LeakIX - Host val.richemontpartners.com

Domain val.richemontpartners.com

Germany

AMAZON-02

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 3.77.168.78
Domain: extranet-api.val.richemontpartners.com
Port: 443
URL: https://extranet-api.val.richemontpartners.com

First seen 2025-12-25 00:32
Last seen 2026-02-09 04:12
Open for 46 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549349faf5f61e44e379bcba3c569815b09fb4ce802

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/UsersFavorites/{id}
GET /api/AssetsResolutions
GET /api/Assortments/allowed
GET /api/Brands
GET /api/Brands/{brand}
GET /api/Countries
GET /api/Countries/{id}
GET /api/Cultures
GET /api/FileFormats
GET /api/Languages
GET /api/Packages
GET /api/Packages/self
GET /api/Packages/{packageId}
GET /api/Products/{reference}
GET /api/Products/{reference}/preview
GET /api/Roles/allowed
GET /api/Roles/self
GET /api/Users/logout
GET /api/Users/self
GET /api/Users/{id}
GET /api/UsersCarts/copy
GET /api/UsersCarts/self
GET /api/UsersFavorites
GET /api/flush
GET /api/info/autherror
GET /api/info/error
GET /api/sendmail
POST /api/Products/copy
POST /api/Products/notfound
POST /api/Products/search
POST /api/Users
POST /api/Users/search
POST /api/UsersCarts
POST /api/UsersCarts/all
PUT /api/Users/block/{email}
PUT /api/Users/self/legal
PUT /api/Users/unblock/{email}

Found on 2026-02-09 04:12

Create report

Open service 3.74.199.18:443 · extranet-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Mon, 26 Jan 2026 00:36:00 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:80 · extranet-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://extranet-api.val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.78.31.157:80 · val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.74.199.18:80 · val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.78.31.157:443 · biceps-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
Server-Timing: Total;dur=0
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Mon, 26 Jan 2026 00:35:59 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.78.31.157:443 · extranet-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Mon, 26 Jan 2026 00:35:59 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.78.31.157:80 · biceps-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://biceps-api.val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:80 · biceps-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://biceps-api.val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.74.199.18:443 · biceps-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
Server-Timing: Total;dur=0
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Mon, 26 Jan 2026 00:35:59 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.74.199.18:80 · extranet-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://extranet-api.val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:80 · val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:443 · val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 25 Jul 2018 09:55:43 GMT
Accept-Ranges: bytes
ETag: "8039a3a6fd23d41:0"
ServeurRic: sapp00027
Access-Control-Allow-Origin: *
Date: Mon, 26 Jan 2026 00:35:59 GMT
Connection: close
Content-Length: 436
Strict-Transport-Security: max-age=16070400

Page title: Biceps Team

<html>
<head>
    <title>Biceps Team</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
body, html {
    height: 100%;
    margin: 0;
}

.bg {
    background-image: url("building-b-by-night2.jpg");
    height: 100%; 
    background-position: center;
    background-repeat: no-repeat;
    background-size: cover;
}
</style>
</head>
<body>
<div class="bg"></div>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.78.31.157:80 · extranet-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://extranet-api.val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:443 · biceps-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
Server-Timing: Total;dur=0
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Mon, 26 Jan 2026 00:35:59 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:443 · extranet-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Mon, 26 Jan 2026 00:35:59 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.74.199.18:80 · biceps-api.val.richemontpartners.com

2026-01-26 00:35

HTTP/1.0 301 Moved Permanently
Location: https://biceps-api.val.richemontpartners.com/
Connection: close
Content-Length: 0

Found 2026-01-26 by HttpPlugin

Create report

Open service 3.77.168.78:443 · extranet-api.val.richemontpartners.com

2026-01-23 05:36

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=2592000
ServeurRic: sapp00027
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400
Content-Security-Policy: https:
Referrer-Policy: no-referrer
Date: Fri, 23 Jan 2026 05:36:40 GMT
Connection: close
Transfer-Encoding: chunked


Healthy

Found 2026-01-23 by HttpPlugin

Create report

biceps-api.val.richemontpartners.comextranet-api.val.richemontpartners.comval.richemontpartners.com

Fingerprint:

f422138176218374cd79a5212905edc3e7ef5170c89d62c127caec5f45be2488

CN:

val.richemontpartners.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-12-24 23:32

Not after:

2026-03-24 23:32

Domain summary

extranet-api.val.richemontpartners.com 7 val.richemontpartners.com 3 biceps-api.val.richemontpartners.com 5

3 recorded

IP summary

3.78.31.157 3 3.74.199.18 2 3.77.168.78 1

3 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice