LeakIX - Host 52.6.209.157

Host 52.6.209.157

United States

AMAZON-AES

Software information

Apache Apache

tcp/443

awselb awselb 2.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.6.209.157
Domain: prod-convo-api.localsolutions.theknot.com
Port: 443
URL: https://prod-convo-api.localsolutions.theknot.com

First seen 2025-10-21 06:25
Last seen 2026-02-01 19:50
Open for 103 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549dbbfbbaad174b29b7659ed88d995700cbf90b0a6

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Scan/JobStatus
GET /api/ScanAsync
GET /health
POST /api/Classify
POST /api/Classify/Existing
POST /api/Classify/url
POST /api/Scan
POST /api/Scan/Existing
POST /api/Scan/url
POST /api/ScanAsync/Cancel
POST /api/ScanAsync/Existing
POST /api/ScanAsync/url
POST /api/Token

Found on 2026-02-01 19:50

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43849c35327055d3bbdf26c63ec725fd95bb191b25

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /quickreply/delete/{id}
DELETE /whitelist/{whitelistId}/{email}
GET /conversations/count/{memberId}
GET /conversations/message/{conversationId}/{messageId}
GET /conversations/messages/count/conversation/{conversationId}
GET /conversations/messages/count/member/{memberId}
GET /conversations/messages/count/storefront/{storefrontId}
GET /conversations/messages/threadPosition/{messageId}
GET /conversations/messages/{conversationId}
GET /conversations/ubx
GET /conversations/{memberId}
GET /healthy
GET /quickreply/read/{identityId}
GET /whitelist/displayId/{displayId}
GET /whitelist/storefrontId/{storefrontId}
POST /conversations/associateParticipant
POST /conversations/block-conversations/{reasonCode}
POST /conversations/message
POST /conversations/message/read/{memberId}
POST /conversations/notInterested
POST /conversations/scheduleFollowUp
POST /conversations/tags
POST /conversations/unblock-conversations/{reasonCode}
POST /quickreply/create
POST /sign/s3/get-object
POST /sign/s3/put-object
POST /whitelist
PUT /conversations/message/read/conversation/{conversationId}/{memberId}
PUT /conversations/message/read/{messageId}/{memberId}
PUT /conversations/report-abuse/{conversationId}/{memberId}
PUT /conversations/tag/{conversationId}/{memberId}/{tag}
PUT /quickreply/update

Found on 2025-12-24 23:11

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43849c35327055d3bbdf26c63ec725fd95ccbf89f1

Public Swagger UI/API detected at path: /swagger.json - sample paths:
DELETE /quickreply/delete/{id}
DELETE /whitelist/{whitelistId}/{email}
GET /conversations/count/{memberId}
GET /conversations/message/{conversationId}/{messageId}
GET /conversations/messages/count/conversation/{conversationId}
GET /conversations/messages/count/member/{memberId}
GET /conversations/messages/count/storefront/{storefrontId}
GET /conversations/messages/threadPosition/{messageId}
GET /conversations/messages/{conversationId}
GET /conversations/ubx
GET /conversations/{memberId}
GET /healthy
GET /quickreply/read/{identityId}
GET /whitelist/displayId/{displayId}
GET /whitelist/storefrontId/{storefrontId}
POST /conversations/associateParticipant
POST /conversations/message
POST /conversations/message/read/{memberId}
POST /conversations/notInterested
POST /conversations/scheduleFollowUp
POST /conversations/tags
POST /conversations/unblock-conversations/{reasonCode}
POST /quickreply/create
POST /sign/s3/get-object
POST /sign/s3/put-object
POST /whitelist
PUT /conversations/message/read/conversation/{conversationId}/{memberId}
PUT /conversations/message/read/{messageId}/{memberId}
PUT /conversations/report-abuse/{conversationId}/{memberId}
PUT /conversations/tag/{conversationId}/{memberId}/{tag}
PUT /quickreply/update

Found on 2025-10-21 06:25

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.6.209.157
Domain: prod-pm-api.localsolutions.theknot.com
Port: 443
URL: https://prod-pm-api.localsolutions.theknot.com

First seen 2025-12-21 10:21
Last seen 2025-12-26 09:07
Open for 4 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff438a1de8f975e5879095766c0e88e4294ebc378b2e
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /healthy
GET /sheets
GET /storefronts
GET /storefronts/{storefrontId}
GET /storefronts/{storefrontId}/attachment
GET /storefronts/{storefrontId}/sheets/completion
```
  Found on 2025-12-26 09:07
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.6.209.157
Domain: prod-stats-api.localsolutions.theknot.com
Port: 443
URL: https://prod-stats-api.localsolutions.theknot.com

First seen 2025-12-21 10:25
Last seen 2025-12-25 06:00
Open for 3 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff438a1de8f9ba5d2b59598ccf1697f7130efc8ebfc5
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /healthy
GET /storefronts/{id}/engagement/actions-by-type/csv
GET /storefronts/{id}/engagement/actions/csv
GET /storefronts/{id}/engagement/leads-by-type/csv
GET /storefronts/{id}/stats
GET /storefronts/{id}/views/conversion/csv
GET /storefronts/{id}/views/unique-visitors/csv
GET /storefronts/{storefrontId}/conversions
GET /storefronts/{storefrontId}/users/{userId}/activities/count
GET /storefronts/{storefrontId}/visitor-activities
GET /storefronts/{storefrontId}/visitor-activities/csv
GET /summaries/sum
GET /v2/storefronts/activities
GET /v2/storefronts/leads
GET /v2/storefronts/leads/prefetch
GET /v2/storefronts/stats
```
  Found on 2025-12-25 06:00
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.6.209.157
Domain: food-safety-api.thebump.com
Port: 443
URL: https://food-safety-api.thebump.com

First seen 2025-12-21 10:07
Last seen 2025-12-25 06:00
Open for 3 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43d36a7d0803bedcd903bedcd903bedcd903bedcd9
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /api/foods
GET /health
```
  Found on 2025-12-25 06:00
Create report
GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 52.6.209.157
Domain: prod.budget-advisor-api.growth.theknot.com
Port: 443
URL: https://prod.budget-advisor-api.growth.theknot.com

First seen 2025-12-20 08:43
Last seen 2025-12-24 12:32
Open for 4 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db1a0bbaa3f6ab558d06ee9baff2067949ee02c759de8decc5
```
GraphQL introspection enabled at /graphql
Types: 27 (by kind: ENUM: 2, INPUT_OBJECT: 3, OBJECT: 17, SCALAR: 5)
Operations:
- Query: Query | fields: budgeterData, budgeterNationalAvg, budgetsByUserAndCategories, categoriesByMarketCode, categoriesForMap
- Mutation: Mutation | fields: save, upsertGoalBudget
Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
```
  Found on 2025-12-24 12:32
  
  38.7 kBytes
Create report

Open service 52.6.209.157:443 · prod-stats-api.localsolutions.theknot.com

2026-01-23 07:01

HTTP/1.1 503 Service Temporarily Unavailable
Server: awselb/2.0
Date: Fri, 23 Jan 2026 07:01:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

Page title: 503 Service Temporarily Unavailable

<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body>
<center><h1>503 Service Temporarily Unavailable</h1></center>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Host 52.6.209.157

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

GraphQL introspection is enabled.

*.nimhda.org*.dev.nimhda.org*.cloud.nimhda.org*.revengers.nimhda.org*.stage.nimhda.org*.ateam.nimhda.org

food-safety-api.thebump.com

prod-stats-api.localsolutions.theknot.com

prod-convo-api.localsolutions.theknot.com

viewmodel-api.planningtools.theknot.com

prod.budget-advisor-api.growth.theknot.com

prod-pm-api.localsolutions.theknot.com

unified-couple-profile-api.eng.theknotww.com

Domain summary

.nimhda.org.dev.nimhda.org.cloud.nimhda.org.revengers.nimhda.org.stage.nimhda.org.ateam.nimhda.org