LeakIX - Host dc-contract.vcert.com.br

Domain dc-contract.vcert.com.br

The Netherlands

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.6.31
Domain: dc-contract.vcert.com.br
Port: 443
URL: https://dc-contract.vcert.com.br

First seen 2025-10-24 14:23
Last seen 2026-02-09 23:29
Open for 108 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-02-09 23:29
Create report

Open service 2.16.6.31:443 · dc-contract.vcert.com.br

2026-01-23 02:38

HTTP/1.1 404 Not Found
Content-Type: application/json
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Length: 89
Expires: Fri, 23 Jan 2026 02:38:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Jan 2026 02:38:17 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=195
Server-Timing: origin; dur=6
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1769135896829_34604886_1350388553_19983_4566_7_9_-";dur=1


{"timestamp":"2026-01-23T02:38:16.949+00:00","status":404,"error":"Not Found","path":"/"}

Found 2026-01-23 by HttpPlugin

Create report

validcertificadora.com.br1step2sign-dev.certinow.com.br1step2sign-hml.certinow.com.br1step2sign.certinow.com.brcredencial-dev.certinow.com.brcredencial-hml.certinow.com.brcredencial.certinow.com.brdashboard-dev.certinow.com.brdashboard-hml.certinow.com.brdashboard.certinow.com.brdc-autoservice.vcert.com.brdc-certificates-revoked-list-updater.vcert.com.brdc-contract-dev.vcert.com.brdc-contract-hml.vcert.com.brdc-contract.vcert.com.brdc-customer.vcert.com.brdc-eea-engine-dev.vcert.com.brdc-eea-engine-hml.vcert.com.brdc-eea-engine.vcert.com.brdc-eea-gateway-dev.vcert.com.brdc-eea-gateway-hml.vcert.com.brdc-eea-gateway.vcert.com.brdc-eea-lcr-dev.vcert.com.brdc-eea-management-dev.vcert.com.brdc-eea-management-hml.vcert.com.brdc-eea-management.vcert.com.brdc-file-dev.vcert.com.brdc-file-hml.vcert.com.brdc-file.vcert.com.brdc-identity-dev.vcert.com.brdc-identity-hml.vcert.com.brdc-identity.vcert.com.brdc-legal.vcert.com.brdc-monitor-link.vcert.com.brdc-order.vcert.com.brdc-request-dev.vcert.com.brdc-request-hml.vcert.com.brdc-request.vcert.com.brdc-schedule.vcert.com.brdc-verification-dev.vcert.com.brdc-verification-hml.vcert.com.brdc-verification.vcert.com.brdc-webhook-configuration-dev.vcert.com.brdc-webhook-configuration-hml.vcert.com.brdc-webhook-configuration.vcert.com.brdc-webhook-notifier-dev.vcert.com.brdc-webhook-notifier-hml.vcert.com.brdc-webhook-notifier.vcert.com.brdev-openid.certinow.com.brhml-openid.certinow.com.bridentidade-dev.certinow.com.bridentidade-hml.certinow.com.bridentidade.certinow.com.brlote.vcert.com.bropenid.certinow.com.brpainel.vpki.com.brplatform.vcert.com.brsign-cert-dtn.vcert.com.brvcert-agent-application-dev.vcert.com.brvcert-agent-application-hml.vcert.com.brvcert-agent-application.vcert.com.brvi-dev.certinow.com.brvi-hml.certinow.com.brvi.certinow.com.brvidaas-dev.certinow.com.brvidaas-hml.certinow.com.brvidaas.certinow.com.brvideoconferencia-dev.certinow.com.brvideoconferencia-hml.certinow.com.brvideoconferencia.certinow.com.brviva-dev.certinow.com.brviva-hml.certinow.com.brviva.certinow.com.br

Fingerprint:

5a6c94625143373173ace742f3cfd1de40ec13063c33c2c98a2920e700d945e8

CN:

validcertificadora.com.br

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2026-01-22 00:00

Not after:

2026-08-06 23:59

Domain summary

dc-contract.vcert.com.br 1

1 recorded

IP summary

2.16.6.31 2