LeakIX - Host test-frameworkapi.iteacake.com

Domain test-frameworkapi.iteacake.com

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Microsoft-IIS 10.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.105.224.45
Domain: test-frameworkapi.iteacake.com
Port: 443
URL: https://test-frameworkapi.iteacake.com

First seen 2025-12-12 14:07
Last seen 2026-01-23 00:31
Open for 41 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549acfd4154fb547557ccc4cebc257b2a9a59d221d6

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Account/GetUserInfo
GET /api/Authentication/TwoFactor/Status
GET /api/Billing/get_variants
GET /api/Billing/status
GET /api/DemoTest/BlobDownload
GET /api/DemoTest/BlobExists
GET /api/DemoTest/Test
GET /api/DemoTest/TestGetExcelInfo
GET /api/DemoTest/TestGetRegressionModel
GET /api/Localization/GetAvailableLanguages
GET /api/Localization/GetLanguageTranslations
GET /api/Tenant/GetAvailableTenants
GET /api/Tenant/GetTenantAccessRequests
GET /api/Tenant/GetUserTenantOptions
GET /api/UserManagement/GetModules
GET /api/UserManagement/GetRolesAllowedForAssignment
GET /api/UserManagement/Users
GET /api/UserManagement/ValidateInvitation
PATCH /api/UserManagement/EnableUser
POST /api/Account/ChangePassword
POST /api/Account/Phone/RequestCode
POST /api/Account/Phone/VerifyCode
POST /api/Authentication/ApproveAccount
POST /api/Authentication/LogIn
POST /api/Authentication/Logout
POST /api/Authentication/Refresh
POST /api/Authentication/Register
POST /api/Authentication/RequestPasswordReset
POST /api/Authentication/ResetPassword
POST /api/Authentication/TwoFactor/Challenge
POST /api/Authentication/TwoFactor/Disable
POST /api/Authentication/TwoFactor/Enable
POST /api/Authentication/TwoFactor/SendCode
POST /api/Authentication/TwoFactor/VerifyCode
POST /api/Billing/cancel
POST /api/Billing/checkout
POST /api/Billing/renew
POST /api/DemoTest/BlobUpload
POST /api/LemonSqueezyWebhook/lq_testic
POST /api/Reconciliation/run
POST /api/Support/GetTicket
POST /api/Support/GetTickets
POST /api/Support/SubmitReport
POST /api/Tenant/CreateTenant
POST /api/Tenant/HandleTenantAccessRequest
POST /api/Tenant/KickUserFromTenant
POST /api/Tenant/LeaveTenant
POST /api/Tenant/RequestTenantAccess
POST /api/Tenant/ValidateTenant
POST /api/UserManagement/AddUser
POST /api/UserManagement/AddUserBackDoor
POST /api/UserManagement/CreateUserFromInvitation
POST /api/UserManagement/InviteUser
PUT /api/Account/UpdateUserInfo
PUT /api/Authentication/TwoFactor/Preferred
PUT /api/Localization/Language
PUT /api/Tenant/UpdateTenant
PUT /api/UserManagement/ChangeRole

Found on 2026-01-23 00:31

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549acfd4154fb547557299c07af6856692e7ad237cf

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Account/GetUserInfo
GET /api/Authentication/TwoFactor/Status
GET /api/Billing/status
GET /api/DemoTest/BlobDownload
GET /api/DemoTest/BlobExists
GET /api/DemoTest/Test
GET /api/DemoTest/TestGetExcelInfo
GET /api/DemoTest/TestGetRegressionModel
GET /api/Localization/GetAvailableLanguages
GET /api/Localization/GetLanguageTranslations
GET /api/Tenant/GetAvailableTenants
GET /api/Tenant/GetTenantAccessRequests
GET /api/Tenant/GetUserTenantOptions
GET /api/UserManagement/GetModules
GET /api/UserManagement/GetRolesAllowedForAssignment
GET /api/UserManagement/Users
GET /api/UserManagement/ValidateInvitation
PATCH /api/UserManagement/EnableUser
POST /api/Account/ChangePassword
POST /api/Account/Phone/RequestCode
POST /api/Account/Phone/VerifyCode
POST /api/Authentication/ApproveAccount
POST /api/Authentication/LogIn
POST /api/Authentication/Logout
POST /api/Authentication/Refresh
POST /api/Authentication/Register
POST /api/Authentication/RequestPasswordReset
POST /api/Authentication/ResetPassword
POST /api/Authentication/TwoFactor/Challenge
POST /api/Authentication/TwoFactor/Disable
POST /api/Authentication/TwoFactor/Enable
POST /api/Authentication/TwoFactor/SendCode
POST /api/Authentication/TwoFactor/VerifyCode
POST /api/Billing/checkout
POST /api/DemoTest/BlobUpload
POST /api/LemonSqueezyWebhook
POST /api/Reconciliation/run
POST /api/Support/GetTicket
POST /api/Support/GetTickets
POST /api/Support/SubmitReport
POST /api/Tenant/CreateTenant
POST /api/Tenant/HandleTenantAccessRequest
POST /api/Tenant/KickUserFromTenant
POST /api/Tenant/LeaveTenant
POST /api/Tenant/RequestTenantAccess
POST /api/Tenant/ValidateTenant
POST /api/UserManagement/AddUser
POST /api/UserManagement/AddUserBackDoor
POST /api/UserManagement/CreateUserFromInvitation
POST /api/UserManagement/InviteUser
PUT /api/Account/UpdateUserInfo
PUT /api/Authentication/TwoFactor/Preferred
PUT /api/Localization/Language
PUT /api/Tenant/UpdateTenant
PUT /api/UserManagement/ChangeRole

Found on 2026-01-10 02:02

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549acfd4154fb54755721e90ff696083cfbf12557e2

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Account/GetUserInfo
GET /api/Authentication/TwoFactor/Status
GET /api/DemoTest/BlobDownload
GET /api/DemoTest/BlobExists
GET /api/DemoTest/Test
GET /api/DemoTest/TestGetExcelInfo
GET /api/DemoTest/TestGetRegressionModel
GET /api/Localization/GetAvailableLanguages
GET /api/Localization/GetLanguageTranslations
GET /api/Tenant/GetAvailableTenants
GET /api/Tenant/GetTenantAccessRequests
GET /api/Tenant/GetUserTenantOptions
GET /api/UserManagement/GetModules
GET /api/UserManagement/GetRolesAllowedForAssignment
GET /api/UserManagement/Users
GET /api/UserManagement/ValidateInvitation
PATCH /api/UserManagement/EnableUser
POST /api/Account/ChangePassword
POST /api/Authentication/ApproveAccount
POST /api/Authentication/LogIn
POST /api/Authentication/Logout
POST /api/Authentication/Refresh
POST /api/Authentication/Register
POST /api/Authentication/RequestPasswordReset
POST /api/Authentication/ResetPassword
POST /api/Authentication/TwoFactor/Challenge
POST /api/Authentication/TwoFactor/Disable
POST /api/Authentication/TwoFactor/Enable
POST /api/Authentication/TwoFactor/SendCode
POST /api/Authentication/TwoFactor/VerifyCode
POST /api/DemoTest/BlobUpload
POST /api/Support/GetTicket
POST /api/Support/GetTickets
POST /api/Support/SubmitReport
POST /api/Tenant/CreateTenant
POST /api/Tenant/HandleTenantAccessRequest
POST /api/Tenant/KickUserFromTenant
POST /api/Tenant/LeaveTenant
POST /api/Tenant/RequestTenantAccess
POST /api/Tenant/ValidateTenant
POST /api/UserManagement/AddUser
POST /api/UserManagement/AddUserBackDoor
POST /api/UserManagement/CreateUserFromInvitation
POST /api/UserManagement/InviteUser
PUT /api/Account/UpdateUserInfo
PUT /api/Authentication/TwoFactor/Preferred
PUT /api/Localization/Language
PUT /api/Tenant/UpdateTenant
PUT /api/UserManagement/ChangeRole

Found on 2025-12-25 07:50

Create report

Open service 20.105.224.45:443 · test-frameworkapi.iteacake.com

2026-01-23 00:31

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Fri, 23 Jan 2026 00:31:55 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=4110ecf8b0ce92a2da661ff130829493f79dd9a55b8bb9c740d6da950151fe99;Path=/;HttpOnly;Secure;Domain=test-frameworkapi.iteacake.com
Set-Cookie: ARRAffinitySameSite=4110ecf8b0ce92a2da661ff130829493f79dd9a55b8bb9c740d6da950151fe99;Path=/;HttpOnly;SameSite=None;Secure;Domain=test-frameworkapi.iteacake.com
X-Powered-By: ASP.NET

Found 2026-01-23 by HttpPlugin

Create report

Open service 20.105.224.45:443 · test-frameworkapi.iteacake.com

2026-01-10 02:02

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Sat, 10 Jan 2026 02:03:46 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=2542020ad45c4c4d802f8f14cff8fc69d6ba366e4e1c6ad8400f2398bb9b6f39;Path=/;HttpOnly;Secure;Domain=test-frameworkapi.iteacake.com
Set-Cookie: ARRAffinitySameSite=2542020ad45c4c4d802f8f14cff8fc69d6ba366e4e1c6ad8400f2398bb9b6f39;Path=/;HttpOnly;SameSite=None;Secure;Domain=test-frameworkapi.iteacake.com
X-Powered-By: ASP.NET

Found 2026-01-10 by HttpPlugin

Create report

Open service 20.105.224.45:443 · test-frameworkapi.iteacake.com

2026-01-02 23:59

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Fri, 02 Jan 2026 23:59:05 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=2542020ad45c4c4d802f8f14cff8fc69d6ba366e4e1c6ad8400f2398bb9b6f39;Path=/;HttpOnly;Secure;Domain=test-frameworkapi.iteacake.com
Set-Cookie: ARRAffinitySameSite=2542020ad45c4c4d802f8f14cff8fc69d6ba366e4e1c6ad8400f2398bb9b6f39;Path=/;HttpOnly;SameSite=None;Secure;Domain=test-frameworkapi.iteacake.com
X-Powered-By: ASP.NET

Found 2026-01-02 by HttpPlugin

Create report

Open service 20.105.224.45:443 · test-frameworkapi.iteacake.com

2025-12-23 09:51

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Tue, 23 Dec 2025 09:51:29 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=2542020ad45c4c4d802f8f14cff8fc69d6ba366e4e1c6ad8400f2398bb9b6f39;Path=/;HttpOnly;Secure;Domain=test-frameworkapi.iteacake.com
Set-Cookie: ARRAffinitySameSite=2542020ad45c4c4d802f8f14cff8fc69d6ba366e4e1c6ad8400f2398bb9b6f39;Path=/;HttpOnly;SameSite=None;Secure;Domain=test-frameworkapi.iteacake.com
X-Powered-By: ASP.NET

Found 2025-12-23 by HttpPlugin

Create report

test-frameworkapi.iteacake.com

Fingerprint:

375854d518a8cd821436aa645ed0a7d9ae7f1b157a18a0b736458c2cb8d05c94

CN:

test-frameworkapi.iteacake.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-12-12 00:00

Not after:

2026-04-14 23:59

Domain summary

test-frameworkapi.iteacake.com 6

1 recorded

IP summary

20.105.224.45 2

1 recorded