Domain origo.mobit.no
The Netherlands
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-06 08:53
Last seen 2026-01-23 05:21
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-23 05:21
-
-
Open service 52.232.19.237:443 ยท origo.mobit.no
2026-01-23 05:21
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 05:21:42 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=71659a59bc7ec5e68f754ab1110af7204cc0a6ca9121108e19aeec14032c3bc4;Path=/;HttpOnly;Secure;Domain=origo.mobit.no Set-Cookie: ARRAffinitySameSite=71659a59bc7ec5e68f754ab1110af7204cc0a6ca9121108e19aeec14032c3bc4;Path=/;HttpOnly;SameSite=None;Secure;Domain=origo.mobit.no Transfer-Encoding: chunked Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:db779090-594a-43b9-8412-5f4c73e3f17f X-Powered-By: ASP.NET Page title: Origo Business Cloud <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=UTF-8"> <meta name="viewport" content="width=device-width, viewport-fit=cover ,initial-scale=1, shrink-to-fit=no"> <title>Origo Business Cloud</title> <base href="/" /> <link rel="shortcut icon" type="image/x-icon" href="/img/Origo-Favicon.png"> <link rel="icon" type="image/png" sizes="32x32" href="/img/Origo-Favicon.png"> <link rel="icon" type="image/png" sizes="16x16" href="/img/Origo-Favicon1.png"> <link rel="manifest" href="/manifest.json"> <link rel="mask-icon" href="/img/safari-pinned-tab.svg" color="#5bbad5"> <meta name="theme-color" content="#ffffff"> <link href="https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i" rel="stylesheet"> <link href="https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-sign-in.min.css" type="text/css" rel="stylesheet"> <link href="https://ok1static.oktacdn.com/assets/js/sdk/okta-signin-widget/2.7.0/css/okta-theme.css" type="text/css" rel="stylesheet"> <script src="https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.3.5/bluebird.min.js"></script> <script type="text/javascript"> var appInsights = window.appInsights || function(a) { function b(a) { c[a] = function() { var b = arguments; c.queue.push(function() { c[a].apply(c, b) }) } } var c = { config: a }, d = document, e = window; setTimeout(function() { var b = d.createElement("script"); b.src = a.url || "https://az416426.vo.msecnd.net/scripts/a/ai.0.js", d.getElementsByTagName("script")[0].parentNode.appendChild(b) }); try { c.cookie = d.cookie } catch (a) {} c.queue = []; for (var f = ["Event", "Exception", "Metric", "PageView", "Trace", "Dependency"]; f.length;) b("track" + f.pop()); if (b("setAuthenticatedUserContext"), b("clearAuthenticatedUserContext"), b("startTrackEvent"), b("stopTrackEvent"), b("startTrackPage"), b("stopTrackPage"), b("flush"), !a.disableExceptionTracking) { f = "onerror", b("_" + f); var g = e[f]; e[f] = function(a, b, d, e, h) { var i = g && g(a, b, d, e, h); return !0 !== i && c["_" + f](a, b, d, e, h), i } } return c }({ instrumentationKey: "d52044bc-e8a1-4a9a-8433-6a66ed6ad5e2" }); window.appInsights = appInsights, appInsights.queue && 0 === appInsights.queue.length && appInsights.trackPageView(); </script> <script type="text/javascript"> (function () { if (!window.location.origin) { window.location.origin = window.location.protocol + '//' + window.location.hostname + (window.location.port ? (':' + window.location.port) : ''); } window.authConfig = { providerUrl: "https://techstepportal.okta-emea.com/", issuer: "https://techstepportal.okta-emea.com/oauth2/default", authority: "https://techstepportal.okta-emea.com/oauth2/default", clientId: "0oa4fetdd1BkZ0PcW0i7", scopes: ['openid', 'email', 'profile', 'address', 'phone', "offline_access"], responseType: ['id_token', 'token', 'code'], redirectUri: window.location.origin }; })(); </script> <script type="text/javascript">window.AppVersion = '2.34.6-20250619.12'</script> <link rel="stylesheet" href="/dist/styles.css?v=QdN5AxOGu_8r1H-a2rNdT4PCk7y8Found 2026-01-23 by HttpPluginCreate report