LeakIX - Host dev-api.bitezar.com

Domain dev-api.bitezar.com

United States

GOOGLE

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 142.251.141.115
Domain: dev-api.bitezar.com
Port: 443
URL: https://dev-api.bitezar.com

First seen 2025-11-10 19:14
Last seen 2026-01-08 20:38
Open for 59 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549fcd56cd5747172c8843033635e743f617915f921

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v1/shoppingcart/emptycart/{userId}
DELETE /api/v1/shoppingcart/{userId}/{productId}/{cartId}
GET /
GET /api/v1/categories
GET /api/v1/categories/{id}
GET /api/v1/checkout/fail
GET /api/v1/checkout/success
GET /api/v1/checkout/webfail
GET /api/v1/checkout/websuccess
GET /api/v1/dashboard/angetfilteredproducts
GET /api/v1/dashboard/angetfilteredproductsminimal
GET /api/v1/dashboard/angetproductswithfilter
GET /api/v1/dashboard/getdashlowstocklist/{id}
GET /api/v1/dashboard/getdashorderstrend/{id}
GET /api/v1/dashboard/getdashpaymentsnapshot/{id}
GET /api/v1/dashboard/getdashsalestrend/{id}
GET /api/v1/dashboard/getdashsnapshotvendor/{id}
GET /api/v1/dashboard/getdashtopdemandproductlist/{id}
GET /api/v1/dashboard/getfeaturedproducts
GET /api/v1/dashboard/gethomepagefeaturedproducts
GET /api/v1/dashboard/gethotdealsbydistance
GET /api/v1/dashboard/getproductsbydistance
GET /api/v1/dashboard/getproductswithfilter
GET /api/v1/emailnotificationsettings/getbyuser/{id}
GET /api/v1/healthcheck
GET /api/v1/logout
GET /api/v1/orderitems/getbyorder/{id}
GET /api/v1/orders/all/getbysystemadmin
GET /api/v1/orders/all/getbyuser
GET /api/v1/orders/past/getbystore/{id}
GET /api/v1/orders/past/getbyuser
GET /api/v1/orders/past/getbyvendor/{id}
GET /api/v1/orders/past/getbyvendoruser/{id}
GET /api/v1/orders/pending/getbystore/{id}
GET /api/v1/orders/pending/getbyuser
GET /api/v1/orders/pending/getbyvendor/{id}
GET /api/v1/orders/pending/getbyvendoruser/{id}
GET /api/v1/orders/{id}
GET /api/v1/payment/verify
GET /api/v1/payment/{orderId}/receipt
GET /api/v1/products/getbystore/{id}
GET /api/v1/products/getfilteredby
GET /api/v1/products/{id}
GET /api/v1/savings/{id}
GET /api/v1/shoppingcart/getbyuser/{id}
GET /api/v1/stores/getbyadmin
GET /api/v1/stores/getbyvendor/{id}
GET /api/v1/stores/getminifiedbyadmin
GET /api/v1/stores/getminifiedbyvendor/{id}
GET /api/v1/stores/{id}
GET /api/v1/stores/{id}/storehours
GET /api/v1/termsofservice/{userId}
GET /api/v1/users/all/getbysystemadmin
GET /api/v1/users/checkemailverify
GET /api/v1/users/getbyvendor
GET /api/v1/users/getuserbyemail
GET /api/v1/users/getuserstoreaccess/{id}
GET /api/v1/users/getvendor/{id}
GET /api/v1/vendors/getbyadmin
GET /api/v1/vendors/{id}
GET /api/v1/version/apiversion
GET /api/v1/version/mobileappversion
GET /api/v1/wallet/balance/user/{id}
POST /api/v1/checkout/validate/{id}
POST /api/v1/checkout/{id}
POST /api/v1/contactus
POST /api/v1/orders/cancel/{id}
POST /api/v1/orders/complete/{id}
POST /api/v1/orders/ready/{id}
POST /api/v1/payment/refund/{id}
POST /api/v1/payment/webhook
POST /api/v1/products
POST /api/v1/products/autofill
POST /api/v1/products/bulkupdateexpiration
POST /api/v1/roles/getorcreate
POST /api/v1/shoppingcart
POST /api/v1/shoppingcart/replacecart
POST /api/v1/shoppingcart/upsertcartitem
POST /api/v1/stores
POST /api/v1/userdemographicprofile
POST /api/v1/userinterest
POST /api/v1/vendors
POST /api/v1/waitinglist
POST /api/v1/waitinglist/subscribe
POST /api/v1/wallet/activate/user/{id}
POST /api/v1/wallet/addcredit/user/{id}
POST /api/v1/wallet/deductcredit/user/{id}
PUT /api/v1/emailnotificationsettings/{id}
PUT /api/v1/stores/markstore/{id}
PUT /api/v1/termsofservice/partnerterms/{id}
PUT /api/v1/users/markuserdeleted/{id}
PUT /api/v1/users/updatepassword/{id}
PUT /api/v1/users/updateuseraccessrole/{id}
PUT /api/v1/users/updateuserrole
PUT /api/v1/users/updateuserstatus/{id}

Found on 2026-01-08 20:38

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549fcd56cd5747172c8843033635e743f618e43bb91

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v1/shoppingcart/emptycart/{userId}
DELETE /api/v1/shoppingcart/{userId}/{productId}/{cartId}
GET /
GET /api/v1/categories
GET /api/v1/categories/{id}
GET /api/v1/checkout/fail
GET /api/v1/checkout/success
GET /api/v1/checkout/webfail
GET /api/v1/checkout/websuccess
GET /api/v1/dashboard/angetfilteredproducts
GET /api/v1/dashboard/angetproductswithfilter
GET /api/v1/dashboard/getdashlowstocklist/{id}
GET /api/v1/dashboard/getdashorderstrend/{id}
GET /api/v1/dashboard/getdashpaymentsnapshot/{id}
GET /api/v1/dashboard/getdashsalestrend/{id}
GET /api/v1/dashboard/getdashsnapshotvendor/{id}
GET /api/v1/dashboard/getdashtopdemandproductlist/{id}
GET /api/v1/dashboard/getfeaturedproducts
GET /api/v1/dashboard/gethotdealsbydistance
GET /api/v1/dashboard/getproductsbydistance
GET /api/v1/dashboard/getproductswithfilter
GET /api/v1/emailnotificationsettings/getbyuser/{id}
GET /api/v1/healthcheck
GET /api/v1/logout
GET /api/v1/orderitems/getbyorder/{id}
GET /api/v1/orders/all/getbysystemadmin
GET /api/v1/orders/all/getbyuser
GET /api/v1/orders/past/getbystore/{id}
GET /api/v1/orders/past/getbyuser
GET /api/v1/orders/past/getbyvendor/{id}
GET /api/v1/orders/past/getbyvendoruser/{id}
GET /api/v1/orders/pending/getbystore/{id}
GET /api/v1/orders/pending/getbyuser
GET /api/v1/orders/pending/getbyvendor/{id}
GET /api/v1/orders/pending/getbyvendoruser/{id}
GET /api/v1/orders/{id}
GET /api/v1/payment/verify
GET /api/v1/payment/{orderId}/receipt
GET /api/v1/products/getbystore/{id}
GET /api/v1/products/getfilteredby
GET /api/v1/products/{id}
GET /api/v1/savings/{id}
GET /api/v1/shoppingcart/getbyuser/{id}
GET /api/v1/stores/getbyadmin
GET /api/v1/stores/getbyvendor/{id}
GET /api/v1/stores/getminifiedbyadmin
GET /api/v1/stores/getminifiedbyvendor/{id}
GET /api/v1/stores/{id}
GET /api/v1/stores/{id}/storehours
GET /api/v1/termsofservice/{userId}
GET /api/v1/users/all/getbysystemadmin
GET /api/v1/users/checkemailverify
GET /api/v1/users/getbyvendor
GET /api/v1/users/getuserbyemail
GET /api/v1/users/getuserstoreaccess/{id}
GET /api/v1/users/getvendor/{id}
GET /api/v1/vendors/getbyadmin
GET /api/v1/vendors/{id}
GET /api/v1/version/apiversion
GET /api/v1/version/mobileappversion
GET /api/v1/wallet/balance/user/{id}
POST /api/v1/checkout/validate/{id}
POST /api/v1/checkout/{id}
POST /api/v1/contactus
POST /api/v1/orders/cancel/{id}
POST /api/v1/orders/complete/{id}
POST /api/v1/orders/ready/{id}
POST /api/v1/payment/refund/{id}
POST /api/v1/payment/webhook
POST /api/v1/products
POST /api/v1/products/autofill
POST /api/v1/roles/getorcreate
POST /api/v1/shoppingcart
POST /api/v1/shoppingcart/replacecart
POST /api/v1/shoppingcart/upsertcartitem
POST /api/v1/stores
POST /api/v1/userdemographicprofile
POST /api/v1/userinterest
POST /api/v1/vendors
POST /api/v1/waitinglist
POST /api/v1/waitinglist/subscribe
POST /api/v1/wallet/activate/user/{id}
POST /api/v1/wallet/addcredit/user/{id}
POST /api/v1/wallet/deductcredit/user/{id}
PUT /api/v1/emailnotificationsettings/{id}
PUT /api/v1/stores/markstore/{id}
PUT /api/v1/termsofservice/partnerterms/{id}
PUT /api/v1/users/markuserdeleted/{id}
PUT /api/v1/users/updatepassword/{id}
PUT /api/v1/users/updateuseraccessrole/{id}
PUT /api/v1/users/updateuserrole
PUT /api/v1/users/updateuserstatus/{id}

Found on 2025-12-08 05:48

Create report

Open service 142.251.141.115:443 · dev-api.bitezar.com

2026-01-08 20:38

HTTP/1.1 200 OK
content-type: text/plain; charset=utf-8
date: Thu, 08 Jan 2026 20:38:25 GMT
server: Google Frontend
Transfer-Encoding: chunked
Connection: close


Hello World!

Found 2026-01-08 by HttpPlugin

Create report

Open service 142.251.141.115:80 · dev-api.bitezar.com

2026-01-03 04:35

HTTP/1.1 302 Found
location: https://dev-api.bitezar.com/
x-cloud-trace-context: c8401db7ed52dfc1237a039a89c22004
date: Sat, 03 Jan 2026 04:35:03 GMT
content-type: text/html
server: Google Frontend
Content-Length: 0
Connection: close

Found 2026-01-03 by HttpPlugin

Create report

Open service 2a00:1450:4001:807::2013:80 · dev-api.bitezar.com

2026-01-03 04:35

HTTP/1.1 302 Found
location: https://dev-api.bitezar.com/
x-cloud-trace-context: d858cc96cf4a823b40f4f2a4ba19e603
date: Sat, 03 Jan 2026 04:35:05 GMT
content-type: text/html
server: Google Frontend
Content-Length: 0
Connection: close

Found 2026-01-03 by HttpPlugin

Create report

Open service 2a00:1450:4001:807::2013:443 · dev-api.bitezar.com

2026-01-03 04:35

HTTP/1.1 200 OK
content-type: text/plain; charset=utf-8
date: Sat, 03 Jan 2026 04:35:04 GMT
server: Google Frontend
Transfer-Encoding: chunked
Connection: close


Hello World!

Found 2026-01-03 by HttpPlugin

Create report

Open service 142.251.141.115:443 · dev-api.bitezar.com

2026-01-03 04:35

HTTP/1.1 200 OK
content-type: text/plain; charset=utf-8
date: Sat, 03 Jan 2026 04:35:04 GMT
server: Google Frontend
Transfer-Encoding: chunked
Connection: close


Hello World!

Found 2026-01-03 by HttpPlugin

Create report

dev-api.bitezar.com

Fingerprint:

32b29b414ee7e144763e02afcaa93b387218b583ec16a113b203334d737bb70a

CN:

dev-api.bitezar.com

Key:

RSA-2048

Issuer:

WR3

Not before:

2026-01-03 03:34

Not after:

2026-04-03 04:23

dev-api.bitezar.com

Fingerprint:

0c69bff3dd9fdb263459529a99095fee2a44db03fcf375760ce99418234deca8

CN:

dev-api.bitezar.com

Key:

RSA-2048

Issuer:

WR3

Not before:

2025-11-10 18:13

Not after:

2026-02-08 19:00

Domain summary

dev-api.bitezar.com 6

1 recorded

IP summary

142.251.141.115 2 2a00:1450:4001:807::2013 1 142.250.186.83 1

3 recorded