LeakIX - Host orderapi.transfera.com

Domain orderapi.transfera.com

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.105.224.34
Domain: orderapi.transfera.com
Port: 443
URL: https://orderapi.transfera.com

First seen 2025-10-17 07:34
Last seen 2026-02-09 22:48
Open for 115 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549ec4ac8bdc6c826f08c1d2965802951366b17549a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/returnshipments/search
GET /api/returnshipments/{id}
GET /api/shipments/byexternalnumber
GET /api/shipments/downloadlabels
GET /api/shipments/downloadlabelsbase64
GET /api/shipments/downloadlmclabel
GET /api/shipments/search
GET /api/shipments/v2/shipmentevents
GET /api/shipments/{externalNumber}/shipmentevents
GET /api/shipments/{id}
POST /api/returnShipments
POST /api/shipments
POST /api/shipments/publish-labels

Found on 2026-02-09 22:48

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549ec4ac8bdc6c826f08c1d2965802951362382ea67

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/returnshipments/search
GET /api/returnshipments/{id}
GET /api/shipments/byexternalnumber
GET /api/shipments/downloadlabels
GET /api/shipments/downloadlabelsbase64
GET /api/shipments/downloadlmclabel
GET /api/shipments/search
GET /api/shipments/v2/shipmentevents
GET /api/shipments/{externalNumber}/shipmentevents
GET /api/shipments/{id}
POST /api/returnShipments
POST /api/shipments

Found on 2025-12-19 04:24

Create report

Open service 20.105.224.34:443 · orderapi.transfera.com

2026-01-23 13:32

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Fri, 23 Jan 2026 13:33:28 GMT
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:7ba8b6f7-40f1-47d3-b30b-f2bbc4cd8c64


Always On ;)

Found 2026-01-23 by HttpPlugin

Create report

Open service 20.105.224.34:443 · orderapi.transfera.com

2026-01-10 01:38

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Sat, 10 Jan 2026 01:39:15 GMT
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:7ba8b6f7-40f1-47d3-b30b-f2bbc4cd8c64


Always On ;)

Found 2026-01-10 by HttpPlugin

Create report

orderapi.transfera.com

Fingerprint:

7c2405cd6df4f0602211a4c631b6940e75d296bf2a3eaf07363e91f2931a1f4a

CN:

orderapi.transfera.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-10-17 00:00

Not after:

2026-04-14 23:59

Domain summary

orderapi.transfera.com 3

1 recorded

IP summary

20.105.224.34 2

1 recorded