Domain client-api.vitaminw.no
The Netherlands
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-05 11:52
Last seen 2026-02-02 06:19
Open for 27 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-02 06:19 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b83a8a274905db4e718327451a1506b157e8dca0Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /cache DELETE /identity/delete-me DELETE /user/{userId}/external-login/{providerName} GET /cache/keys GET /cache/{key} GET /cache/{key}/{departmentId} GET /calendarevent GET /calendarevent/attendees/{eventId} GET /calendarevent/menuPath GET /calendarevent/singleEvent GET /claim GET /claim/{id} GET /client GET /comment GET /comment/count GET /comment/{id} GET /department/client/{id} GET /department/{id} GET /globalization GET /globalization/resourcegroup/{resourceGroupId} GET /like GET /like/count GET /like/existsForUser/{entityId} GET /menu GET /menu/{id} GET /menuitem GET /order GET /order/{id} GET /page GET /page/connectedEntity/{id}/entityConnection/{entityConnectionId} GET /page/imageControls/{pageId} GET /page/template/{pageTemplateId} GET /page/{id} GET /pageStats/{id} GET /product GET /product/{id} GET /search GET /search/types GET /tag GET /user GET /user/external-login-provider/{provider}/{externalId} GET /user/{id} POST /calendarevent/{eventId}/attend/{entityConnectionId} POST /calendarevent/{eventId}/isJoining/{entityConnectionId} POST /calendarevent/{eventId}/unattend/{entityConnectionId} POST /claim/entity/{id} POST /entity POST /form POST /identity/accessToken POST /identity/token POST /identity/userinfo POST /pageStats POST /transactionLog POST /user/{userId}/external-login PUT /user/password PUT /user/password/recover PUT /user/password/recover/initiateFound on 2026-01-23 00:05
-
-
Open service 104.45.14.249:443 · client-api.vitaminw.no
2026-01-23 00:05
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 00:06:06 GMT Server: Kestrel Set-Cookie: ARRAffinity=eef456913f004f9c7d31d4db52a01a1693a762ac63b1caa1c5ca4377e1487c55;Path=/;HttpOnly;Secure;Domain=client-api.vitaminw.no Set-Cookie: ARRAffinitySameSite=eef456913f004f9c7d31d4db52a01a1693a762ac63b1caa1c5ca4377e1487c55;Path=/;HttpOnly;SameSite=None;Secure;Domain=client-api.vitaminw.no Request-Context: appId=cid-v1:2408c4d3-ccca-4038-a4ad-5f2e213fe1ae X-Powered-By: ASP.NET
Found 2026-01-23 by HttpPluginCreate report
-
Open service 104.45.14.249:443 · client-api.vitaminw.no
2026-01-09 11:00
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 09 Jan 2026 11:01:10 GMT Server: Kestrel Set-Cookie: ARRAffinity=eef456913f004f9c7d31d4db52a01a1693a762ac63b1caa1c5ca4377e1487c55;Path=/;HttpOnly;Secure;Domain=client-api.vitaminw.no Set-Cookie: ARRAffinitySameSite=eef456913f004f9c7d31d4db52a01a1693a762ac63b1caa1c5ca4377e1487c55;Path=/;HttpOnly;SameSite=None;Secure;Domain=client-api.vitaminw.no Request-Context: appId=cid-v1:2408c4d3-ccca-4038-a4ad-5f2e213fe1ae X-Powered-By: ASP.NET
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.45.14.249:443 · client-api.vitaminw.no
2026-01-05 11:52
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Mon, 05 Jan 2026 11:52:42 GMT Server: Kestrel Set-Cookie: ARRAffinity=eef456913f004f9c7d31d4db52a01a1693a762ac63b1caa1c5ca4377e1487c55;Path=/;HttpOnly;Secure;Domain=client-api.vitaminw.no Set-Cookie: ARRAffinitySameSite=eef456913f004f9c7d31d4db52a01a1693a762ac63b1caa1c5ca4377e1487c55;Path=/;HttpOnly;SameSite=None;Secure;Domain=client-api.vitaminw.no Request-Context: appId=cid-v1:2408c4d3-ccca-4038-a4ad-5f2e213fe1ae X-Powered-By: ASP.NET
Found 2026-01-05 by HttpPluginCreate report
-
Open service 104.45.14.249:80 · client-api.vitaminw.no
2026-01-05 11:52
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 05 Jan 2026 11:52:41 GMT Location: https://client-api.vitaminw.no/
Found 2026-01-05 by HttpPluginCreate report