Domain api.flavourflex.de
United States
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-14 00:50
Last seen 2026-01-09 09:53
Open for 87 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff4338c2a57940a1e4a35092f4baf078555ffdd65dc0Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /api/food GET /api/food/{id} GET /api/info/health GET /api/info/routes GET /api/nutrition GET /api/nutrition/{id} GET /api/studyanalyses GET /api/studyanalyses/cache/debug GET /api/studyanalyses/slug/{slug} GET /api/studyanalyses/{id} GET /api/valuefilter/nutrition POST /api/studyanalyses/cache/invalidateFound on 2026-01-09 09:53
-
-
Open service 216.198.79.1:443 · api.flavourflex.de
2026-01-09 09:53
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0 Content-Length: 1197 Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 09:53:30 GMT Etag: W/"4ad-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: sfo1::iad1::8rxlf-1767952410382-425bc855dba8 Connection: close Page title: FlavourFlex API Dokumentation <!DOCTYPE html> <html lang="de"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FlavourFlex API Dokumentation</title> <link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui.css"> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-standalone-preset.js"></script> <style> body { background-color: #f5f5f5; } </style> </head> <body> <div id="swagger-ui"></div> <script> window.onload = function() { const ui = SwaggerUIBundle({ url: "/swagger.json", dom_id: '#swagger-ui', deepLinking: true, presets: [ SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset ], plugins: [ SwaggerUIBundle.plugins.DownloadUrl ], layout: "StandaloneLayout" }); window.ui = ui; }; </script> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.flavourflex.de
2026-01-02 10:52
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0 Content-Length: 1197 Content-Type: text/html; charset=utf-8 Date: Fri, 02 Jan 2026 10:52:44 GMT Etag: W/"4ad-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::n6t9n-1767351163657-f91ea6912108 Connection: close Page title: FlavourFlex API Dokumentation <!DOCTYPE html> <html lang="de"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FlavourFlex API Dokumentation</title> <link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui.css"> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-standalone-preset.js"></script> <style> body { background-color: #f5f5f5; } </style> </head> <body> <div id="swagger-ui"></div> <script> window.onload = function() { const ui = SwaggerUIBundle({ url: "/swagger.json", dom_id: '#swagger-ui', deepLinking: true, presets: [ SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset ], plugins: [ SwaggerUIBundle.plugins.DownloadUrl ], layout: "StandaloneLayout" }); window.ui = ui; }; </script> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.flavourflex.de
2025-12-26 13:28
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0 Content-Length: 1197 Content-Type: text/html; charset=utf-8 Date: Fri, 26 Dec 2025 13:28:10 GMT Etag: W/"4ad-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::dg9x4-1766755688914-7ba18bdbdb51 Connection: close Page title: FlavourFlex API Dokumentation <!DOCTYPE html> <html lang="de"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FlavourFlex API Dokumentation</title> <link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui.css"> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-standalone-preset.js"></script> <style> body { background-color: #f5f5f5; } </style> </head> <body> <div id="swagger-ui"></div> <script> window.onload = function() { const ui = SwaggerUIBundle({ url: "/swagger.json", dom_id: '#swagger-ui', deepLinking: true, presets: [ SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset ], plugins: [ SwaggerUIBundle.plugins.DownloadUrl ], layout: "StandaloneLayout" }); window.ui = ui; }; </script> </body> </html>Found 2025-12-26 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.flavourflex.de
2025-12-22 15:49
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0 Content-Length: 1197 Content-Type: text/html; charset=utf-8 Date: Mon, 22 Dec 2025 15:49:39 GMT Etag: W/"4ad-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::2l9td-1766418578057-3aebe0504d58 Connection: close Page title: FlavourFlex API Dokumentation <!DOCTYPE html> <html lang="de"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FlavourFlex API Dokumentation</title> <link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui.css"> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-standalone-preset.js"></script> <style> body { background-color: #f5f5f5; } </style> </head> <body> <div id="swagger-ui"></div> <script> window.onload = function() { const ui = SwaggerUIBundle({ url: "/swagger.json", dom_id: '#swagger-ui', deepLinking: true, presets: [ SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset ], plugins: [ SwaggerUIBundle.plugins.DownloadUrl ], layout: "StandaloneLayout" }); window.ui = ui; }; </script> </body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.flavourflex.de
2025-12-20 15:38
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0 Content-Length: 1197 Content-Type: text/html; charset=utf-8 Date: Sat, 20 Dec 2025 15:38:57 GMT Etag: W/"4ad-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::wxcfk-1766245135957-f6b28ec7ed6d Connection: close Page title: FlavourFlex API Dokumentation <!DOCTYPE html> <html lang="de"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FlavourFlex API Dokumentation</title> <link rel="stylesheet" type="text/css" href="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui.css"> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist@5.9.0/swagger-ui-standalone-preset.js"></script> <style> body { background-color: #f5f5f5; } </style> </head> <body> <div id="swagger-ui"></div> <script> window.onload = function() { const ui = SwaggerUIBundle({ url: "/swagger.json", dom_id: '#swagger-ui', deepLinking: true, presets: [ SwaggerUIBundle.presets.apis, SwaggerUIStandalonePreset ], plugins: [ SwaggerUIBundle.plugins.DownloadUrl ], layout: "StandaloneLayout" }); window.ui = ui; }; </script> </body> </html>Found 2025-12-20 by HttpPluginCreate report