Domain api.test.connectz.se
The Netherlands
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-03 14:49
Last seen 2026-01-16 15:22
Open for 13 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60351868683442bc593706d8a00b04e4a521330decPublic Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: DELETE /api/fortnox/RemoveTenant GET /Api/Auth/CurrentUser GET /Api/Companies GET /Api/Companies/{id} GET /Api/CurrentUser GET /Api/Localization/GetTranslations GET /Api/Roles GET /Api/Roles/{id} GET /Api/Users/{id}/RefreshTokens GET /api/Connection/GetUserConnections GET /api/MonitorConnection/GetMonitorProxyConnection GET /api/MonitorConnection/GetUserConnection GET /api/OpenEplatformConnection/GetOpenEplatformProxyConnection GET /api/OpenEplatformConnection/GetUserConnection GET /api/Public360Connection/GetUserConnection GET /api/Users GET /api/Users/GetPaginatedUsers GET /api/Users/{id} GET /api/fortnox/Connect/{application} GET /api/fortnox/ConnectAppZ GET /api/pdfz/register GET /api/pdfz/url POST /Api/Auth/Login POST /Api/Auth/ValidatePassword POST /Api/PasswordRecovery/RequestEmail POST /Api/PasswordRecovery/ResetPassword POST /Api/PasswordRecovery/ValidateToken POST /Api/RefreshToken POST /Api/RefreshToken/Delete POST /api/Connection/AddFortnoxToGoogleAnalyticsConnection POST /api/Connection/UpdateFortnoxToGoogleAnalyticsConnection POST /api/MonitorConnection/PostMonitorProxyConnection POST /api/MonitorConnection/SaveUserConnection POST /api/OpenEplatformConnection/SaveUserConnection POST /api/Public360Connection/PostPublic360ProxyConnection POST /api/Public360Connection/SaveUserConnection POST /api/fortnox-connect/GetToken POST /api/fortnox-connect/GetTokens POST /api/fortnox/AddTenant POST /api/fortnox/SocketMessage POST /api/pdfz/html PUT /api/Connection/GenerateFortnoxMessageToken PUT /api/Connection/UpdateFortnoxMessageEndpoint PUT /api/MonitorConnection/GenerateToken PUT /api/OpenEplatformConnection/GenerateToken PUT /api/Public360Connection/GenerateTokenFound on 2026-01-16 15:22
-
-
Open service 52.232.26.228:443 ยท api.test.connectz.se
2026-01-23 06:36
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 06:37:29 GMT Server: Microsoft-IIS/10.0 Location: index.html Set-Cookie: ARRAffinity=192150b48e1c94aa1b5d3a26372aafe8a63afb8aebabd95c2a9d513fb8825855;Path=/;HttpOnly;Secure;Domain=api.test.connectz.se Set-Cookie: ARRAffinitySameSite=192150b48e1c94aa1b5d3a26372aafe8a63afb8aebabd95c2a9d513fb8825855;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.test.connectz.se Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:60f3b83c-b397-432e-bc34-003b0dff73fd X-Powered-By: ASP.NET
Found 2026-01-23 by HttpPluginCreate report