Domain api.grantid.com
Brazil
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-28 02:03
Last seen 2026-02-02 08:10
Open for 36 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354939891ad7f0588ce464980688b5c55c01dfeb065dPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /Api/Ext/ApiConnections/{connectionId} DELETE /Api/Ext/Users/{userId}/Tokens/{key} GET /Api/Events/EventByCity GET /Api/Events/EventByCountry GET /Api/Events/FactorsByDay GET /Api/Events/LastFactors GET /Api/Events/LastLogins GET /Api/Events/LastRegistrations GET /Api/Events/LoginsByDay GET /Api/Events/MonthlyStats GET /Api/Events/RegistrationsByDay GET /Api/Events/TopLogins GET /Api/Events/TotalFactors GET /Api/Ext/ApiConnections GET /Api/Ext/Applications GET /Api/Ext/Applications/Users GET /Api/Ext/Applications/Validate/{appId} GET /Api/Ext/Applications/{id} GET /Api/Ext/Applications/{id}/Settings GET /Api/Ext/Claims GET /Api/Ext/Claims/Users GET /Api/Ext/IdentityScopes GET /Api/Ext/Users GET /Api/Ext/Users/Query GET /Api/Ext/Users/{userId} GET /Api/Ext/Users/{userId}/Claims GET /Api/Ext/Users/{userId}/Lockout GET /Api/Ext/Users/{userId}/Tokens GET /Api/v2/Ext/Users GET /Api/v2/Ext/Users/Query POST /Api/Ext/ApiConnections/{connectionId}/ApiScopes POST /Api/Ext/ApiConnections/{id}/ApiSecrets POST /Api/Ext/Applications/{id}/Secrets POST /Api/Ext/Users/Batch POST /Api/Ext/Users/{userId}/Email-Factor-Request POST /Api/Ext/Users/{userId}/Email-Factor-Verification POST /Api/Ext/Users/{userId}/Password POST /Api/Ext/Users/{userId}/ResetPassword POST /Api/Ext/Users/{userId}/ResetSecondPassword POST /Api/Ext/Users/{userId}/SecondPassword POST /Api/Ext/Users/{userId}/Set-Password-Email POST /Api/Ext/Users/{userId}/Set-Password-Url POST /Api/Ext/Users/{userId}/ValidateSecondPassword PUT /Api/Ext/ApiConnections/{connectionId}/ApiScopes/{scopeId} PUT /Api/Ext/ApiConnections/{id} PUT /Api/Ext/Claims/{claimId} PUT /Api/Ext/IdentityScopes/{id} PUT /Api/Ext/Users/Bulk-Lookup PUT /Api/Ext/Users/{userId}/Claims/{claimId} PUT /Api/Ext/Users/{userId}/Email PUT /Api/Ext/Users/{userId}/Name PUT /Api/Ext/Users/{userId}/Phone PUT /Api/Ext/Users/{userId}/UsernameFound on 2026-02-02 08:10
-
-
Open service 191.235.81.73:443 ยท api.grantid.com
2026-01-23 03:36
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Fri, 23 Jan 2026 03:36:59 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=27f88eb6313ea1ab4ba1660547c32c3d67c0dc5746bfe6ce6164aaada8a2023d;Path=/;HttpOnly;Secure;Domain=api.grantid.com Set-Cookie: ARRAffinitySameSite=27f88eb6313ea1ab4ba1660547c32c3d67c0dc5746bfe6ce6164aaada8a2023d;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.grantid.com Transfer-Encoding: chunked Request-Context: appId=cid-v1:b30d3a0b-a9d2-4a4d-837f-2651102785df X-Powered-By: ASP.NET 5.2.0
Found 2026-01-23 by HttpPluginCreate report