Domain websitewebapi.winzir.info
Germany
Software information
BunnyCDN-DE1-1328
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 185.111.111.154
Domain: websitewebapi.winzir.info
Port: 443
URL: https://websitewebapi.winzir.infoFirst seen 2025-10-20 08:08
Last seen 2025-11-02 00:49
Open for 12 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549abb0ae959c8383cbc9f2c5dfe7f020e1fcff3e34Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /{partnerId}/api/Main/GetActiveTournaments GET /{partnerId}/api/Main/GetBetStatesEnum GET /{partnerId}/api/Main/GetBets GET /{partnerId}/api/Main/GetBonusStatusesEnum GET /{partnerId}/api/Main/GetClientBalance GET /{partnerId}/api/Main/GetClientByToken GET /{partnerId}/api/Main/GetClientInfo GET /{partnerId}/api/Main/GetClientPaymentInfoTypesEnum GET /{partnerId}/api/Main/GetClientTitles GET /{partnerId}/api/Main/GetExclusionReasons GET /{partnerId}/api/Main/GetExternalModuleUrl GET /{partnerId}/api/Main/GetImages GET /{partnerId}/api/Main/GetJobAreas GET /{partnerId}/api/Main/GetPartnerBetShops GET /{partnerId}/api/Main/GetPartnerPaymentSystems GET /{partnerId}/api/Main/GetPartnerShopItems GET /{partnerId}/api/Main/GetProductInfo GET /{partnerId}/api/Main/GetProductUrl GET /{partnerId}/api/Main/GetProfilePicture GET /{partnerId}/api/Main/GetReferralTypes GET /{partnerId}/api/Main/GetRegions GET /{partnerId}/api/Main/GetTicker GET /{partnerId}/api/Main/GetTournamentLeaderboard GET /{partnerId}/api/Main/GetWelcomeBonus POST /{partnerId}/api/Integration/GetBetInfo POST /{partnerId}/api/Integration/GetGameReport POST /{partnerId}/api/Integration/OpenGame POST /{partnerId}/api/Main/AddClientExternalVerificationInfo POST /{partnerId}/api/Main/ApiRequest POST /{partnerId}/api/Main/CheckTelegramAuthorization POST /{partnerId}/api/Main/CreateToken POST /{partnerId}/api/Main/GeolocationData POST /{partnerId}/api/Main/GetCharacterHierarchy POST /{partnerId}/api/Main/GetCharacters POST /{partnerId}/api/Main/GetGameProviders POST /{partnerId}/api/Main/GetGames POST /{partnerId}/api/Main/GetJackpotFeed POST /{partnerId}/api/Main/GetJackpots POST /{partnerId}/api/Main/GetNews POST /{partnerId}/api/Main/GetPartnerCurrencies POST /{partnerId}/api/Main/GetPartnerProductInfo POST /{partnerId}/api/Main/GetPromotions POST /{partnerId}/api/Main/GetProviderData POST /{partnerId}/api/Main/GetRefreshToken POST /{partnerId}/api/Main/GetSecurityQuestions POST /{partnerId}/api/Main/GetTicketSubjects POST /{partnerId}/api/Main/LoginClient POST /{partnerId}/api/Main/OAuth POST /{partnerId}/api/Main/QuickEmailRegistration POST /{partnerId}/api/Main/QuickSmsRegistration POST /{partnerId}/api/Main/RecoverPassword POST /{partnerId}/api/Main/RegisterAffiliate POST /{partnerId}/api/Main/RegisterClient POST /{partnerId}/api/Main/SearchContentInfo POST /{partnerId}/api/Main/SendEmailCode POST /{partnerId}/api/Main/SendEmailToPartner POST /{partnerId}/api/Main/SendRecoveryToken POST /{partnerId}/api/Main/SendSMSCode POST /{partnerId}/api/Main/ValidateTwoFactorPIN POST /{partnerId}/api/Main/VerifyEmailCode POST /{partnerId}/api/Main/VerifySMSCodeFound on 2025-11-02 00:49
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 185.111.111.154
Domain: websitewebapi.winzir.info
Port: 80
URL: http://websitewebapi.winzir.infoFirst seen 2025-10-20 08:08
Last seen 2025-11-01 03:28
Open for 11 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549abb0ae959c8383cbc9f2c5dfe7f020e1fcff3e34Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /{partnerId}/api/Main/GetActiveTournaments GET /{partnerId}/api/Main/GetBetStatesEnum GET /{partnerId}/api/Main/GetBets GET /{partnerId}/api/Main/GetBonusStatusesEnum GET /{partnerId}/api/Main/GetClientBalance GET /{partnerId}/api/Main/GetClientByToken GET /{partnerId}/api/Main/GetClientInfo GET /{partnerId}/api/Main/GetClientPaymentInfoTypesEnum GET /{partnerId}/api/Main/GetClientTitles GET /{partnerId}/api/Main/GetExclusionReasons GET /{partnerId}/api/Main/GetExternalModuleUrl GET /{partnerId}/api/Main/GetImages GET /{partnerId}/api/Main/GetJobAreas GET /{partnerId}/api/Main/GetPartnerBetShops GET /{partnerId}/api/Main/GetPartnerPaymentSystems GET /{partnerId}/api/Main/GetPartnerShopItems GET /{partnerId}/api/Main/GetProductInfo GET /{partnerId}/api/Main/GetProductUrl GET /{partnerId}/api/Main/GetProfilePicture GET /{partnerId}/api/Main/GetReferralTypes GET /{partnerId}/api/Main/GetRegions GET /{partnerId}/api/Main/GetTicker GET /{partnerId}/api/Main/GetTournamentLeaderboard GET /{partnerId}/api/Main/GetWelcomeBonus POST /{partnerId}/api/Integration/GetBetInfo POST /{partnerId}/api/Integration/GetGameReport POST /{partnerId}/api/Integration/OpenGame POST /{partnerId}/api/Main/AddClientExternalVerificationInfo POST /{partnerId}/api/Main/ApiRequest POST /{partnerId}/api/Main/CheckTelegramAuthorization POST /{partnerId}/api/Main/CreateToken POST /{partnerId}/api/Main/GeolocationData POST /{partnerId}/api/Main/GetCharacterHierarchy POST /{partnerId}/api/Main/GetCharacters POST /{partnerId}/api/Main/GetGameProviders POST /{partnerId}/api/Main/GetGames POST /{partnerId}/api/Main/GetJackpotFeed POST /{partnerId}/api/Main/GetJackpots POST /{partnerId}/api/Main/GetNews POST /{partnerId}/api/Main/GetPartnerCurrencies POST /{partnerId}/api/Main/GetPartnerProductInfo POST /{partnerId}/api/Main/GetPromotions POST /{partnerId}/api/Main/GetProviderData POST /{partnerId}/api/Main/GetRefreshToken POST /{partnerId}/api/Main/GetSecurityQuestions POST /{partnerId}/api/Main/GetTicketSubjects POST /{partnerId}/api/Main/LoginClient POST /{partnerId}/api/Main/OAuth POST /{partnerId}/api/Main/QuickEmailRegistration POST /{partnerId}/api/Main/QuickSmsRegistration POST /{partnerId}/api/Main/RecoverPassword POST /{partnerId}/api/Main/RegisterAffiliate POST /{partnerId}/api/Main/RegisterClient POST /{partnerId}/api/Main/SearchContentInfo POST /{partnerId}/api/Main/SendEmailCode POST /{partnerId}/api/Main/SendEmailToPartner POST /{partnerId}/api/Main/SendRecoveryToken POST /{partnerId}/api/Main/SendSMSCode POST /{partnerId}/api/Main/ValidateTwoFactorPIN POST /{partnerId}/api/Main/VerifyEmailCode POST /{partnerId}/api/Main/VerifySMSCodeFound on 2025-11-01 03:28
-
-
Open service 185.111.111.154:80 · websitewebapi.winzir.info
2025-12-30 06:35
HTTP/1.1 403 Forbidden Date: Tue, 30 Dec 2025 06:35:46 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1328 Cache-Control: no-cache, no-store, max-age=0 CDN-RequestId: 8fe9e932965a1e3802780434b4754724 Page title: BunnyCDN Node DE1-1328 <html><head> <link href="https://fonts.bunny.net/css?family=Rubik:300,400,500,700,900" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="https://bunnycdn.b-cdn.net/assets/landingpage/css/unconfigured.css"> <title>BunnyCDN Node DE1-1328</title></head><body> <div id="header"> <a rel="nofollow" href="https://bunny.net"><img style="vertical-align:middle; image-rendering: -webkit-optimize-contrast;" src="https://bunny.net/v2/images/bunnynet-logo.svg"/></a></div><div id="content"> <h2>Domain suspended or not configured</h2> <p>If you are the administrator and believe this is an error on our side, please check your BunnyCDN account configuration or contact customer support. </p></div></body></html>
Found 2025-12-30 by HttpPluginCreate report
-
Open service 185.111.111.154:443 · websitewebapi.winzir.info
2025-12-30 06:32
HTTP/1.1 403 Forbidden Date: Tue, 30 Dec 2025 06:32:43 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1328 Cache-Control: no-cache, no-store, max-age=0 CDN-RequestId: a0a407a9f291ad3507f0e7a851ec09c2 Page title: BunnyCDN Node DE1-1328 <html><head> <link href="https://fonts.bunny.net/css?family=Rubik:300,400,500,700,900" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="https://bunnycdn.b-cdn.net/assets/landingpage/css/unconfigured.css"> <title>BunnyCDN Node DE1-1328</title></head><body> <div id="header"> <a rel="nofollow" href="https://bunny.net"><img style="vertical-align:middle; image-rendering: -webkit-optimize-contrast;" src="https://bunny.net/v2/images/bunnynet-logo.svg"/></a></div><div id="content"> <h2>Domain suspended or not configured</h2> <p>If you are the administrator and believe this is an error on our side, please check your BunnyCDN account configuration or contact customer support. </p></div></body></html>
Found 2025-12-30 by HttpPluginCreate report
-
Open service 185.111.111.154:80 · websitewebapi.winzir.info
2025-12-22 07:44
HTTP/1.1 403 Forbidden Date: Mon, 22 Dec 2025 07:44:55 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1328 Cache-Control: no-cache, no-store, max-age=0 CDN-RequestId: c68d79fe4cf9921f8c6fe7f00581e241 Page title: BunnyCDN Node DE1-1328 <html><head> <link href="https://fonts.bunny.net/css?family=Rubik:300,400,500,700,900" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="https://bunnycdn.b-cdn.net/assets/landingpage/css/unconfigured.css"> <title>BunnyCDN Node DE1-1328</title></head><body> <div id="header"> <a rel="nofollow" href="https://bunny.net"><img style="vertical-align:middle; image-rendering: -webkit-optimize-contrast;" src="https://bunny.net/v2/images/bunnynet-logo.svg"/></a></div><div id="content"> <h2>Domain suspended or not configured</h2> <p>If you are the administrator and believe this is an error on our side, please check your BunnyCDN account configuration or contact customer support. </p></div></body></html>
Found 2025-12-22 by HttpPluginCreate report
-
Open service 185.111.111.154:443 · websitewebapi.winzir.info
2025-12-22 07:42
HTTP/1.1 403 Forbidden Date: Mon, 22 Dec 2025 07:42:08 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1328 Cache-Control: no-cache, no-store, max-age=0 CDN-RequestId: 6504304ea78e51aaee27a227bc470f30 Page title: BunnyCDN Node DE1-1328 <html><head> <link href="https://fonts.bunny.net/css?family=Rubik:300,400,500,700,900" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="https://bunnycdn.b-cdn.net/assets/landingpage/css/unconfigured.css"> <title>BunnyCDN Node DE1-1328</title></head><body> <div id="header"> <a rel="nofollow" href="https://bunny.net"><img style="vertical-align:middle; image-rendering: -webkit-optimize-contrast;" src="https://bunny.net/v2/images/bunnynet-logo.svg"/></a></div><div id="content"> <h2>Domain suspended or not configured</h2> <p>If you are the administrator and believe this is an error on our side, please check your BunnyCDN account configuration or contact customer support. </p></div></body></html>
Found 2025-12-22 by HttpPluginCreate report
-
Open service 185.111.111.154:80 · websitewebapi.winzir.info
2025-12-20 08:11
HTTP/1.1 403 Forbidden Date: Sat, 20 Dec 2025 08:11:18 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1328 Cache-Control: no-cache, no-store, max-age=0 CDN-RequestId: 3e5ad0138f65d47dcb6ba330b7b2a654 Page title: BunnyCDN Node DE1-1328 <html><head> <link href="https://fonts.bunny.net/css?family=Rubik:300,400,500,700,900" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="https://bunnycdn.b-cdn.net/assets/landingpage/css/unconfigured.css"> <title>BunnyCDN Node DE1-1328</title></head><body> <div id="header"> <a rel="nofollow" href="https://bunny.net"><img style="vertical-align:middle; image-rendering: -webkit-optimize-contrast;" src="https://bunny.net/v2/images/bunnynet-logo.svg"/></a></div><div id="content"> <h2>Domain suspended or not configured</h2> <p>If you are the administrator and believe this is an error on our side, please check your BunnyCDN account configuration or contact customer support. </p></div></body></html>
Found 2025-12-20 by HttpPluginCreate report
-
Open service 185.111.111.154:443 · websitewebapi.winzir.info
2025-12-20 08:08
HTTP/1.1 403 Forbidden Date: Sat, 20 Dec 2025 08:08:17 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Server: BunnyCDN-DE1-1328 Cache-Control: no-cache, no-store, max-age=0 CDN-RequestId: 1394484f307df3ed03295158f3330342 Page title: BunnyCDN Node DE1-1328 <html><head> <link href="https://fonts.bunny.net/css?family=Rubik:300,400,500,700,900" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="https://bunnycdn.b-cdn.net/assets/landingpage/css/unconfigured.css"> <title>BunnyCDN Node DE1-1328</title></head><body> <div id="header"> <a rel="nofollow" href="https://bunny.net"><img style="vertical-align:middle; image-rendering: -webkit-optimize-contrast;" src="https://bunny.net/v2/images/bunnynet-logo.svg"/></a></div><div id="content"> <h2>Domain suspended or not configured</h2> <p>If you are the administrator and believe this is an error on our side, please check your BunnyCDN account configuration or contact customer support. </p></div></body></html>
Found 2025-12-20 by HttpPluginCreate report