LeakIX - Host 3.6.18.144

Host 3.6.18.144

India

AMAZON-02

Software information

awselb awselb 2.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 3.6.18.144
Domain: jfmvapt.janitri.in
Port: 443
URL: https://jfmvapt.janitri.in

First seen 2025-11-28 22:54
Last seen 2025-12-16 07:04
Open for 17 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff4374d82134ac51be33cd86f5e38ae7f85412d212e5

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /v1/accounts/delete/
GET /v1/accounts/me/
GET /v1/accounts/{account_id}/children/
GET /v1/accounts/{account_id}/children/{child_id}/
GET /v1/accounts/{account_id}/device/connect/
GET /v1/accounts/{account_id}/device/discrete-data/
GET /v1/accounts/{account_id}/device/monitoring-sessions/
GET /v1/accounts/{account_id}/device/{device_id}/setting/
GET /v1/accounts/{account_id}/keyar/monitoring-sessions/
GET /v1/accounts/{account_id}/mvp/monitoring-sessions/
GET /v1/accounts/{account_id}/pregnancies/
GET /v1/accounts/{account_id}/pregnancies/{pregnancy_id}/
GET /v1/tesla/app-configs/
GET /v2/accounts/{account_id}/keyar/monitoring-sessions/
POST /v1/accounts/login/
POST /v1/accounts/logout/
POST /v1/accounts/otp/verify/
POST /v1/accounts/{account_id}/device/monitoring-sessions/{monitoring_session_id}/datasets/
POST /v1/accounts/{account_id}/device/{device_id}/disconnect/
POST /v1/accounts/{account_id}/device/{device_id}/forget/
POST /v1/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/
POST /v1/accounts/{account_id}/mvp/monitoring-sessions/{monitoring_session_id}/datasets/
POST /v2/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/
PUT /v1/accounts/me/uploads/
PUT /v1/accounts/{account_id}/device/monitoring-sessions/{monitoring_session_id}/
PUT /v1/accounts/{account_id}/device/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/
PUT /v1/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/
PUT /v1/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/
PUT /v1/accounts/{account_id}/mvp/monitoring-sessions/{monitoring_session_id}/
PUT /v1/accounts/{account_id}/mvp/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/
PUT /v2/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/
PUT /v2/accounts/{account_id}/keyar/monitoring-sessions/{monitoring_session_id}/datasets/{dataset_id}/

Found on 2025-12-16 07:04

Create report

Open service 3.6.18.144:443 · jfmvapt.janitri.in

2026-01-22 20:08

HTTP/1.1 502 Bad Gateway
Server: awselb/2.0
Date: Thu, 22 Jan 2026 20:08:57 GMT
Content-Type: text/html
Content-Length: 122
Connection: close
Set-Cookie: AWSALBTG=6aul5nffF+/jH71+F5l1h/mnRkZR6yK95Wpw7L9QAjjdIVXglVvMsU+6r2/DyBv2tH2ppEC7gui7F4Z37M4CpGZYimV/2Rk94TEKfT4zB3+Z1PuQ7bnbWlWWfNK5v4jWUdh2Humx0pYMoq+N+cqRQH0aVRS0mcsfafjRnGnkUDx/8j3Ahiw=; Expires=Thu, 29 Jan 2026 20:08:57 GMT; Path=/
Set-Cookie: AWSALBTGCORS=6aul5nffF+/jH71+F5l1h/mnRkZR6yK95Wpw7L9QAjjdIVXglVvMsU+6r2/DyBv2tH2ppEC7gui7F4Z37M4CpGZYimV/2Rk94TEKfT4zB3+Z1PuQ7bnbWlWWfNK5v4jWUdh2Humx0pYMoq+N+cqRQH0aVRS0mcsfafjRnGnkUDx/8j3Ahiw=; Expires=Thu, 29 Jan 2026 20:08:57 GMT; Path=/; SameSite=None; Secure
Set-Cookie: AWSALBAPP-0=_remove_; Expires=Thu, 29 Jan 2026 20:08:57 GMT; Path=/
Set-Cookie: AWSALBAPP-1=_remove_; Expires=Thu, 29 Jan 2026 20:08:57 GMT; Path=/
Set-Cookie: AWSALBAPP-2=_remove_; Expires=Thu, 29 Jan 2026 20:08:57 GMT; Path=/
Set-Cookie: AWSALBAPP-3=_remove_; Expires=Thu, 29 Jan 2026 20:08:57 GMT; Path=/

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
</body>
</html>

Found 2026-01-22 by HttpPlugin

Create report

*.amexgbt.iqd.cloud

Fingerprint:

3e7eb5979477a6244810b6744610cfa886dd43602ac1877a331be3b9499b6870

CN:

*.amexgbt.iqd.cloud

Key:

RSA-2048

Issuer:

Amazon RSA 2048 M01

Not before:

2025-09-12 00:00

Not after:

2026-10-11 23:59

Domain summary

jfmvapt.janitri.in 1

1 recorded