Domain axiomforecasting-api-dev.icelanddev.net
Germany
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 23.50.131.160
Domain: axiomforecasting-api-dev.icelanddev.net
Port: 443
URL: https://axiomforecasting-api-dev.icelanddev.netFirst seen 2025-11-15 00:09
Last seen 2026-01-22 11:53
Open for 68 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d6019d33033339d9322a4be17d5cb9d359b02d22306Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: GET /api/forecast/isProductForecastedCheck/plu/{plu}/fromDate/{fromDate} POST /jobs/alertemails POST /jobs/autoApplyChannelSplits POST /jobs/checkForHangfireFailures POST /jobs/deleteHistoricalDraftForecastUpdate POST /jobs/lockCycles POST /jobs/makeHistoric POST /jobs/seedforecasts POST /jobs/seedproductgroupcycles POST /support/orchestrateOffInvoicePromotionalCostPrices POST /support/recalculateForecastsForProduct POST /support/refreshEarliestEffectiveDatesForForecastUpdatesFound on 2026-01-22 11:53
-
-
Open service 23.50.131.160:443 · axiomforecasting-api-dev.icelanddev.net
2026-01-22 11:53
HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Microsoft-IIS/10.0 Location: index.html Request-Context: appId=cid-v1:fe1ca153-f239-4088-86e7-9da2cb23f380 X-Powered-By: ASP.NET Date: Thu, 22 Jan 2026 11:53:45 GMT Connection: close Feature-Policy: accelerometer 'self'; camera 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'self' Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Access-Control-Allow-Origin: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Content-Security-Policy: upgrade-insecure-requests
Found 2026-01-22 by HttpPluginCreate report
-
Open service 23.50.131.160:443 · axiomforecasting-api-dev.icelanddev.net
2026-01-10 00:58
HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Microsoft-IIS/10.0 Location: index.html Request-Context: appId=cid-v1:fe1ca153-f239-4088-86e7-9da2cb23f380 X-Powered-By: ASP.NET Date: Sat, 10 Jan 2026 00:58:44 GMT Connection: close Feature-Policy: accelerometer 'self'; camera 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'self' Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Access-Control-Allow-Origin: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Content-Security-Policy: upgrade-insecure-requests
Found 2026-01-10 by HttpPluginCreate report
-
Open service 23.50.131.160:443 · axiomforecasting-api-dev.icelanddev.net
2026-01-02 19:22
HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Microsoft-IIS/10.0 Location: index.html Request-Context: appId=cid-v1:fe1ca153-f239-4088-86e7-9da2cb23f380 X-Powered-By: ASP.NET Date: Fri, 02 Jan 2026 19:22:15 GMT Connection: close Feature-Policy: accelerometer 'self'; camera 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'self' Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Access-Control-Allow-Origin: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Content-Security-Policy: upgrade-insecure-requests
Found 2026-01-02 by HttpPluginCreate report
-
Open service 23.50.131.160:443 · axiomforecasting-api-dev.icelanddev.net
2025-12-22 21:08
HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Microsoft-IIS/10.0 Location: index.html Request-Context: appId=cid-v1:fe1ca153-f239-4088-86e7-9da2cb23f380 X-Powered-By: ASP.NET Date: Mon, 22 Dec 2025 21:08:14 GMT Connection: close Feature-Policy: accelerometer 'self'; camera 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'self' Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Access-Control-Allow-Origin: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Content-Security-Policy: upgrade-insecure-requests
Found 2025-12-22 by HttpPluginCreate report
-
Open service 23.50.131.160:443 · axiomforecasting-api-dev.icelanddev.net
2025-12-20 21:48
HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Microsoft-IIS/10.0 Location: index.html Request-Context: appId=cid-v1:fe1ca153-f239-4088-86e7-9da2cb23f380 X-Powered-By: ASP.NET Date: Sat, 20 Dec 2025 21:48:03 GMT Connection: close Feature-Policy: accelerometer 'self'; camera 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'self' Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Access-Control-Allow-Origin: SAMEORIGIN Strict-Transport-Security: max-age=31536000 Content-Security-Policy: upgrade-insecure-requests
Found 2025-12-20 by HttpPluginCreate report