Domain core.dev.analogio.dk
The Netherlands
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-20 08:06
Last seen 2026-02-01 22:19
Open for 43 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492280f62c381e2eb1a8f95be0ec48471b5680ec15Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/Account GET /api/v1/AppConfig GET /api/v1/CoffeeCards GET /api/v1/Leaderboard GET /api/v1/Ping GET /api/v1/Products GET /api/v1/Products/app GET /api/v1/Programmes GET /api/v1/Purchases GET /api/v1/Tickets POST /api/v1/Account/forgotpassword POST /api/v1/Account/login POST /api/v1/Account/register POST /api/v1/MobilePay/complete POST /api/v1/MobilePay/initiate POST /api/v1/Purchases/issueproduct POST /api/v1/Purchases/redeemvoucher POST /api/v1/Tickets/use POST /api/v1/Tickets/useMultiple
Found on 2026-02-01 22:19 -
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-09 09:38
-
-
Open service 20.105.224.34:443 ยท core.dev.analogio.dk
2026-01-23 09:24
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 09:25:04 GMT Server: Kestrel Set-Cookie: ARRAffinity=b4cb01b492d8562a319989ea105d222aa9e012cc2de3db3ccf1cd0fea06e35dc;Path=/;HttpOnly;Secure;Domain=core.dev.analogio.dk Set-Cookie: ARRAffinitySameSite=b4cb01b492d8562a319989ea105d222aa9e012cc2de3db3ccf1cd0fea06e35dc;Path=/;HttpOnly;SameSite=None;Secure;Domain=core.dev.analogio.dk Transfer-Encoding: chunked Page title: Cafe Analog - Result of request <!DOCTYPE html> <html lang="en"> <head> <title>Cafe Analog - Result of request</title> <link rel="stylesheet" href="/css/site.css" /> </head> <body> <div class="box"> <div class="row header"> <img id="logo" src="/images/AnalogLogo.svg" alt="Analog logo" /> </div> <div class="row content"> <div class="wrapper"> <div id="results"> <h1>Something went wrong</h1> <p>This is not the web page you are looking for</p> </div> </div> </div> <div class="row footer"> <p> <strong>Cafe Analog</strong><br/> Rued Langgaards Vej 7, 2300 Copenhagen S / CVR: 34657343<br/> <a href="mailto:support@analogio.dk">support@analogio.dk</a> / <a href="https://www.cafeanalog.dk">www.cafeanalog.dk</a> </p> </div> </div> <script src="https://code.jquery.com/jquery-3.5.0.min.js" runat="server"></script> <script src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.19.1/jquery.validate.min.js"></script> <script src="https://ajax.aspnetcdn.com/ajax/mvc/5.2.3/jquery.validate.unobtrusive.min.js"></script> </body> </html>Found 2026-01-23 by HttpPluginCreate report