LeakIX - Host 223.165.28.45

Host 223.165.28.45

India

I World Tower, DLF CITY

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 223.165.28.45
Domain: oauth2.economictimes.indiatimes.com
Port: 443
URL: https://oauth2.economictimes.indiatimes.com

First seen 2025-11-14 04:53
Last seen 2026-01-09 18:59
Open for 56 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bfa5f004fa4ad61ff6ff787680efa6a2807c540bc

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/status
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
GET /oauth/api/status
POST /api/token/generate
POST /api/token/logout
POST /api/v2/token/generate
POST /oauth/api/merchant/{merchantCode}/krypton/token
POST /oauth/api/merchant/{merchantCode}/token
POST /oauth/api/merchant/{merchantCode}/token/logout
POST /oauth/api/v2/merchant/{merchantCode}/token
PUT /api/blacklist/cache/reload/{secret}
PUT /api/whitelist/cache/reload/{secret}
PUT /auth/{merchantCode}/updateSsoDetails

Found on 2026-01-09 18:59

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7ca8ceae76968ba00e6fa90c0fbcced32fd04277b

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
PUT /auth/{merchantCode}/updateSsoDetails

Found on 2025-11-23 10:26

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 223.165.28.45
Domain: oauth2.economictimes.indiatimes.com
Port: 80
URL: http://oauth2.economictimes.indiatimes.com

First seen 2025-11-14 04:53
Last seen 2026-01-09 10:25
Open for 56 days

Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bfa5f004fa4ad61ff6ff787680efa6a2807c540bc

Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/status
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
GET /oauth/api/status
POST /api/token/generate
POST /api/token/logout
POST /api/v2/token/generate
POST /oauth/api/merchant/{merchantCode}/krypton/token
POST /oauth/api/merchant/{merchantCode}/token
POST /oauth/api/merchant/{merchantCode}/token/logout
POST /oauth/api/v2/merchant/{merchantCode}/token
PUT /api/blacklist/cache/reload/{secret}
PUT /api/whitelist/cache/reload/{secret}
PUT /auth/{merchantCode}/updateSsoDetails

Found on 2026-01-09 10:25

Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec8e81180a976506df5b0372e363e336a735a81760

Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
PUT /auth/{merchantCode}/updateSsoDetails

Found on 2025-11-27 06:43

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7bdaa9cb3e345bc4bcbe2c4c4f16b621436354818

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
GET /api/status
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
GET /oauth/api/status
POST /api/token/generate
POST /api/token/logout
POST /api/v2/token/generate
POST /oauth/api/merchant/{merchantCode}/krypton/token
POST /oauth/api/merchant/{merchantCode}/token
POST /oauth/api/merchant/{merchantCode}/token/logout
POST /oauth/api/v2/merchant/{merchantCode}/token
PUT /api/blacklist/cache/reload/{secret}
PUT /api/whitelist/cache/reload/{secret}
PUT /auth/{merchantCode}/updateSsoDetails

Found on 2025-11-23 10:26

Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7ca8ceae76968ba00e6fa90c0fbcced32fd04277b

Public Swagger UI/API detected at path: /swagger-ui.html - sample paths:
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
PUT /auth/{merchantCode}/updateSsoDetails

Found on 2025-11-21 05:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 223.165.28.45
Port: 443
URL: https://223.165.28.45

First seen 2025-12-10 01:56
Last seen 2026-01-08 17:50
Open for 29 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bfa5f004fa4ad61ff6ff787680efa6a2807c540bc
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /api/status
GET /auth/{merchantCode}/logout
GET /auth/{merchantCode}/oauthDetails
GET /auth/{merchantCode}/subStatus
GET /auth/{merchantCode}/subStatusDetails
GET /auth/{merchantCode}/userToken
GET /oauth/api/status
POST /api/token/generate
POST /api/token/logout
POST /api/v2/token/generate
POST /oauth/api/merchant/{merchantCode}/krypton/token
POST /oauth/api/merchant/{merchantCode}/token
POST /oauth/api/merchant/{merchantCode}/token/logout
POST /oauth/api/v2/merchant/{merchantCode}/token
PUT /api/blacklist/cache/reload/{secret}
PUT /api/whitelist/cache/reload/{secret}
PUT /auth/{merchantCode}/updateSsoDetails
```
  Found on 2026-01-08 17:50
Create report

Open service 223.165.28.45:80 · oauth2.economictimes.indiatimes.com

2026-01-23 15:30

HTTP/1.1 500 
Date: Fri, 23 Jan 2026 15:30:46 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"code":"400","message":"No static resource ."}

Found 2026-01-23 by HttpPlugin

Create report

Open service 223.165.28.45:443 · oauth2.economictimes.indiatimes.com

2026-01-23 15:30

HTTP/1.1 500 
Date: Fri, 23 Jan 2026 15:30:45 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"code":"400","message":"No static resource ."}

Found 2026-01-23 by HttpPlugin

Create report

Open service 223.165.28.45:443 · oauth2.economictimes.indiatimes.com

2026-01-23 10:03

HTTP/1.1 500 
Date: Fri, 23 Jan 2026 10:03:08 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"code":"400","message":"No static resource ."}

Found 2026-01-23 by HttpPlugin

Create report

Open service 223.165.28.45:80 · oauth2.economictimes.indiatimes.com

2026-01-23 06:55

HTTP/1.1 500 
Date: Fri, 23 Jan 2026 06:55:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"code":"400","message":"No static resource ."}

Found 2026-01-23 by HttpPlugin

Create report

Open service 223.165.28.45:443

2026-01-22 12:41

HTTP/1.1 500 
Date: Thu, 22 Jan 2026 12:41:45 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"code":"400","message":"No static resource ."}

Found 2026-01-22 by HttpPlugin

Create report

Open service 223.165.28.45:443 · oauth2.economictimes.indiatimes.com

2026-01-09 18:59

HTTP/1.1 404 
Date: Fri, 09 Jan 2026 18:59:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2026-01-09T18:59:53.898+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 223.165.28.45:80 · oauth2.economictimes.indiatimes.com

2026-01-09 10:25

HTTP/1.1 404 
Date: Fri, 09 Jan 2026 10:25:23 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2026-01-09T10:25:23.306+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 223.165.28.45:443

2026-01-08 17:50

HTTP/1.1 404 
Date: Thu, 08 Jan 2026 17:50:05 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2026-01-08T17:50:05.405+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-08 by HttpPlugin

Create report

Open service 223.165.28.45:80 · oauth2.economictimes.indiatimes.com

2026-01-02 14:00

HTTP/1.1 404 
Date: Fri, 02 Jan 2026 14:00:49 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2026-01-02T14:00:53.974+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 223.165.28.45:443 · oauth2.economictimes.indiatimes.com

2026-01-02 04:10

HTTP/1.1 404 
Date: Fri, 02 Jan 2026 04:10:55 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2026-01-02T04:10:59.396+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 223.165.28.45:443

2026-01-01 17:08

HTTP/1.1 404 
Date: Thu, 01 Jan 2026 17:08:12 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2026-01-01T17:08:16.411+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-01 by HttpPlugin

Create report

Open service 223.165.28.45:443

2025-12-24 00:39

HTTP/1.1 404 
Date: Wed, 24 Dec 2025 00:39:23 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2025-12-24T00:39:27.273+00:00","status":404,"error":"Not Found","path":"/"}

Found 2025-12-24 by HttpPlugin

Create report

Open service 223.165.28.45:80 · oauth2.economictimes.indiatimes.com

2025-12-22 19:36

HTTP/1.1 404 
Date: Mon, 22 Dec 2025 19:36:03 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2025-12-22T19:36:07.016+00:00","status":404,"error":"Not Found","path":"/"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 223.165.28.45:443 · oauth2.economictimes.indiatimes.com

2025-12-22 12:03

HTTP/1.1 404 
Date: Mon, 22 Dec 2025 12:03:44 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: close
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY


{"timestamp":"2025-12-22T12:03:48.511+00:00","status":404,"error":"Not Found","path":"/"}

Found 2025-12-22 by HttpPlugin

Create report

*.economictimes.indiatimes.comeconomictimes.indiatimes.com

Fingerprint:

dd6c583f9ef6a700df7db47467a35aef647e39f7fcae36a3094d737a0e89f587

CN:

*.economictimes.indiatimes.com

Key:

RSA-2048

Issuer:

GeoTrust TLS RSA CA G1

Not before:

2025-11-11 00:00

Not after:

2026-12-12 23:59

Domain summary

oauth2.economictimes.indiatimes.com 15

1 recorded