LeakIX - Host 34.199.47.233

Host 34.199.47.233

United States

AMAZON-AES

Software information

awselb awselb 2.0

tcp/443

uvicorn

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.199.47.233
Domain: tb-contentful-api.thebump.com
Port: 443
URL: https://tb-contentful-api.thebump.com

First seen 2025-11-07 12:42
Last seen 2026-01-26 10:03
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43bfddc5801de00a711de00a711de00a711de00a71
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /health
POST /v1/contentful
```
  Found on 2026-01-26 10:03
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.199.47.233
Domain: production-k8-status-jte.eng.theknotww.com
Port: 443
URL: https://production-k8-status-jte.eng.theknotww.com

First seen 2025-11-15 00:03
Last seen 2026-01-13 23:06
Open for 59 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43714a58ce162d53254fd205594fd205594fd20559
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /
GET /colors
GET /delay
```
  Found on 2026-01-13 23:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.199.47.233
Domain: prod-designer-api.localsolutions.theknot.com
Port: 443
URL: https://prod-designer-api.localsolutions.theknot.com

First seen 2025-11-13 19:42
Last seen 2026-01-12 18:43
Open for 59 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43980020e9427bd8c25f2e5695d627b4b33f57b0b0
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /storefronts/{storefrontId}/designers/{id}
GET /designers
GET /designers/{id}
GET /healthy
GET /storefronts/{id}/designers
POST /storefronts/bulk-publish
POST /storefronts/{id}/designers/copy
POST /storefronts/{storefrontId}/publish
```
  Found on 2026-01-12 18:43
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.199.47.233
Domain: prod-storefront-api.localsolutions.theknot.com
Port: 443
URL: https://prod-storefront-api.localsolutions.theknot.com

First seen 2025-11-13 17:46
Last seen 2026-01-12 16:50
Open for 59 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43bf6d16b59a9bf4bb90710cc140ef377a05da3904

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /account/storefronts
GET /accounts/search
GET /healthy
GET /progress-items
GET /progress-items/{storefrontId}
GET /sales-profiles/search
GET /storefronts
GET /storefronts/reinstate
GET /storefronts/reinstate/download/xlsx
GET /storefronts/renewals
GET /storefronts/search
GET /storefronts/search/{storefrontId}
GET /storefronts/summary
GET /storefronts/{accountId}/renewals/active
GET /storefronts/{id}
GET /storefronts/{id}/can-go-live
GET /storefronts/{id}/details
GET /storefronts/{id}/details/completion
GET /storefronts/{id}/details/general-info
GET /storefronts/{id}/details/mails
GET /storefronts/{id}/details/search-filters
GET /storefronts/{id}/details/social-media
GET /storefronts/{storefrontId}/bio
GET /storefronts/{storefrontId}/logo
GET /v2/progress-items/{storefrontId}
GET /v2/storefronts/or-search
GET /v2/storefronts/search
GET /validate-website
GET /visit-help-page
POST /accounts/summary
POST /bio/bulk-copy
POST /logo/bulk-copy
POST /storefronts/bio/search
POST /storefronts/bulk-copy
POST /storefronts/bulk-publish
POST /storefronts/logo/search
POST /storefronts/{id}/facets
POST /storefronts/{id}/go-live
POST /storefronts/{storefrontId}/publish
POST /storefronts/{storefrontId}/publish-bio
POST /storefronts/{storefrontId}/publish-logo
PUT /progress-items/{id}
PUT /storefronts/{id}/details/bio
PUT /storefronts/{id}/details/business
PUT /storefronts/{id}/details/contact

Found on 2026-01-12 16:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.199.47.233
Domain: prod-settings-api.localsolutions.theknot.com
Port: 443
URL: https://prod-settings-api.localsolutions.theknot.com

First seen 2025-11-13 17:30
Last seen 2026-01-12 16:34
Open for 59 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff438a1de8f902eb295a020da18aff23d2d0033ffe26
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /healthy
GET /storefront-settings
GET /storefronts/{id}/settings
POST /settings
POST /storefronts/{storefrontId}/publish-settings
PUT /settings/{id}
PUT /storefronts/{storefrontId}/backup-settings
PUT /storefronts/{storefrontId}/reset-settings
PUT /storefronts/{storefrontId}/restore-settings
```
  Found on 2026-01-12 16:34
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.199.47.233
Domain: prod-dashboard-api.localsolutions.theknot.com
Port: 443
URL: https://prod-dashboard-api.localsolutions.theknot.com

First seen 2025-11-08 21:25
Last seen 2026-01-07 20:29
Open for 59 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff437b5531a80c59dc1dd21b4d370d8014825d86ec89
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /completion/{id}/appcues/vendor-info
GET /dashboard/{id}/progress
GET /dashboard/{id}/progress-by-storefront
GET /dashboard/{id}/progress-by-storefront-list/{listName}
GET /employee/info
GET /healthy
POST /request-secure-link
```
  Found on 2026-01-07 20:29
Create report

Open service 34.199.47.233:443 · prod-dashboard-api.localsolutions.theknot.com

2026-01-22 23:21

HTTP/1.1 200 OK
Date: Thu, 22 Jan 2026 23:21:40 GMT
Content-Type: application/json
Content-Length: 129
Connection: close
server: uvicorn
x-process-time: 0.0016167163848876953


{"name":"Odin Web Search API","version":"2.0.0","description":"Web-search-focused Discord bot","docs":"/docs","health":"/health"}

Found 2026-01-22 by HttpPlugin

Create report

Open service 34.199.47.233:443 · prod-designer-api.localsolutions.theknot.com

2026-01-22 20:07

HTTP/1.1 200 OK
Date: Thu, 22 Jan 2026 20:07:06 GMT
Content-Type: application/json
Content-Length: 129
Connection: close
server: uvicorn
x-process-time: 0.0011560916900634766


{"name":"Odin Web Search API","version":"2.0.0","description":"Web-search-focused Discord bot","docs":"/docs","health":"/health"}

Found 2026-01-22 by HttpPlugin

Create report

Open service 34.199.47.233:443 · prod-dashboard-api.localsolutions.theknot.com

2026-01-10 02:37

HTTP/1.1 404 Not Found
Server: awselb/2.0
Date: Sat, 10 Jan 2026 02:37:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 156
Connection: close

Page title: 404 No Such Service

<!DOCTYPE html>
<html>
<head><title>404 No Such Service</title></head>
<body bgcolor="white">
<center><h1>404 No Such Service</h1></center>
</body>
</html>

Found 2026-01-10 by HttpPlugin