Domain www.opalwinter.com
United States
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-19 22:20
Last seen 2025-10-24 11:28
Open for 4 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43a81ce88f562b774ca7894bf46905fba96905fba9Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /coupons GET /coupons/hascoupon GET /coupons/verify GET /language
Found on 2025-10-24 11:28
-
-
Open service 207.120.36.172:443 · www.opalwinter.com
2025-12-22 06:31
HTTP/1.1 403 Forbidden Date: Mon, 22 Dec 2025 06:31:07 GMT Content-Type: text/html Content-Length: 118 Connection: close X-Varnish: 6550369 Age: 0 Via: 1.1 varnish (Varnish/6.3) section-io-cache: Miss section-io-id: 7e0a6dea593119518993be7a4d76299f Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>
Found 2025-12-22 by HttpPluginCreate report
-
Open service 207.120.36.172:443 · www.opalwinter.com
2025-12-20 07:03
HTTP/1.1 403 Forbidden Date: Sat, 20 Dec 2025 07:03:48 GMT Content-Type: text/html Content-Length: 118 Connection: close X-Varnish: 2518042 Age: 0 Via: 1.1 varnish (Varnish/6.3) section-io-cache: Miss section-io-id: 39109bead7dffba71bb0b5a28e903508 Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> </body> </html>
Found 2025-12-20 by HttpPluginCreate report