LeakIX - Host 20.118.48.5

Host 20.118.48.5

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Microsoft-IIS 10.0

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: webapi-usc.torus-technology.com
Port: 443
URL: https://webapi-usc.torus-technology.com

First seen 2025-11-28 01:17
Last seen 2026-02-09 20:05
Open for 73 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549c911ac2b83c5d2e994b11c0dd89173652ffbdd2b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Alert
GET /api/Alert/{id}
GET /api/AlertTemplate
GET /api/AlertTemplate/{id}
GET /api/Application/GetConfigurations
GET /api/Application/GetCustomerList
GET /api/Application/GetCustomerListForAdmins
GET /api/Application/GetPermissions
GET /api/Application/GetPermittedConfigurations
GET /api/Application/GetPermittedUILocalisations
GET /api/Application/GetUILocalisations
GET /api/Application/GetUILookups
GET /api/BulkData
GET /api/BulkData/GetExportFileURL
GET /api/BulkData/GetFileDeleteUrl
GET /api/BulkData/GetImportFileBlobDetails
GET /api/BulkData/GetImportFileURL
GET /api/BulkData/GetImportLogFileURL
GET /api/Cabinet
GET /api/Cabinet/GetAllCabinetDataMasks
GET /api/Cabinet/GetCabinetBasicDetails
GET /api/Cabinet/GetCabinetItemsByCabinet
GET /api/Cabinet/GetCabinetsByCustomer
GET /api/Cabinet/GetUserAccessibleItemsByCustomer
GET /api/Cabinet/{id}
GET /api/ColumnConfiguration/GetColumnsByReportName
GET /api/Configuration
GET /api/Configuration/{id}
GET /api/Customer
GET /api/Customer/GetLogoDeleteUrl
GET /api/Customer/GetLogoReadUrl
GET /api/Customer/GetLogoWriteUrl
GET /api/Customer/{id}
GET /api/DeviceUpdate
GET /api/DeviceUpdate/GetPendingDeviceUpdates
GET /api/DeviceUpdate/{id}
GET /api/EventAlarmConfiguration
GET /api/EventAlarmConfiguration/{id}
GET /api/EventPriority
GET /api/ExternalSystem
GET /api/ExternalSystem/GetExternalSystemDevices
GET /api/ExternalSystem/GetExternalSystemPropertyMappings
GET /api/ExternalSystem/GetExternalSystemsWithDataMasksForCustomer
GET /api/ExternalSystem/GetHasPingIdSystem
GET /api/ExternalSystem/GetMiddlewareBlobUrl
GET /api/ExternalSystem/{id}
GET /api/Groups
GET /api/Groups/GetCustomerAccessGroups
GET /api/Groups/{id}
GET /api/HelpCentre/GetDownloadUrl
GET /api/ItemGroup
GET /api/ItemGroup/GetItemGroupsByCustomer
GET /api/ItemGroup/GetItemListByItemGroup
GET /api/ItemGroup/{id}
GET /api/LocalisationTexts
GET /api/LocalisationTexts/{id}
GET /api/Lookups
GET /api/Lookups/{id}
GET /api/MiddlewareLog/GetMiddlewareLogEvents
GET /api/Permissions
GET /api/Permissions/GetPermissionsByRole
GET /api/Permissions/GetRolesByCustomer
GET /api/Permissions/{id}
GET /api/ReportSubscription
GET /api/ReportSubscription/{id}
GET /api/Site
GET /api/Site/GetDataMaskForSite
GET /api/Site/GetSecondaryDataMasksForSite
GET /api/Site/GetSiteConfigurationsBySite
GET /api/Site/GetSitesByCustomer
GET /api/Site/{id}
GET /api/User
GET /api/User/GetEffectiveCustomerForUser
GET /api/User/GetPIN
GET /api/User/GetUsersBatchByCustomer
GET /api/User/GetUsersByCustomer
GET /api/User/{id}
GET /api/UserGroup
GET /api/UserGroup/GetUserGroupsBatchByCustomer
GET /api/UserGroup/GetUserGroupsByCustomer
GET /api/UserGroup/{id}
POST /api/Alert/SendOverdueAlertSMS
POST /api/DeviceUpdate/Publish
POST /api/ExternalSystem/SyncExternalData
POST /api/ExternalSystem/UpdateForceUserImportEpoch
POST /api/ExternalSystem/UpdateTestEventEpoch
POST /api/User/Access
PUT /api/ColumnConfiguration/SetColumnConfigurationsForReport

Found on 2026-02-09 20:05

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: dev-api.vendas360.cloud
Port: 443
URL: https://dev-api.vendas360.cloud

First seen 2026-01-04 09:56
Last seen 2026-02-09 19:47
Open for 36 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 19:47
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: webapi-usc.torus-technology.com
Port: 80
URL: http://webapi-usc.torus-technology.com

First seen 2025-11-28 01:17
Last seen 2026-02-09 18:59
Open for 73 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549c911ac2b83c5d2e994b11c0dd89173652ffbdd2b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Alert
GET /api/Alert/{id}
GET /api/AlertTemplate
GET /api/AlertTemplate/{id}
GET /api/Application/GetConfigurations
GET /api/Application/GetCustomerList
GET /api/Application/GetCustomerListForAdmins
GET /api/Application/GetPermissions
GET /api/Application/GetPermittedConfigurations
GET /api/Application/GetPermittedUILocalisations
GET /api/Application/GetUILocalisations
GET /api/Application/GetUILookups
GET /api/BulkData
GET /api/BulkData/GetExportFileURL
GET /api/BulkData/GetFileDeleteUrl
GET /api/BulkData/GetImportFileBlobDetails
GET /api/BulkData/GetImportFileURL
GET /api/BulkData/GetImportLogFileURL
GET /api/Cabinet
GET /api/Cabinet/GetAllCabinetDataMasks
GET /api/Cabinet/GetCabinetBasicDetails
GET /api/Cabinet/GetCabinetItemsByCabinet
GET /api/Cabinet/GetCabinetsByCustomer
GET /api/Cabinet/GetUserAccessibleItemsByCustomer
GET /api/Cabinet/{id}
GET /api/ColumnConfiguration/GetColumnsByReportName
GET /api/Configuration
GET /api/Configuration/{id}
GET /api/Customer
GET /api/Customer/GetLogoDeleteUrl
GET /api/Customer/GetLogoReadUrl
GET /api/Customer/GetLogoWriteUrl
GET /api/Customer/{id}
GET /api/DeviceUpdate
GET /api/DeviceUpdate/GetPendingDeviceUpdates
GET /api/DeviceUpdate/{id}
GET /api/EventAlarmConfiguration
GET /api/EventAlarmConfiguration/{id}
GET /api/EventPriority
GET /api/ExternalSystem
GET /api/ExternalSystem/GetExternalSystemDevices
GET /api/ExternalSystem/GetExternalSystemPropertyMappings
GET /api/ExternalSystem/GetExternalSystemsWithDataMasksForCustomer
GET /api/ExternalSystem/GetHasPingIdSystem
GET /api/ExternalSystem/GetMiddlewareBlobUrl
GET /api/ExternalSystem/{id}
GET /api/Groups
GET /api/Groups/GetCustomerAccessGroups
GET /api/Groups/{id}
GET /api/HelpCentre/GetDownloadUrl
GET /api/ItemGroup
GET /api/ItemGroup/GetItemGroupsByCustomer
GET /api/ItemGroup/GetItemListByItemGroup
GET /api/ItemGroup/{id}
GET /api/LocalisationTexts
GET /api/LocalisationTexts/{id}
GET /api/Lookups
GET /api/Lookups/{id}
GET /api/MiddlewareLog/GetMiddlewareLogEvents
GET /api/Permissions
GET /api/Permissions/GetPermissionsByRole
GET /api/Permissions/GetRolesByCustomer
GET /api/Permissions/{id}
GET /api/ReportSubscription
GET /api/ReportSubscription/{id}
GET /api/Site
GET /api/Site/GetDataMaskForSite
GET /api/Site/GetSecondaryDataMasksForSite
GET /api/Site/GetSiteConfigurationsBySite
GET /api/Site/GetSitesByCustomer
GET /api/Site/{id}
GET /api/User
GET /api/User/GetEffectiveCustomerForUser
GET /api/User/GetPIN
GET /api/User/GetUsersBatchByCustomer
GET /api/User/GetUsersByCustomer
GET /api/User/{id}
GET /api/UserGroup
GET /api/UserGroup/GetUserGroupsBatchByCustomer
GET /api/UserGroup/GetUserGroupsByCustomer
GET /api/UserGroup/{id}
POST /api/Alert/SendOverdueAlertSMS
POST /api/DeviceUpdate/Publish
POST /api/ExternalSystem/SyncExternalData
POST /api/ExternalSystem/UpdateForceUserImportEpoch
POST /api/ExternalSystem/UpdateTestEventEpoch
POST /api/User/Access
PUT /api/ColumnConfiguration/SetColumnConfigurationsForReport

Found on 2026-02-09 18:59

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: api.letsfit.uy
Port: 443
URL: https://api.letsfit.uy

First seen 2025-12-10 02:13
Last seen 2026-02-09 18:45
Open for 61 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 18:45
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: api.insights.archamenity.com
Port: 443
URL: https://api.insights.archamenity.com

First seen 2026-01-13 08:42
Last seen 2026-02-09 17:34
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493a31763d4c186cad72de8cc770cbea8efa539357

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Payroll/DeletePayee/{id}
DELETE /api/Payroll/DeletePayrollDetailById
GET /api/Activity/InsertOrUpdateGuestTypes
GET /api/Appointment/InsertOrUpdateAppointments
GET /api/Authentication/GetMenuItems
GET /api/Authentication/GetTenantDetails
GET /api/Book4TimeDepositLog/B4TDepositLogExcel
GET /api/Book4TimeDepositLog/GetDepositLogAmenities
GET /api/CorporateInvoice/GetInvoiceAmenities
GET /api/CorporateInvoice/InvoiceZipDownload
GET /api/CorporateInvoice/SendCorporateInvoices
GET /api/Customer/GetCustomerDetails
GET /api/Dashboard/ClassSchedule
GET /api/Dashboard/Classes
GET /api/Dashboard/DashboardGroupExerciseDetails
GET /api/Dashboard/GetApimData
GET /api/Dashboard/GetAppointmentsByGuestType
GET /api/Dashboard/GetAppointmentsByStatus
GET /api/Dashboard/GetAverageTickets
GET /api/Dashboard/GetCancelledAppointments
GET /api/Dashboard/GetCurrentYearRevenue
GET /api/Dashboard/GetEventData
GET /api/Dashboard/GetInsightsClubsInfo
GET /api/Dashboard/GetLastYearRevenue
GET /api/Dashboard/GetMemberList
GET /api/Dashboard/GetMemberVisitsData
GET /api/Dashboard/GetMembersDetails
GET /api/Dashboard/GetPaceReportRevenueData
GET /api/Dashboard/GetProgramData
GET /api/Dashboard/GetSalesByProductType
GET /api/Dashboard/GetSalesByServiceGroups
GET /api/Dashboard/GetSalesDetails
GET /api/Dashboard/GetSameTimeLastYearRevenue
GET /api/Dashboard/GetServiceToProductRatio
GET /api/Dashboard/GetTotalGroup
GET /api/Dashboard/GetTotalRevenue
GET /api/Dashboard/GetTurnawayDetails
GET /api/Dashboard/GetVisitsComparision
GET /api/Dashboard/GetVisitsCounts
GET /api/Data/InsertOrUpdateLocations
GET /api/DepositLog/DepositLogExcel
GET /api/DepositLog/GetDepositLog
GET /api/MindBody/GetAPIActivationCode
GET /api/Payroll/GetAllEarningCodes
GET /api/Payroll/GetAllPayees
GET /api/Payroll/GetB4TLogData
GET /api/Payroll/GetPayPeriods
GET /api/Payroll/GetPayeesFullName
GET /api/Payroll/GetPayrollDetailsByAmenityId
GET /api/Payroll/GetPayrollSummary
GET /api/Payroll/GetServiceCategories
GET /api/Payroll/IsPayrollExist
GET /api/Payroll/SendInmomentLocationsWithoutApiAccess
GET /api/Pdf/GeneratePdf
GET /api/SalesSummary/GetB4TSalesSummaryByProductReport
GET /api/SalesSummary/GetMBSalesSummaryByProductReport
GET /api/SalesSummary/GetSalesSummaryAmenities
GET /api/Service/InsertOrUpdateAddOnServices
GET /api/Service/InsertOrUpdateServiceGroups
GET /api/Service/InsertOrUpdateServiceTypeByID
GET /api/Service/InsertOrUpdateServiceTypes
GET /api/ServiceCategory/GetAdpCodeCategories
GET /api/ServiceCategory/GetMissingServiceTypeMappingsByAmenityId
GET /api/ServiceCategory/GetMissingServiceTypesByAmenityId
GET /api/ServiceCategory/GetServiceCategoriesByAmenityId
GET /api/ServiceCategory/GetServiceCategoryMappingsByAmenityId
GET /api/Task/RefreshMemberList
GET /api/Task/RefreshMemberListFromSnowFlake
GET /api/Technician/GetTechnicianSchedules
GET /api/Technician/SpaTokenGeneration
GET /api/TokenHelper/GetTokens
GET /api/Transaction/InsertOrUpdateTranscations
GET /api/User/GetAmenities
GET /api/User/GetGroupedAmenities
GET /api/User/GetGroups
GET /api/User/GetUserAmenities
GET /api/User/GetUserDetails
GET /api/User/GetUserMappedAmenities
GET /api/User/GetUserSpaFitnessAmenities
GET /api/User/GetUserStatus
GET /api/User/SendSsoUpgrademail
POST /api/Appointment/AppointmentWebhook
POST /api/Appointment/UpdateAppointmentWebhook
POST /api/Authentication/ChangePassword
POST /api/Authentication/ForgotPassword
POST /api/Authentication/Login
POST /api/Authentication/ResetPasswordWithEmail
POST /api/Authentication/SetPassword
POST /api/Authentication/SsoLogin
POST /api/Authentication/TokenGeneration
POST /api/Authentication/UserRegistration
POST /api/Authentication/ValidateForgotPassword
POST /api/Authentication/ValidateSetPassword
POST /api/Authentication/ValidateUserPassword
POST /api/Dashboard/GetAllCities
POST /api/Dashboard/GetAllFacilities
POST /api/Dashboard/GetAllRegions
POST /api/Dashboard/GetAllStates
POST /api/Dashboard/GetEmployerData
POST /api/Dashboard/GetUserSpas
POST /api/Data/InsertOrUpdateTurnaways
POST /api/Hubspot/FacilityDataFromHubspot
POST /api/Hubspot/GetAmenitiesDataFromHubspot
POST /api/Hubspot/GetOwnersDataFromHubspot
POST /api/Hubspot/InsertAmenityCategoriesFromHubspot
POST /api/Payroll/DeleteSplitPayrollDetails
POST /api/Payroll/InsertPayrollDetailWithAmenity
POST /api/Payroll/InsertSplitPayrollDetails
POST /api/Payroll/UpdatePayrollDetailById
POST /api/Payroll/UpdateSplitPayrollDetails
POST /api/Service/InsertOrUpdateServiceTypesByLocation
POST /api/ServiceCategory/InsertOrUpdateMissingServiceTypeMappings/InsertOrUpdate
POST /api/ServiceCategory/InsertOrUpdateServiceCategoryMappingsByAmenityId/InsertOrUpdate
POST /api/User/CheckIfEmailExists
POST /api/User/DisableUserByAdmin
POST /api/User/RegisterUser
POST /api/User/TrackUserAuditDetails
POST /api/User/UpdateUser
POST /{clubCode}/swipe/{cardID}

Found on 2026-02-09 17:34

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-16 22:35

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: crmconnector.eivfconnect.com
Port: 443
URL: https://crmconnector.eivfconnect.com

First seen 2026-01-13 04:12
Last seen 2026-02-02 02:47
Open for 19 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035491855fed41884c4f5536eb8ec536eb8ec536eb8ec
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/appointment/{tenantId}
GET /api/patient/{tenantId}/{external_id}
POST /api/patient/{tenantId}
```
  Found on 2026-02-02 02:47
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: engagedmd.eivfconnect.com
Port: 443
URL: https://engagedmd.eivfconnect.com

First seen 2026-01-01 08:50
Last seen 2026-02-02 00:43
Open for 31 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035492a1a372e2a1a372e2a1a372e2a1a372e2a1a372e
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /SignedConsent
```
  Found on 2026-02-02 00:43
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: services-uat.greathearingbenefits.com
Port: 443
URL: https://services-uat.greathearingbenefits.com

First seen 2026-01-12 21:29
Last seen 2026-02-02 00:17
Open for 20 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492ded02a3478e9d7c903d3f5a052380600f9c6c3e

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Scheduling/DeletePatient
GET /api/AccessPolicy/GetAccessPolicy
GET /api/AccessPolicy/GetAccessPolicyAllowedRoles
GET /api/AccessPolicy/GetAllRolePermissions
GET /api/AccessPolicy/GetPermissions
GET /api/AccessPolicy/GetPolicyForRoles
GET /api/AccessPolicy/GetRolePermissions/{Id}
GET /api/AccessPolicy/GetRoles
GET /api/AccessPolicy/GetRolesByUser/{id}
GET /api/AccessPolicy/GetRolesForPolicy
GET /api/AccessPolicy/GetUserPermissionsById/{id}
GET /api/AccessPolicy/GetUserTypeRoles
GET /api/AccessPolicy/GetUserTypes
GET /api/ClinicAssociation/DashboardClinicAssociations
GET /api/EligibilityData/getalleligibilityjobfiles
GET /api/Entity/GetAllEmailActivitiesReport
GET /api/Entity/GetAllEntities
GET /api/Entity/GetAllEntitiesOwners
GET /api/Entity/GetAllEventMessages
GET /api/Entity/GetAvailableAccountNumbers
GET /api/Entity/GetEmailActivities
GET /api/Entity/GetEntitiesByAccountNumber
GET /api/Entity/GetEntitiesByEmail
GET /api/Entity/GetEntityByAccountNumber
GET /api/Entity/GetEntityByEINAsync
GET /api/Entity/GetEntityByEmail
GET /api/Entity/GetEntityByEntityNumber
GET /api/Entity/GetEntityById
GET /api/Entity/GetEntityByUserId
GET /api/Entity/GetEntityEmails
GET /api/Entity/PopulateAllEmailActivities
GET /api/Library/GetAllLibraryDocuments
GET /api/Library/GetAllLibraryFolders
GET /api/Library/GetLibraryDocumentById
GET /api/Location/GetAllLocations
GET /api/Location/GetBrandWiseLocations
GET /api/Location/GetClinicAddress/{EntityNumber}
GET /api/Location/GetEntityLocations
GET /api/Location/GetEntityLocationsEntityNumber
GET /api/Location/GetGeoLocationCoordinates
GET /api/Location/GetLocation
GET /api/Location/getclinicaddressforshipping/{EntityNumber}
GET /api/Location/getlocationservicesbylocationid/{LocationID}
GET /api/LookupData/GetAllDispositions
GET /api/LookupData/GetAllGHBInsurancePlans
GET /api/LookupData/GetAllInsurancePlans
GET /api/LookupData/GetAllSaleItems
GET /api/LookupData/GetAllUsStates
GET /api/LookupData/GetBrands
GET /api/LookupData/GetCredentialingStatus
GET /api/LookupData/GetDegrees
GET /api/LookupData/GetEmailReciepientsById
GET /api/LookupData/GetNavisionItemByCategoryAsync
GET /api/LookupData/GetNavisionSaleItemsByCategoryAndBrandAsync
GET /api/LookupData/GetPartNumber
GET /api/LookupData/GetPurchaseCategories
GET /api/LookupData/GetRectTubePowers
GET /api/LookupData/GetRectTubeSizes
GET /api/LookupData/GetRelations
GET /api/LookupData/GetShoppingCartCategories
GET /api/LookupData/GetShoppingCartDetailsByPartNumberAsync
GET /api/LookupData/GetShoppingCartHITechnologyLevels
GET /api/LookupData/GetShoppingCartOTCProductColors
GET /api/LookupData/GetShoppingCartProductAccessories
GET /api/LookupData/GetShoppingCartProductColors
GET /api/LookupData/GetShoppingCartProductModels
GET /api/LookupData/GetShoppingCartProducts
GET /api/LookupData/GetSpeciality
GET /api/LookupData/GetStates
GET /api/LookupData/GetSuffix
GET /api/LookupData/ListAllAccessoryPurchaseCategories
GET /api/LookupData/ListAllAccessoryPurchaseItemsForCategory
GET /api/LookupData/ListAllBrandHearingAidPurchases
GET /api/LookupData/ListAllBrandPurchaseCategories
GET /api/LookupData/ListAllEmailReciepients
GET /api/LookupData/ListAllHearingAidColors
GET /api/LookupData/ListAllHearingAidModelChargers
GET /api/LookupData/ListAllOTCHearingAidColors
GET /api/LookupData/ListAllOperationCategory
GET /api/LookupData/ListAllSearchDistanceValues
GET /api/LookupData/ListAppointmentOutcomes
GET /api/LookupData/ListLocationTypes
GET /api/LookupData/getalllocationservicestypes
GET /api/LookupData/getalllocationtypes
GET /api/LookupData/getemailreciepientsbyreferenceno
GET /api/ManagedCare/ClinicKeyinfo/{DispenserNumber}
GET /api/ManagedCare/FindManagedCareAuthRepresentativeAsync
GET /api/ManagedCare/FindManagedCareOwnerAsync
GET /api/ManagedCare/GetClinics/{DispenserNumber}/{ProviderID}
GET /api/ManagedCare/GetClinicsForStaffId/{staffId}/{dispensernumber}
GET /api/ManagedCare/GetLocations/{DispenserNumber}/{OfficeNumber}
GET /api/ManagedCare/GetOwnerDetails
GET /api/ManagedCare/GetProviderDetails
GET /api/ManagedCare/ListAllDegrees
GET /api/ManagedCare/ListAllDesignations
GET /api/ManagedCare/ListAllNameSuffix
GET /api/ManagedCare/ListAllOfficeTypes
GET /api/ManagedCare/ListAllOwners
GET /api/ManagedCare/ListAllSpecialities
GET /api/ManagedCare/ListAllStandalone
GET /api/ManagedCare/ListAllSubSpecialities
GET /api/ManagedCare/ListAllUsStates
GET /api/ManagedCare/ManageProviderListByOwner/{NavisionAccountnumber}
GET /api/MenuItems/GetMenuItems
GET /api/Provider/GetAllProvidersList
GET /api/Provider/GetClinicAssociation/{ProviderId}
GET /api/Provider/GetInviteProviderEmails
GET /api/Provider/GetProviderDetails
GET /api/Provider/GetProviderDetailsByIdAsync/{ProviderId}
GET /api/Provider/GetProvidersByEntityNumber/{EntityNumber}
GET /api/Provider/GetProvidersByGUID/{Userid}
GET /api/Provider/GetProvidersList/{Accountnumber}
GET /api/PurchaseOrder/GetAllPurchaseOrders
GET /api/PurchaseOrder/GetEntityPurchaseOrders
GET /api/PurchaseOrder/GetProviderPurchaseOrders
GET /api/PurchaseOrder/GetPurchaseOrderById
GET /api/PurchaseOrder/GetPurchaseOrdersById
GET /api/PurchaseOrder/ListAllEmailReciepients
GET /api/PurchaseOrder/SearchForLeads
GET /api/PurchaseOrder/SearchForPatients
GET /api/Scheduling/allleads
GET /api/Scheduling/appointment-companion-types
GET /api/Scheduling/appointment-types
GET /api/Scheduling/appointment-types-all
GET /api/Scheduling/campaigns
GET /api/Scheduling/clinics
GET /api/Scheduling/clinics/search
GET /api/Scheduling/getauditleadnotesbyuniqueid
GET /api/Scheduling/getleadsbyuniqueId
GET /api/Scheduling/open-slots
GET /api/Scheduling/parent-companies
GET /api/Scheduling/patient-archived-reasons
GET /api/Scheduling/patientappointmentsfuture
GET /api/Scheduling/patients/search
GET /api/Scheduling/referral-sources
GET /api/Scheduling/staff
GET /api/Scheduling/sub-referral-sources
GET /api/UserProfile/FindUsersWithEmail/{Email}
GET /api/UserProfile/GetUserByEmail
GET /api/UserProfile/GetUserByUserId
GET /api/UserProfile/GetUserCreationRolesforUserId
GET /api/UserProfile/GetUserWithValidationCode/{validationCode}
GET /api/UserProfile/GetUsersForUserId
GET /api/UserProfile/Users
POST /api/AccessPolicy/AddEditUserPermissions
POST /api/AccessPolicy/AddPolicy
POST /api/AccessPolicy/AddRole
POST /api/ClinicAssociation/UpsertClinicsAssoication
POST /api/ClinicAssociation/UpsertClinicsAssoications
POST /api/EligibilityData/getalleligibilityfilesinformation
POST /api/Entity/AddNewEntityAdminOrAuthorizedEntity
POST /api/Entity/DeleteEntities
POST /api/Entity/DeleteEntity
POST /api/Entity/SaveEntities
POST /api/Entity/SaveEntitiesExcelUpload
POST /api/Entity/SaveEntity
POST /api/Entity/SendEntityInvite
POST /api/Entity/SendEntityInvites
POST /api/Entity/SendEntityInvitesWithAttachments
POST /api/Entity/UpdateEntities
POST /api/Entity/UpdateLoginCreated
POST /api/Entity/ValidateEntity
POST /api/GHBInsurancePlan/SaveGHBInsurancePlan
POST /api/GHBInsurancePlan/SaveInsurancePlan
POST /api/Library/AddOrUpdateLibraryDocument
POST /api/Library/AddOrUpdateLibraryFolder
POST /api/Library/AddOrUpdateLibraryFolders
POST /api/Library/DeleteLibraryFolder
POST /api/Location/GetNearestLocationProviders
POST /api/Location/PopulateAllLocationCoordinates
POST /api/Location/SaveLocations
POST /api/Location/UpdateProviderLocation
POST /api/Location/ValidateLocation
POST /api/Location/savelocationservicesmapping
POST /api/Location/updatelocationservicesmapping
POST /api/LookupData/SaveEmailReciepients
POST /api/LookupData/SaveOperationCategory
POST /api/LookupData/UpdateEmailReciepients
POST /api/LookupData/ValidateEmailAddresses
POST /api/LookupData/deleteemailmanagementmapping
POST /api/ManagedCare/AddOrUpdateLocation
POST /api/ManagedCare/CreateUserNewRegistration
POST /api/ManagedCare/ProvidersEmailInformationAsync
POST /api/ManagedCare/ResetRegistrationPassword
POST /api/ManagedCare/SaveOwnerDemographics
POST /api/ManagedCare/SaveProviderAddress
POST /api/ManagedCare/SaveProviderDemographics
POST /api/ManagedCare/SendOwnerInfoAsyncByAdmin
POST /api/ManagedCare/SendUserInfoAsyncByOwner
POST /api/ManagedCare/ValidationCodeForEmail
POST /api/MenuItems/UpdateMenuItem
POST /api/Provider/DeleteProvider
POST /api/Provider/DeleteProvidersAddress
POST /api/Provider/DeleteProvidersDegree
POST /api/Provider/DivestmentProviders
POST /api/Provider/GetGeminiProviders
POST /api/Provider/ProvidersInvitation
POST /api/Provider/SaveProviders
POST /api/Provider/SaveProvidersAddress
POST /api/Provider/SaveProvidersDegree
POST /api/Provider/UpdateProviderStatus
POST /api/Provider/UpdateProviderTermsAcceptance
POST /api/Provider/UpdateProviders
POST /api/Provider/ValidateProvider
POST /api/PurchaseOrder/AddOrEditPurchaseOrder
POST /api/PurchaseOrder/AddOrUpdatePatient
POST /api/PurchaseOrder/AddPurchaseOrder
POST /api/PurchaseOrder/DeletePurchaseOrder
POST /api/PurchaseOrder/DeletePurchaseOrderDetails
POST /api/Scheduling/PurchaseOrder/AddPatient
POST /api/Scheduling/UpdateAppointment
POST /api/Scheduling/UpdatePatient
POST /api/Scheduling/UpdatePatientPrivacy
POST /api/Scheduling/addauditleadnotes
POST /api/Scheduling/appointment-notes
POST /api/Scheduling/appointments
POST /api/Scheduling/callcenter/digitalleads
POST /api/Scheduling/callcenter/patients
POST /api/Scheduling/callcenter/patientswithphones
POST /api/Scheduling/leads
POST /api/Scheduling/patientnote
POST /api/Scheduling/patients
POST /api/Scheduling/updatelead
POST /api/UserProfile/AddHCPProfileImage
POST /api/UserProfile/AddOrUpdateUser
POST /api/UserProfile/AddProfileImage
POST /api/UserProfile/ChangePassword
POST /api/UserProfile/CreateProviderAsync
POST /api/UserProfile/CreateUser
POST /api/UserProfile/DeleteUser
POST /api/UserProfile/ForgotPassword
POST /api/UserProfile/ResetPassword
POST /api/UserProfile/SendUserInvite
POST /api/UserProfile/SetUserActiveInactive
PUT /api/AccessPolicy/UpdateAllowedPermissionForRole
PUT /api/AccessPolicy/UpdateAllowedPolicies
PUT /api/AccessPolicy/UpdateAllowedRoles
PUT /api/AccessPolicy/UpdatePermissionsForRole
PUT /api/AccessPolicy/UpdatePolicy
PUT /api/AccessPolicy/UpdateRole

Found on 2026-02-02 00:17

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: public-api-stg.misoenergy.org
Port: 443
URL: https://public-api-stg.misoenergy.org

First seen 2026-01-13 12:11
Last seen 2026-01-23 11:20
Open for 9 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549a3e6d330c989163b10dfb061e50dc84eb0d8d727

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Ace
GET /api/BindingConstraints/RealTime
GET /api/BindingConstraints/Reserve
GET /api/BindingConstraints/SubRegional
GET /api/CoordinatedTransactionScheduling
GET /api/CsatNextDayShortTermReserveRequirement
GET /api/CsatSupplyDemand
GET /api/FuelMix
GET /api/FuelMix/Today
GET /api/FuelMix/Yesterday
GET /api/GenerationOutages/GetGenerationOutagesPlusMinusFiveDays
GET /api/GridCondition
GET /api/Interchange/GetNai/Imports
GET /api/Interchange/GetNai/{opts}
GET /api/Interchange/GetNsi/{opts}
GET /api/MarketPricing/GetAncillaryServicesMcp
GET /api/MarketPricing/GetExAnteLmp
GET /api/MarketPricing/GetLmpConsolidatedTable
GET /api/MarketPricing/GetRealTimeFiveMinExPost/Current
GET /api/MarketPricing/GetRealTimeFiveMinExPost/Previous
GET /api/MarketPricing/GetRealTimeFiveMinExPost/Rolling
GET /api/RandomCondition
GET /api/RealTimeRsgCommitments
GET /api/RealTimeTotalLoad
GET /api/RegionalDirectionalTransfer
GET /api/Snapshot
GET /api/Version
GET /api/WindSolar/GetCombined
GET /api/WindSolar/GetSolar
GET /api/WindSolar/GetSolarActual
GET /api/WindSolar/GetSolarForecast
GET /api/WindSolar/GetWind
GET /api/WindSolar/GetWindActual
GET /api/WindSolar/GetWindForecast

Found on 2026-01-23 11:20

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: camera.gicw.org
Port: 443
URL: https://camera.gicw.org

First seen 2025-12-27 02:59
Last seen 2026-01-23 05:18
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-23 05:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: api.retailaudittool.com
Port: 443
URL: https://api.retailaudittool.com

First seen 2026-01-12 20:40
Last seen 2026-01-23 00:36
Open for 10 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-23 00:36
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: api.vendas360.cloud
Port: 443
URL: https://api.vendas360.cloud

First seen 2026-01-04 09:56
Last seen 2026-01-22 21:39
Open for 18 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-22 21:39
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.118.48.5
Domain: api.eivfconnect.com
Port: 443
URL: https://api.eivfconnect.com

First seen 2026-01-01 08:47
Last seen 2026-01-16 15:59
Open for 15 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-16 15:59
Create report

Open service 20.118.48.5:443 · pumpsweetspot.com

2026-01-25 18:59

HTTP/1.1 200 OK
Content-Length: 3269
Connection: close
Content-Type: text/html
Date: Sun, 25 Jan 2026 18:59:54 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "381395a3268edc1:0"
Last-Modified: Sun, 25 Jan 2026 18:15:51 GMT
Set-Cookie: ARRAffinity=6ace6864694fef589c782567a3aeeb847d9f0a507421ef05f92c19d104f6f196;Path=/;HttpOnly;Secure;Domain=pumpsweetspot.com
Set-Cookie: ARRAffinitySameSite=6ace6864694fef589c782567a3aeeb847d9f0a507421ef05f92c19d104f6f196;Path=/;HttpOnly;SameSite=None;Secure;Domain=pumpsweetspot.com
X-Powered-By: ASP.NET

Page title: Microsoft Azure App Service - Welcome

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1.0"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><title>Microsoft Azure App Service - Welcome</title><link rel="shortcut icon" href="https://appservice.azureedge.net/images/app-service/v4/favicon.ico" type="image/x-icon"/><link href="https://appservice.azureedge.net/css/app-service/v4/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous"/><style>html, body{height: 100%; background-color: #ffffff; color: #000000; font-size: 13px;}*{border-radius: 0 !important;}</style><script src="https://appservice.azureedge.net/js/app-service/v4/loc.min.js" crossorigin="anonymous"></script><script type="text/javascript">window.onload=function (){try{var a=window.location.hostname; if (a.includes(".azurewebsites.net")){a=a.replace(".azurewebsites.net", "")};var b=document.getElementById("depCenterLink"); b.setAttribute("href", b.getAttribute("href") + "&sitename=" + a); loc()}catch (d){}}</script></head><body><nav class="navbar"><div class="navbar-brand "><div class="container pl-4 ml-5"><img src="https://appservice.azureedge.net/images/app-service/v4/azurelogo.svg" width="270" height="108" alt=""/></div></div></nav><div class="container-fluid mr-2 mt-5 pt-5"><div class="row"><div class="col-xs-12 col-sm-12 d-block d-lg-none d-xl-none d-md-block d-sm-block d-xs-block"><div class="text-center"><img src="https://appservice.azureedge.net/images/app-service/v4/web.svg"/></div></div><div class="pl-5 ml-5 col-xl-5 col-lg-5 col-md-10 col-sm-11 col-xs-11"><div class="container-fluid"><div class="row"><h2 id="upRunning">Your web app is running and waiting for your content</h2></div><div class="row mt-4 pt-4"><div id="appIsLive" style="font-size:16px;width: 516px;">Your web app is live, but we don’t have your content yet. If you’ve already deployed, it could take up to 5 minutes for your content to show up, so come back soon.</div></div><div class="row mt-4"><h5 class="mt-5"><img src="https://appservice.azureedge.net/images/app-service/v4/code.svg"/><span id="supporting">Supporting Node.js, Java, .NET and more</span></h5></div></div></div><div class="col-xl-5 col-lg-5 col-md-12 d-none d-lg-block"><div class="text-left"><img src="https://appservice.azureedge.net/images/app-service/v4/web.svg"/></div></div><div class="col-xl-1 col-lg-1 col-md-1"></div></div><div class="row mt-4"><div class="container-fluid"><div class="row mt-3"><div class="pl-5 ml-5 col-md-2 mt-4"><p><span id="haventDeployed">Haven’t deployed yet?</span><br/><span id="useDCenter">Use the deployment center to publish code or set up continuous deployment.</span><br/><a id="depCenterLink" href="https://go.microsoft.com/fwlink/?linkid=2057852"><button class="btn btn-primary mt-4" type="submit" id="deplCenter">Deployment center</button></a></p></div><div class="pl-5 ml-5 col-md-2 mt-4"><p><span id="newWebSite">Starting a new web site?</span><br/><span id="followQS">Follow our Quickstart guide to get a web app ready quickly.</span><br/><a href="https://go.microsoft.com/fwlink/?linkid=2084231"><button class="btn btn-primary mt-4" type="submit" id="quickStart">Quickstart</button></a></p></div></div></div></div></div></body></html>

Found 2026-01-25 by HttpPlugin

Host 20.118.48.5

United States

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

new2.justpickem.com

t800-dev-testapi.securelyme.io

dev-api.vendas360.cloud

api.insights.archamenity.com

api.letsfit.uy

public-api-stg.misoenergy.org

camera.gicw.org

*.dv3.bplhost.comdv3.bplhost.com

webapi-usc.torus-technology.com

api.retailaudittool.com

*.greathearingbenefits.comgreathearingbenefits.com

api.vendas360.cloud

engagedmd.eivfconnect.com

crmconnector.eivfconnect.com

uat-data2.wshcloud.com

*.wshcloud.comwshcloud.com

optumuat.wshcloud.com

firesale.siouxchief.com

app.gymshare.co

digitalprofiles.sela.sa

app.phalback.com

api2.growlink.com

cognizantclasscert.com

www.cognizantclasscert.com

dev.stsrules.com

api.retailaudittool.com

files.abacusucr.com

files-dev.abacusucr.com

dev.abacusucr.com

files-test.abacusucr.com

scienceandhumans.comwww.scienceandhumans.com

test.abacusucr.com

app.abacusucr.com

www.umbracolombia.com

www.lynx.events

mysetmatch.com

www.mysetmatch.com

Domain summary