LeakIX - Host xsmartapi-dev.imo-internal.com

Domain xsmartapi-dev.imo-internal.com

United States

AMAZON-02

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 18.66.192.15
Domain: xsmartapi-dev.imo-internal.com
Port: 443
URL: https://xsmartapi-dev.imo-internal.com

First seen 2025-11-30 02:55
Last seen 2026-01-09 08:01
Open for 40 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549b33dc4f1d261f3ead2a0bc4fc8b53ee7ae8f2379
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /v1/ReadModifierViews
GET /v1/searchSecondaryCodes
POST /v1/Associate
POST /v1/Categorize
POST /v1/Discovery
POST /v1/Dismiss
POST /v1/HccHierarchy
POST /v1/authorize
POST /v1/readItemFields
POST /v1/register
POST /v1/search
```
  Found on 2026-01-09 08:01
Create report

Open service 18.66.192.15:443 · xsmartapi-dev.imo-internal.com

2026-01-09 08:01

HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 42
Connection: close
Date: Fri, 09 Jan 2026 08:01:27 GMT
X-Amzn-Trace-Id: Root=1-6960b5d7-3aa949066db7e1666b17e085
x-amzn-RequestId: 172fa22f-47da-48e7-babb-bbd80f8f4d42
x-amzn-ErrorType: MissingAuthenticationTokenException
x-amz-apigw-id: W6FZwF54IAMEUqA=
X-Cache: Error from cloudfront
Via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
X-Amz-Cf-Id: KMC1YCYdfxOKhnCXAUSfx-LBX51tFDEV9F1XaUasRJZtbhZPfsIzWg==


{"message":"Missing Authentication Token"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 18.66.192.15:443 · xsmartapi-dev.imo-internal.com

2026-01-02 05:28

HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 42
Connection: close
Date: Fri, 02 Jan 2026 05:28:22 GMT
X-Amzn-Trace-Id: Root=1-69575776-333625676f7baf8d70f4184c
x-amzn-RequestId: a88f6f6a-e6c8-4e5c-8756-77903a4c5a0d
x-amzn-ErrorType: MissingAuthenticationTokenException
x-amz-apigw-id: WiqahHtnIAMEV9A=
X-Cache: Error from cloudfront
Via: 1.1 033e374ece012797cbee0d505e2e61b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
X-Amz-Cf-Id: fvjtZ0lkmmBZ1JMS3Dfk-T78TY7a9Up9kuIwfzTsLAV4PvY99eY5jg==


{"message":"Missing Authentication Token"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 18.66.192.15:443 · xsmartapi-dev.imo-internal.com

2025-12-22 06:39

HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 42
Connection: close
Date: Mon, 22 Dec 2025 06:39:51 GMT
X-Amzn-Trace-Id: Root=1-6948e7b7-2420ab863404d6bd6a3a81a3
x-amzn-RequestId: c09189c3-0ffd-454c-a1d5-58eedb28c10d
x-amzn-ErrorType: MissingAuthenticationTokenException
x-amz-apigw-id: V-kkqHaRoAMEuLQ=
X-Cache: Error from cloudfront
Via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
X-Amz-Cf-Id: hPD6O5lsaxiAyqEw-E_RifvpNNp6LdOzgqOmSuXYx7GD_MwKhkyGXw==


{"message":"Missing Authentication Token"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 18.66.192.15:443 · xsmartapi-dev.imo-internal.com

2025-12-20 17:51

HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 42
Connection: close
Date: Sat, 20 Dec 2025 17:51:40 GMT
X-Amzn-Trace-Id: Root=1-6946e22c-00c4dcbd70408d3c765f25a8
x-amzn-RequestId: c7d9b57d-5589-4f2e-85c3-daa8a87ca1f0
x-amzn-ErrorType: MissingAuthenticationTokenException
x-amz-apigw-id: V5hHFGKPIAMEMmA=
X-Cache: Error from cloudfront
Via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
X-Amz-Cf-Id: pih6VqTHWHxsxyUWT_G9fZO8-mzeX--Mh_wIh6eScclSXF7PlgvMvA==


{"message":"Missing Authentication Token"}

Found 2025-12-20 by HttpPlugin

Create report

Open service 18.66.192.15:443 · xsmartapi-dev.imo-internal.com

2025-12-19 03:02

HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 42
Connection: close
Date: Fri, 19 Dec 2025 03:02:43 GMT
X-Amzn-Trace-Id: Root=1-6944c053-60006d8f5782b7f476d7bbd7
x-amzn-RequestId: 138f902d-3493-442a-89d0-dd2e6b716e30
x-amzn-ErrorType: MissingAuthenticationTokenException
x-amz-apigw-id: V0L9EG-1oAMEocA=
X-Cache: Error from cloudfront
Via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
X-Amz-Cf-Id: eBFkVlJovV_8XEjM6bv6dNEeBsVXF1e0zWiGaTD12qbZAIz8zLYKgw==


{"message":"Missing Authentication Token"}

Found 2025-12-19 by HttpPlugin

Create report

xsmartapi-dev.imo-internal.com

Fingerprint:

39bd53e5d31c90ffe217c3266921e27bfce95690e52e83fe2e5cd08a350bef27

CN:

xsmartapi-dev.imo-internal.com

Key:

RSA-2048

Issuer:

Amazon RSA 2048 M01

Not before:

2025-12-09 00:00

Not after:

2027-01-07 23:59

Domain summary

xsmartapi-dev.imo-internal.com 5

1 recorded

IP summary

18.66.192.15 2

1 recorded

Domain xsmartapi-dev.imo-internal.com

United States

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

xsmartapi-dev.imo-internal.com

Domain summary

IP summary