bc1aac18c27ba222ba611dffc3967e3; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=1bc1aac18c27ba222ba611dffc3967e3; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=267
Server-Timing: origin; dur=13
Server-Timing: ak_p; desc="1769162303305_389224210_1061182995_27967_755_149_155_-";dur=1

Found 2026-01-23 by HttpPlugin

Create report

Open service 2a02:26f0:3500:18::1724:a29b:443 · symmetricds-dev.benjaminmoore.com

2026-01-22 21:45

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Thu, 22 Jan 2026 21:45:50 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=1bc1aac18c27ba222ba611dffc3967e3; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=1bc1aac18c27ba222ba611dffc3967e3; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=84
Server-Timing: origin; dur=9
Server-Timing: ak_p; desc="1769118350108_388276379_984130466_9364_1006_0_3_-";dur=1

Found 2026-01-22 by HttpPlugin

Create report

Open service 2.16.183.7:443 · symmetricds-dev.benjaminmoore.com

2026-01-22 21:45

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Thu, 22 Jan 2026 21:45:50 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=b6da2ada2e84f55c1f1876385def3eff; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=b6da2ada2e84f55c1f1876385def3eff; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=82
Server-Timing: origin; dur=10
Server-Timing: ak_p; desc="1769118350331_34610631_1387938808_9092_490_90_92_-";dur=1

Found 2026-01-22 by HttpPlugin

Create report

Open service 2a02:26f0:3500:18::1724:a28f:443 · symmetricds-dev.benjaminmoore.com

2026-01-22 21:45

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Thu, 22 Jan 2026 21:45:50 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=b6da2ada2e84f55c1f1876385def3eff; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=b6da2ada2e84f55c1f1876385def3eff; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=94
Server-Timing: origin; dur=8
Server-Timing: ak_p; desc="1769118350102_388276367_230375551_10185_1222_1_56_-";dur=1

Found 2026-01-22 by HttpPlugin

Create report

Open service 2.16.183.15:443 · symmetricds-dev.benjaminmoore.com

2026-01-22 21:45

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Thu, 22 Jan 2026 21:45:50 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=1bc1aac18c27ba222ba611dffc3967e3; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=1bc1aac18c27ba222ba611dffc3967e3; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=82
Server-Timing: origin; dur=9
Server-Timing: ak_p; desc="1769118349985_34610631_1387937339_9098_754_15_20_-";dur=1

Found 2026-01-22 by HttpPlugin

Create report

Open service 23.50.131.149:443 · symmetricds-dev.benjaminmoore.com

2026-01-09 08:59

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Fri, 09 Jan 2026 08:59:12 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=1bc1aac18c27ba222ba611dffc3967e3; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=1bc1aac18c27ba222ba611dffc3967e3; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=541
Server-Timing: origin; dur=44
Server-Timing: ak_p; desc="1767949151482_389224213_4282800917_58406_534_11_17_-";dur=1

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.50.131.149:443 · symmetricds-dev.benjaminmoore.com

2026-01-02 13:13

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Fri, 02 Jan 2026 13:13:27 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=1bc1aac18c27ba222ba611dffc3967e3; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=1bc1aac18c27ba222ba611dffc3967e3; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=79
Server-Timing: origin; dur=13
Server-Timing: ak_p; desc="1767359607812_389224210_2939777403_9228_479_14_17_-";dur=1

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.50.131.149:443 · symmetricds-dev.benjaminmoore.com

2025-12-22 18:08

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Content-Language: en-US
Location: /app/
Date: Mon, 22 Dec 2025 18:08:54 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=1bc1aac18c27ba222ba611dffc3967e3; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=1bc1aac18c27ba222ba611dffc3967e3; Path=/
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=286
Server-Timing: origin; dur=49
Server-Timing: ak_p; desc="1766426934212_389224213_844703283_33466_643_87_96_-";dur=1

Found 2025-12-22 by HttpPlugin

Create report

test-www.benjaminmoore.comaccount.benjaminmoore.comapi-dev.benjaminmoore.ioapi-qa.benjaminmoore.iodev-color.benjaminmoore.comdev-www.benjaminmoore.comdev-www.benjaminmoore.frdev-www.benjaminmoore.mxdev.benjaminmoorepaint.co.ukdev.occapi.benjaminmoore.comdev.retailer.benjaminmoore.comdev.shopnationalaccounts.benjaminmoore.comdev.store.benjaminmoore.comdev2.retailer.benjaminmoore.comdev2.shopnationalaccounts.benjaminmoore.comdev2.store.benjaminmoore.comds.benjaminmoore.comhilton.benjaminmoore.compreprod.benjaminmoorepaint.co.ukqa-www.benjaminmoore.mxsapappsdev.benjaminmoore.comsapappsmdgdev.benjaminmoore.comsapappsqa.benjaminmoore.comsnow.benjaminmoore.comstage-account.benjaminmoore.comstage-api.benjaminmoore.comStage-color.Benjaminmoore.comstage-ds.benjaminmoore.comstage-green.occapi.benjaminmoore.comstage-hilton.benjaminmoore.comstage.agent.chat.benjaminmoore.comstage.boutique.benjaminmoore.castage.chat.benjaminmoore.comstage.exchange.benjaminmoore.comStage.occapi.benjaminmoore.comstage.retailer-green.benjaminmoore.comstage.retailer.benjaminmoore.castage.retailer.benjaminmoore.comstage.shopnationalaccounts-green.benjaminmoore.comstage.store-green.benjaminmoore.comstorybook.dev.benjaminmoore.comstorybook.qa.benjaminmoore.comsymmetricds-dev.benjaminmoore.comsymmetricds-qa.benjaminmoore.comsymmetricds-uat.benjaminmoore.comtest-account.benjaminmoore.comtest-api.benjaminmoore.comtest-content.api.benjaminmoore.iotest-dev-www.benjaminmoore.comtest-dev.benjaminmoorepaint.co.uktest-ds.benjaminmoore.comtest-hilton.benjaminmoore.comtest-pre-content.cms.benjaminmoore.comtest-preprod.benjaminmoore.comtest-preprod.benjaminmoorepaint.co.uktest-preprodcontent-az.benjaminmoore.comtest-stage-account.benjaminmoore.comtest-stage-api.benjaminmoore.comtest-stage-applause.benjaminmoore.comtest-stage-ds.benjaminmoore.comtest-stage-expenses.benjaminmoore.comtest-stage-hilton.benjaminmoore.comtest-stage-hr.benjaminmoore.comtest-stage-intelex.benjaminmoore.comtest-stage-merchandise.benjaminmoore.comtest-stage-snow.benjaminmoore.comtest-stage-stationery.benjaminmoore.comtest-stage-wellness.benjaminmoore.comtest-uat-content.api.benjaminmoore.iotest-www.benjaminmoorepaint.co.uktest-www.experiencecentury.comuat-international-content.api.benjaminmoore.iouat.benjaminmoorepaint.co.ukwellness.benjaminmoore.com

Fingerprint:

c7c4e1ea2b1cf36d416b36e25180f85cba991bcef8036cd9085b3961a5f96cf9

CN:

test-www.benjaminmoore.com

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2026-01-22 00:00

Not after:

2026-05-12 23:59

test-www.benjaminmoore.comaccount.benjaminmoore.comapi-dev.benjaminmoore.ioapi-qa.benjaminmoore.iodev-color.benjaminmoore.comdev-www.benjaminmoore.comdev-www.benjaminmoore.frdev-www.benjaminmoore.mxdev.benjaminmoorepaint.co.ukdev.occapi.benjaminmoore.comdev.retailer.benjaminmoore.comdev.shopnationalaccounts.benjaminmoore.comdev.store.benjaminmoore.comdev2.retailer.benjaminmoore.comdev2.shopnationalaccounts.benjaminmoore.comdev2.store.benjaminmoore.comds.benjaminmoore.comhilton.benjaminmoore.compreprod.benjaminmoorepaint.co.ukqa-www.benjaminmoore.mxsapappsdev.benjaminmoore.comsapappsmdgdev.benjaminmoore.comsapappsqa.benjaminmoore.comsnow.benjaminmoore.comstage-account.benjaminmoore.comstage-api.benjaminmoore.comStage-color.Benjaminmoore.comstage-ds.benjaminmoore.comstage-hilton.benjaminmoore.comstage.agent.chat.benjaminmoore.comstage.boutique.benjaminmoore.castage.chat.benjaminmoore.comstage.exchange.benjaminmoore.comStage.occapi.benjaminmoore.comstage.retailer-green.benjaminmoore.comstage.retailer.benjaminmoore.castage.retailer.benjaminmoore.comstage.shopnationalaccounts-green.benjaminmoore.comstage.store-green.benjaminmoore.comstorybook.dev.benjaminmoore.comstorybook.qa.benjaminmoore.comsymmetricds-dev.benjaminmoore.comsymmetricds-qa.benjaminmoore.comsymmetricds-uat.benjaminmoore.comtest-account.benjaminmoore.comtest-api.benjaminmoore.comtest-content.api.benjaminmoore.iotest-dev-www.benjaminmoore.comtest-dev.benjaminmoorepaint.co.uktest-ds.benjaminmoore.comtest-hilton.benjaminmoore.comtest-pre-content.cms.benjaminmoore.comtest-preprod.benjaminmoore.comtest-preprod.benjaminmoorepaint.co.uktest-preprodcontent-az.benjaminmoore.comtest-stage-account.benjaminmoore.comtest-stage-api.benjaminmoore.comtest-stage-applause.benjaminmoore.comtest-stage-ds.benjaminmoore.comtest-stage-expenses.benjaminmoore.comtest-stage-hilton.benjaminmoore.comtest-stage-hr.benjaminmoore.comtest-stage-intelex.benjaminmoore.comtest-stage-merchandise.benjaminmoore.comtest-stage-snow.benjaminmoore.comtest-stage-stationery.benjaminmoore.comtest-stage-wellness.benjaminmoore.comtest-uat-content.api.benjaminmoore.iotest-www.benjaminmoorepaint.co.uktest-www.experiencecentury.comuat-international-content.api.benjaminmoore.iouat.benjaminmoorepaint.co.ukwellness.benjaminmoore.com

Fingerprint:

e154f7072f2155ae00394f5943a92eedf7d72e6d6761f9733eb49f27ac3439db

CN:

test-www.benjaminmoore.com

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2025-10-28 00:00

Not after:

2026-05-12 23:59

Domain summary

symmetricds-dev.benjaminmoore.com 8

1 recorded

IP summary

23.50.131.149 1 2a02:26f0:3500:18::1724:a29b 1 2.16.183.7 1 2a02:26f0:3500:18::1724:a28f 1 2.16.183.15 1

5 recorded