LeakIX - Host 52.47.37.174

Host 52.47.37.174

France

AMAZON-02

Software information

nginx nginx 1.18.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.47.37.174
Domain: api.eu.tel.cloud.voxist.com
Port: 443
URL: https://api.eu.tel.cloud.voxist.com

First seen 2025-12-07 07:13
Last seen 2026-01-22 23:57
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-22 23:57
Create report

Open service 52.47.37.174:443 · api.eu.tel.cloud.voxist.com

2026-01-22 23:57

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 22 Jan 2026 23:57:36 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: close
RateLimit-Policy: 600;w=300
RateLimit-Limit: 600
RateLimit-Remaining: 598
RateLimit-Reset: 299
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Expires: 0
Access-Control-Allow-Origin: *
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"


OK

Found 2026-01-22 by HttpPlugin

Create report

api.eu.tel.cloud.voxist.comeu.tel.cloud.voxist.comgrafana.eu.tel.cloud.voxist.comhomer.eu.tel.cloud.voxist.comjaeger.eu.tel.cloud.voxist.com

Fingerprint:

cfef9d25e3004a4698bd7438639a0eb43ec90e856af05164abe06b124e5bdb6f

CN:

eu.tel.cloud.voxist.com

Key:

ECDSA-256

Issuer:

Not before:

2025-12-07 06:13

Not after:

2026-03-07 06:13

Domain summary

api.eu.tel.cloud.voxist.com 1

1 recorded