LeakIX - Host 13.232.243.216

Host 13.232.243.216

India

AMAZON-02

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.232.243.216
Domain: jfmvapt.janitri.in
Port: 80
URL: http://jfmvapt.janitri.in

First seen 2025-11-28 22:54
Last seen 2025-12-16 03:38
Open for 17 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff4374d82134ac51be33cd86f5e38ae7f85412d212e5

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /v1/accounts/delete/
GET /v1/accounts/me/
GET /v1/accounts/{account_id}/children/
GET /v1/accounts/{account_id}/children/{child_id}/
GET /v1/accounts/{account_id}/device/connect/
GET /v1/accounts/{account_id}/device/discrete-data/
GET /v1/accounts/{account_id}/device/monitoring-sessions/
GET /v1/accounts/{account_id}/device/{device_id}/setting/
GET /v1/accounts/{account_id}/keyar/monitoring-sessions/
GET /v1/accounts/{account_id}/mvp/monitoring-sessions/
GET /v1/accounts/{account_id}/pregnancies/
GET /v1/accounts/{account_id}/pregnancies/{pregnancy_id}/
GET /v1/tesla/app-configs/
GET /v2/accounts/{account_id}/keyar/monitoring-sessions/
POST /v1/accounts/login/
POST /v1/accounts/logout/
POST /v1/accounts/otp/verify/
POST /v1/accounts/{account_id}/device/monitoring-sessions/{monitoring_session_id}/datasets/
POST /v1/accounts/{account_id}/device/{device_id}/disconnect/
POST /v1/accounts/{account_id}/device/{device_id}/forget/
POST /v1/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/
POST /v1/accounts/{account_id}/mvp/monitoring-sessions/{monitoring_session_id}/datasets/
POST /v2/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/
PUT /v1/accounts/me/uploads/
PUT /v1/accounts/{account_id}/device/monitoring-sessions/{monitoring_session_id}/
PUT /v1/accounts/{account_id}/device/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/
PUT /v1/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/
PUT /v1/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/
PUT /v1/accounts/{account_id}/mvp/monitoring-sessions/{monitoring_session_id}/
PUT /v1/accounts/{account_id}/mvp/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/
PUT /v2/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/
PUT /v2/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/

Found on 2025-12-16 03:38

Create report

Domain summary

jfmvapt.janitri.in 1

1 recorded