LeakIX - Host test2api.avvik.com

Domain test2api.avvik.com

CLOUDFLARENET

Software information

cloudflare

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 172.67.71.1
Domain: test2api.avvik.com
Port: 443
URL: https://test2api.avvik.com

First seen 2025-10-17 00:31
Last seen 2026-01-08 22:10
Open for 83 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff431abfe70de9f5bfeafac086dd89a30b5895acc45b

Public Swagger UI/API detected at path: /swagger.json - sample paths:
ANY components
GET /api/checklist/{sessiondata}
GET /api/dashboard/{sessiondata}
GET /api/data/{sessiondata}
GET /api/filter/{sessiondata}
GET /api/getfile/{filename}
GET /api/graphsettings/{sessiondata}
GET /api/menu/{sessiondata}
GET /api/savedfilter/{sessiondata}
GET /api/select/{sessiondata}
GET /api/session_valid
GET /api/start
GET /api/view/{sessiondata}
GET /public/loginpage/{companyid}/{language}
GET /public/new_password/{sessiondata}/{apiclientid}/{np}
GET /public/ping
GET /public/reset_pwd/{companyid}/{apiclientid}/{email}/{language}
GET /public/reset_token_valid/{sessiondata}
GET /public/validate_pwd/{sessiondata}/{apiclientid}/{np}
POST /api/data
POST /api/graph/{sessiondata}
POST /api/list/{sessiondata}
POST /api/summary/{sessiondata}
POST /api/upload/{sessiondata}
POST /public/translate
POST /user/login

Found on 2026-01-08 22:10

Create report

Open service 172.67.71.1:443 · test2api.avvik.com

2026-01-08 22:10

HTTP/1.1 404 Not Found
Date: Thu, 08 Jan 2026 22:10:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: close
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-client-type
access-control-allow-origin: undefined
content-security-policy: default-src 'self';script-src 'self';object-src 'none';img-src 'self' data:;upgrade-insecure-requests;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"2a-Q29tC8e8Iz0P3EJxbS9FVSdhuF0"
origin-agent-cluster: ?1
ratelimit-limit: 15
ratelimit-policy: 15;w=1
ratelimit-remaining: 14
ratelimit-reset: 1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-envoy-upstream-service-time: 2
server: cloudflare
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=193GCLlLV0w1QwXVFC3MeDyiRukm%2FPfZCRDr%2BXfiZ2lHz1O4upJDEHswRzzqNwf3V2uOmUte10NVAz2hpLzp5tHIYhLVVei6Iz0VG8GUcrsi"}]}
CF-RAY: 9baf06253d44a131-SIN


{"error":{"message":"Route not found: /"}}

Found 2026-01-08 by HttpPlugin

Create report

Open service 172.67.71.1:443 · test2api.avvik.com

2026-01-02 11:54

HTTP/1.1 404 Not Found
Date: Fri, 02 Jan 2026 11:54:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: close
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-client-type
access-control-allow-origin: undefined
content-security-policy: default-src 'self';script-src 'self';object-src 'none';img-src 'self' data:;upgrade-insecure-requests;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"2a-Q29tC8e8Iz0P3EJxbS9FVSdhuF0"
origin-agent-cluster: ?1
ratelimit-limit: 15
ratelimit-policy: 15;w=1
ratelimit-remaining: 14
ratelimit-reset: 1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-envoy-upstream-service-time: 2
server: cloudflare
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AEXj2PI%2Bi1bSO%2BI%2FnhYIbEYrDpXLu9T3ecHC9nB88YJuevJAHfW7bISvuVcJe%2BnhlFrsqbpItxfDjEE6mp1YzWASMzqcUI%2FWg33Jt625JT%2BI"}]}
CF-RAY: 9b7a0f84fd599d23-SIN


{"error":{"message":"Route not found: /"}}

Found 2026-01-02 by HttpPlugin

Create report

Open service 172.67.71.1:443 · test2api.avvik.com

2025-12-22 16:56

HTTP/1.1 404 Not Found
Date: Mon, 22 Dec 2025 16:56:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: close
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-client-type
access-control-allow-origin: undefined
content-security-policy: default-src 'self';script-src 'self';object-src 'none';img-src 'self' data:;upgrade-insecure-requests;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"2a-Q29tC8e8Iz0P3EJxbS9FVSdhuF0"
origin-agent-cluster: ?1
ratelimit-limit: 15
ratelimit-policy: 15;w=1
ratelimit-remaining: 14
ratelimit-reset: 1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-envoy-upstream-service-time: 2
server: cloudflare
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jkAlqtx9WmNEYIvzbeannvSuKvZBEPphwbQLLKvXAc3KIEx6ftwa8bk0FpLdvVwrbS215h7PTgmDII%2FO0bvIqKB1Ujp4s4KsdmDepUtEZDFN"}]}
CF-RAY: 9b2127117c950e82-EWR


{"error":{"message":"Route not found: /"}}

Found 2025-12-22 by HttpPlugin

Create report

Open service 172.67.71.1:443 · test2api.avvik.com

2025-12-20 15:05

HTTP/1.1 404 Not Found
Date: Sat, 20 Dec 2025 15:05:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 42
Connection: close
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, x-client-type
access-control-allow-origin: undefined
content-security-policy: default-src 'self';script-src 'self';object-src 'none';img-src 'self' data:;upgrade-insecure-requests;base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
etag: W/"2a-Q29tC8e8Iz0P3EJxbS9FVSdhuF0"
origin-agent-cluster: ?1
ratelimit-limit: 15
ratelimit-policy: 15;w=1
ratelimit-remaining: 14
ratelimit-reset: 1
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
x-envoy-upstream-service-time: 7
server: cloudflare
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=gNmSbGPoTs1V0o5QGtUd3XTClaRp2DMQSn5gyXew5UPE3sUpVFWF1dbKTJfAP5ddk2MHaJEwKlKuaFWbTaazX0gfVRW4q3c6tAPXQBTLKe9M"}]}
CF-RAY: 9b100916efe08c42-EWR


{"error":{"message":"Route not found: /"}}

Found 2025-12-20 by HttpPlugin

Create report

avvik.com*.avvik.com

Fingerprint:

4e1a1598c3029bb6b924afc9424ff9845c811694bfd327809c4503c61c4d51f5

CN:

avvik.com

Key:

ECDSA-256

Issuer:

WE1

Not before:

2025-11-10 18:07

Not after:

2026-02-08 19:07

Domain summary

test2api.avvik.com 4

1 recorded

IP summary

172.67.71.1 2

1 recorded