LeakIX - Host 20.50.2.7

Host 20.50.2.7

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Debian

Software information

Apache Apache

tcp/443 tcp/80

Apache Apache 2.4.54

tcp/443

Apache Apache 2.4.53

tcp/443

Kestrel Kestrel

tcp/443 tcp/80

gunicorn

tcp/443

nginx nginx 1.21.1

tcp/443

nginx nginx

tcp/443 tcp/80

nginx nginx 1.28.0

tcp/443

nginx nginx 1.29.4

tcp/443

nginx nginx 1.27.1

tcp/443

nginx nginx 1.27.3

tcp/443

nginx nginx 1.18.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: uat.courts.gov.ng
Port: 443
URL: https://uat.courts.gov.ng

First seen 2025-12-29 10:32
Last seen 2026-02-09 23:18
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-02-09 23:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: calendar.api.vib.be
Port: 443
URL: https://calendar.api.vib.be

First seen 2025-12-29 09:45
Last seen 2026-02-09 23:18
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60698956ff98d46ded7e21297f92698464ce1518a8
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/resources/{calendarResourceId}
GET /api/v1/resources/{resourceId}/event/{eventId}
POST /api/v1/microsoft365/events/notify
POST /api/v1/resources
POST /api/v1/resources/list
POST /api/v1/resources/{calendarResourceId}/availability
POST /api/v1/resources/{calendarResourceId}/events
POST /api/v1/resources/{resourceId}/event
POST /api/v1/resources/{resourceId}/event/{eventId}/cancel
POST /api/v1/resources/{resourceId}/event/{eventId}/recurring-events
PUT /api/v1/resources/{resourceId}/subcription
```
  Found on 2026-02-09 23:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dot-papti.ws.cloud-dev.moviatrafik.dk
Port: 443
URL: https://dot-papti.ws.cloud-dev.moviatrafik.dk

First seen 2025-12-11 07:00
Last seen 2026-02-09 23:03
Open for 60 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549975d5cc7d41fd9cda1e61e2207ccb64b3a5c6cab
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /Departures/{stopPointId}/{lineRef}
GET /DeparturesLines/{stopPointId}/{lineRefs}
GET /DeviationMessage
GET /DeviationsLine/{lineRef}
GET /Lines/{stopPointId}
```
  Found on 2026-02-09 23:03
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: api.atea-events-app-prod.imsd.ateafinland.fi
Port: 443
URL: https://api.atea-events-app-prod.imsd.ateafinland.fi

First seen 2025-10-28 11:14
Last seen 2026-02-09 22:47
Open for 104 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-02-09 22:47

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549157d32e99143ca7e57318293725f36281a834ad0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/location/{id}
DELETE /api/partner/{partnerId}
DELETE /api/session/{sessionId}
DELETE /api/stream/{streamId}
GET /api/chatbot/chatbot/token
GET /api/dynamics
GET /api/event
GET /api/event/{id}
GET /api/event/{id}/partial
GET /api/faq
GET /api/faq/{id}
GET /api/leads
GET /api/leads/getleadsbycurrentuser
GET /api/leads/{id}
GET /api/location
GET /api/locationpointer
GET /api/monitoring/application-insights
GET /api/news
GET /api/news/{id}
GET /api/partner
GET /api/photo/{id}
GET /api/qrcode/getallqrcodes
GET /api/qrcode/getqrcodebyregistrationid
GET /api/roles
GET /api/speakers
GET /api/speakers/{id}
GET /api/stream
GET /api/users/current
GET /api/users/getallusers
GET /api/users/getusers
GET /api/users/registration/{registrationId}
GET /api/users/{id}
POST /api/auth/adminlogin
POST /api/auth/adminrefreshtoken
POST /api/auth/createpasscode
POST /api/auth/forgotpassword
POST /api/auth/loginwithpasscode
POST /api/auth/loginwithpassword
POST /api/auth/refreshtoken
POST /api/importcsv
POST /api/photo/upload
POST /api/qrcode
POST /api/session
POST /api/users
POST /api/users/requestaccountdeletion
POST /api/usersfavourite
PUT /api/auth/resetpassword
PUT /api/users/bulk
PUT /api/users/setfcmtoken
PUT /api/users/updatepassword

Found on 2026-02-02 10:59

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549157d32e99143ca7e57318293725f3628015b1859

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/location/{id}
DELETE /api/partner/{partnerId}
DELETE /api/session/{sessionId}
DELETE /api/stream/{streamId}
GET /api/chatbot/chatbot/token
GET /api/dynamics
GET /api/event
GET /api/event/{id}
GET /api/event/{id}/partial
GET /api/faq
GET /api/faq/{id}
GET /api/leads/getleadsbycurrentuser
GET /api/leads/{id}
GET /api/location
GET /api/locationpointer
GET /api/monitoring/application-insights
GET /api/news
GET /api/news/{id}
GET /api/partner
GET /api/photo/{id}
GET /api/qrcode/getallqrcodes
GET /api/qrcode/getqrcodebyregistrationid
GET /api/roles
GET /api/speakers
GET /api/speakers/{id}
GET /api/stream
GET /api/users/current
GET /api/users/getallusers
GET /api/users/getusers
GET /api/users/registration/{registrationId}
GET /api/users/{id}
POST /api/auth/adminlogin
POST /api/auth/adminrefreshtoken
POST /api/auth/createpasscode
POST /api/auth/forgotpassword
POST /api/auth/loginwithpasscode
POST /api/auth/loginwithpassword
POST /api/auth/refreshtoken
POST /api/leads
POST /api/photo/upload
POST /api/qrcode
POST /api/session
POST /api/users
POST /api/users/requestaccountdeletion
POST /api/usersfavourite
PUT /api/auth/resetpassword
PUT /api/users/bulk
PUT /api/users/setfcmtoken
PUT /api/users/updatepassword

Found on 2025-11-12 16:00

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549601dc76e687c30b01af55decd44c35fa241c4753

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/chatbot/chatbot/token
GET /api/dynamics
GET /api/event
GET /api/event/{id}
GET /api/faq
GET /api/faq/{id}
GET /api/leads/getleadsbycurrentuser
GET /api/leads/{id}
GET /api/locationpointer
GET /api/monitoring/application-insights
GET /api/news
GET /api/news/{id}
GET /api/photo/{id}
GET /api/qrcode/getallqrcodes
GET /api/qrcode/getqrcodebyregistrationid
GET /api/roles
GET /api/speakers
GET /api/speakers/{id}
GET /api/users/current
GET /api/users/getallusers
GET /api/users/getusers
GET /api/users/registration/{registrationId}
GET /api/users/{id}
POST /api/auth/adminlogin
POST /api/auth/adminrefreshtoken
POST /api/auth/createpasscode
POST /api/auth/forgotpassword
POST /api/auth/loginwithpasscode
POST /api/auth/loginwithpassword
POST /api/auth/refreshtoken
POST /api/leads
POST /api/photo/upload
POST /api/qrcode
POST /api/users
POST /api/users/requestaccountdeletion
POST /api/usersfavourite
PUT /api/auth/resetpassword
PUT /api/users/bulk
PUT /api/users/setfcmtoken
PUT /api/users/updatepassword

Found on 2025-11-07 00:56

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dashboard-staging-api.greenstuffworld.com
Port: 443
URL: https://dashboard-staging-api.greenstuffworld.com

First seen 2025-10-21 08:26
Last seen 2026-02-09 20:49
Open for 111 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b0094a79b93f0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.getById.{Id}
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /banners.uploadImage
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.edit
POST /categories.sort
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /media.uploadVideo
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /products.uploadImage
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /salesChannels.add
POST /salesChannels.delete
POST /salesChannels.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signOut
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2026-02-09 20:49

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b0094ab73b18c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /banners.uploadImage
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.sortProducts
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /media.uploadVideo
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /products.uploadImage
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signOut
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2026-02-02 09:23

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b00943773851a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /banners.uploadImage
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /products.uploadImage
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signOut
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2026-01-23 11:35

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b009418079519

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signOut
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2026-01-02 02:01

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b0094d1bfbbd9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2025-12-30 10:46

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b00943861174f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.rebootPretashopAwsInstance
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2025-11-23 11:35

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b0094676890c9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /intrastatReports.get
GET /intrastatReports.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.rebootPretashopAwsInstance
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signInWithPassword
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2025-11-16 17:19

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-11-12 23:02

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b0094b567e4b7

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.rebootPretashopAwsInstance
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.compensationDiscount.add
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signInWithPassword
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2025-11-07 09:31

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354934794f5261d613c96ba62b5afb7b0094f14081b9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /affiliates.getById
GET /affiliates.list
GET /banners.getById.{Id}
GET /banners.list
GET /businessAccounts.getById.{Id}
GET /businessAccounts.groups.getById.{Id}
GET /businessAccounts.groups.list
GET /businessAccounts.invoiceAddress.{Id}
GET /businessAccounts.list
GET /categories.getById.{Id}
GET /categories.list
GET /countries.list
GET /creditRequests.getById.{Id}
GET /creditRequests.list
GET /customers.getById.{Id}
GET /customers.list
GET /customers.search
GET /customers.tags.list
GET /discounts.getById.{Id}
GET /discounts.list
GET /emailNotificationSettings.getById.{Id}
GET /emailNotificationSettings.list
GET /employees.getById.{Id}
GET /employees.list
GET /invoices.generateCsvFile
GET /invoices.generatePdfById.{Id}
GET /invoices.getById.{Id}
GET /invoices.getCustoms.{Id}
GET /invoices.list
GET /legacySystem.listCloudflareIps
GET /orders.getById.{Id}
GET /orders.getCustomsInvoice.{Id}
GET /orders.getInvoice.{Id}
GET /orders.getOrderDeliveryNote.{Id}
GET /orders.getProformaInvoice.{Id}
GET /orders.getRefundDetails.ById.{Id}
GET /orders.getTscaCertificateInformation
GET /orders.list
GET /orders.packages.getOrderPackagingDetails.{Id}
GET /orders.tags.list
GET /packages.getById.{Id}
GET /packages.list
GET /pickers.getById.{Id}
GET /pickers.list
GET /products.customs.getById.{Id}
GET /products.customs.list
GET /products.getById.{Id}
GET /products.list
GET /products.listBaseModel
GET /products.search
GET /roles.getById.{Id}
GET /roles.list
GET /roles.listAll
GET /salesChannels.list
GET /shippingCarriers.getById.{Id}
GET /shippingCarriers.list
GET /shippingCarriers.zones.getById.{Id}
GET /users.getProfile
POST /affiliates.add
POST /affiliates.approveOrRejectAffiliate
POST /banners.add
POST /banners.delete
POST /banners.edit
POST /businessAccounts.add
POST /businessAccounts.delete
POST /businessAccounts.edit
POST /businessAccounts.groups.add
POST /businessAccounts.groups.delete
POST /businessAccounts.groups.edit
POST /businessAccounts.invoiceAddress.add
POST /categories.add
POST /categories.assignToProduct
POST /categories.edit
POST /categories.sort
POST /categories.unAssignProduct
POST /creditRequests.add
POST /creditRequests.approve
POST /creditRequests.reject
POST /customers.addAddress
POST /customers.edit
POST /customers.editAddress
POST /discounts.add
POST /discounts.edit
POST /discounts.generateCode
POST /emailNotificationSettings.edit
POST /employees.add
POST /employees.delete
POST /employees.edit
POST /legacySystem.addIpToCloudflareList
POST /legacySystem.clearPrestashopCache
POST /legacySystem.rebootPretashopAwsInstance
POST /legacySystem.removeIpFromCloudflareList
POST /media.uploadImage
POST /orders.cancel
POST /orders.invoiceAddress.update
POST /orders.items.add
POST /orders.packages.addOrderItem
POST /orders.packages.addPackage
POST /orders.packages.addShippingTracking
POST /orders.packages.removeOrderItem
POST /orders.packages.removePackage
POST /orders.refund
POST /orders.setAsShipped
POST /orders.tags.edit
POST /orders.transactions.add
POST /orders.transactions.edit
POST /orders.updateOrderStatus
POST /packages.add
POST /packages.delete
POST /packages.edit
POST /pickers.add
POST /pickers.edit
POST /products.add
POST /products.customs.add
POST /products.customs.delete
POST /products.customs.edit
POST /products.edit
POST /products.setStatus
POST /roles.add
POST /roles.delete
POST /roles.edit
POST /shippingCarriers.add
POST /shippingCarriers.edit
POST /shippingCarriers.zones.add
POST /shippingCarriers.zones.delete
POST /shippingCarriers.zones.edit
POST /users.refreshToken
POST /users.sendSignInMagicLink
POST /users.signInWithPassword
POST /users.updateProfile
POST /users.verifySignInToken
POST /viesCode.validate

Found on 2025-11-05 11:01

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dev.api.forecasting.ai
Port: 443
URL: https://dev.api.forecasting.ai

First seen 2026-01-02 03:23
Last seen 2026-02-09 17:45
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549dbe08907e5770da110cd6cd410e6dd13fab0d6d5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Countries
GET /api/Countries/{id}
GET /api/Hashtags
GET /api/Hashtags/{id}
GET /api/Notifications
GET /api/Notifications/{id}
GET /api/Posts
GET /api/Posts/connectedprofileposts
GET /api/Posts/followedprofileposts
GET /api/Posts/{id}
GET /api/ProfileInvitations
GET /api/ProfileInvitations/{id}
GET /api/ProfileLinks
GET /api/ProfileLinks/{id}
GET /api/Profiles
GET /api/Profiles/{id}
GET /api/Ratings
GET /api/Ratings/{id}
GET /api/Services
GET /api/Services/{id}
GET /api/Tags
GET /api/Tags/{id}
GET /api/UserProfiles
GET /api/UserProfiles/{id}
GET /api/Users
GET /api/Users/current
GET /api/Users/{id}
PUT /api/Posts/{id}/status

Found on 2026-02-09 17:45

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549dbe08907e5770da110cd6cd410e6dd13341ee74c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Countries
GET /api/Countries/{id}
GET /api/Hashtags
GET /api/Hashtags/{id}
GET /api/Notifications
GET /api/Notifications/{id}
GET /api/Posts
GET /api/Posts/{id}
GET /api/ProfileInvitations
GET /api/ProfileInvitations/{id}
GET /api/ProfileLinks
GET /api/ProfileLinks/{id}
GET /api/Profiles
GET /api/Profiles/{id}
GET /api/Ratings
GET /api/Ratings/{id}
GET /api/Services
GET /api/Services/{id}
GET /api/Tags
GET /api/Tags/{id}
GET /api/UserProfiles
GET /api/UserProfiles/{id}
GET /api/Users
GET /api/Users/current
GET /api/Users/{id}
PUT /api/Posts/{id}/status

Found on 2026-01-16 22:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: api-staging.x4tarif.com
Port: 443
URL: https://api-staging.x4tarif.com

First seen 2025-12-20 08:24
Last seen 2026-02-09 17:26
Open for 51 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-02-09 17:26

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549653bdf2bd3ac03771289d44eab7770eaaf6beb3b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /ContentManagement/Data/{key}/{language}
DELETE /ContentManagement/Templates/File/{key}/{language}
DELETE /ContentManagement/Templates/{key}/{language}
GET /Account/RequestResetPassword
GET /Account/user
GET /Admin
GET /ContentManagement/Data/{key}
GET /ContentManagement/Templates
GET /ContentManagement/Templates/{key}
GET /ContentManagement/{scope}/Data
GET /Data/Schema/{key}
GET /Data/Schema/{scheduleId}/{key}
GET /Data/Values/{key}
GET /Data/Values/{scheduleId}/{key}
GET /Data/{scope}/Model/{modelId}
GET /Data/{scope}/Schema
GET /Data/{scope}/Schema/{scheduleId}
GET /Data/{scope}/Values/{scheduleId}
GET /Exchange
GET /Global/AstagGu
GET /Global/Countries
GET /Global/Currencies
GET /Global/Languages
GET /Global/{countryCode}/Search
GET /Home
GET /Organizations
GET /Organizations/Info
GET /Organizations/Info/{id}
GET /TariffModel
GET /TariffModel/Schema/{modelId}
GET /TariffModel/{modelId}
GET /TariffSchedules
GET /TariffSchedules/Simple
GET /TariffSchedules/{scheduleId}
GET /TariffSchedules/{scheduleId}/{key}
GET /TariffTemplates
GET /Users
GET /Users/Info
GET /Users/Info/{id}
GET /Users/Invitations
POST /Account/Invite
POST /Account/Login
POST /Account/Register/{tokenString}
POST /Admin/Init
POST /ContentManagement/{templateKey}/{languageKey}/Upload
POST /TariffModel/{modelId}/Calculate
POST /TariffSchedules/{scheduleId}/Calculate
PUT /Account/ResetPassword
PUT /Organizations/Upload
PUT /Organizations/{id}
PUT /TariffSchedules/{id}
PUT /TariffTemplates/Import/{templateKey}
PUT /Users/Activate/{id}
PUT /Users/Deactivate/{id}
PUT /Users/Upload
PUT /Users/{id}

Found on 2026-01-23 11:23

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dba-djss.ws.cloud-dev.moviatrafik.dk
Port: 443
URL: https://dba-djss.ws.cloud-dev.moviatrafik.dk

First seen 2026-01-11 05:33
Last seen 2026-02-09 16:33
Open for 29 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a07558779d8a3ab1a281f290a281f290a281f290
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /DiscontinuedJourney
GET /DiscontinuedJourney/{journeyRef}
PUT /DiscontinuedJourney/SwornStatement/{journeyRef|deviationCaseId}/{status}
```
  Found on 2026-02-09 16:33
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: test.policy.ciam.munichre.com
Port: 443
URL: https://test.policy.ciam.munichre.com

First seen 2025-11-04 08:29
Last seen 2026-02-09 15:21
Open for 97 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cb147c2ddc4bf8a50e41804497aaac05f702e0a3

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/health/centralapi
GET /api/health/ping
POST /api/applicationValidation
POST /api/applicationValidation/retrieveByIdentifierUri
POST /api/changePassword/validate
POST /api/emailVerification/send
POST /api/emailVerification/verify
POST /api/hsb/propertyMigration
POST /api/invitationValidation/validate
POST /api/mfa/check
POST /api/mfa/options
POST /api/mfa/required
POST /api/mfa/track
POST /api/mrdpApplications/tokenEnrichment
POST /api/recoveryCodes/activated
POST /api/recoveryCodes/options
POST /api/signInValidation/accepted
POST /api/signInValidation/accountlinking
POST /api/signInValidation/activateaccount
POST /api/signInValidation/builddirectoryprofile
POST /api/signInValidation/builddisplayname
POST /api/signInValidation/checkRequireSignIn
POST /api/signInValidation/checkUserExistence
POST /api/signInValidation/checkautomaticonboarding
POST /api/signInValidation/checkautomaticonboarding2
POST /api/signInValidation/idps2
POST /api/signInValidation/processlogin
POST /api/signInValidation/processlogin2
POST /api/signInValidation/resolveparameters
POST /api/signInValidation/validateinviteaccepted
POST /api/signInValidation/validateuserisprovisioned
POST /api/signInValidation/verifyhasmultipleidps
POST /api/signup/addNewUserToApplication
POST /api/signup/emailUsed
POST /api/synchronization/user
POST /api/tokenEnrichment

Found on 2026-02-09 15:21

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cb147c2deb50ea9c54fffa4d9dbe1a17254bdb0b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/health/ping
POST /api/applicationValidation
POST /api/applicationValidation/retrieveByIdentifierUri
POST /api/changePassword/validate
POST /api/emailVerification/send
POST /api/emailVerification/verify
POST /api/hsb/propertyMigration
POST /api/invitationValidation/validate
POST /api/mfa/check
POST /api/mfa/options
POST /api/mfa/required
POST /api/mfa/track
POST /api/mrdpApplications/tokenEnrichment
POST /api/recoveryCodes/activated
POST /api/recoveryCodes/options
POST /api/signInValidation/accepted
POST /api/signInValidation/accountlinking
POST /api/signInValidation/activateaccount
POST /api/signInValidation/builddirectoryprofile
POST /api/signInValidation/builddisplayname
POST /api/signInValidation/checkRequireSignIn
POST /api/signInValidation/checkUserExistence
POST /api/signInValidation/checkautomaticonboarding
POST /api/signInValidation/checkautomaticonboarding2
POST /api/signInValidation/idps2
POST /api/signInValidation/processlogin
POST /api/signInValidation/processlogin2
POST /api/signInValidation/resolveparameters
POST /api/signInValidation/validateinviteaccepted
POST /api/signInValidation/validateuserisprovisioned
POST /api/signInValidation/verifyhasmultipleidps
POST /api/signup/addNewUserToApplication
POST /api/signup/emailUsed
POST /api/synchronization/user
POST /api/tokenEnrichment

Found on 2026-01-16 17:22

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cb147c2deb50ea9c54fffa4d9dbe1a173b9694c7

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/health/ping
POST /api/applicationValidation
POST /api/applicationValidation/retrieveByIdentifierUri
POST /api/changePassword/validate
POST /api/emailVerification/send
POST /api/emailVerification/verify
POST /api/hsb/propertyMigration
POST /api/invitationValidation/validate
POST /api/mfa/check
POST /api/mfa/options
POST /api/mrdpApplications/tokenEnrichment
POST /api/recoveryCodes/activated
POST /api/recoveryCodes/options
POST /api/signInValidation/accepted
POST /api/signInValidation/accountlinking
POST /api/signInValidation/activateaccount
POST /api/signInValidation/builddirectoryprofile
POST /api/signInValidation/builddisplayname
POST /api/signInValidation/checkRequireSignIn
POST /api/signInValidation/checkUserExistence
POST /api/signInValidation/checkautomaticonboarding
POST /api/signInValidation/checkautomaticonboarding2
POST /api/signInValidation/idps2
POST /api/signInValidation/processlogin
POST /api/signInValidation/processlogin2
POST /api/signInValidation/resolveparameters
POST /api/signInValidation/validateinviteaccepted
POST /api/signInValidation/validateuserisprovisioned
POST /api/signInValidation/verifyhasmultipleidps
POST /api/signup/addNewUserToApplication
POST /api/signup/emailUsed
POST /api/synchronization/user
POST /api/tokenEnrichment

Found on 2026-01-02 06:49

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: learning.courts.gov.ng
Port: 443
URL: https://learning.courts.gov.ng

First seen 2025-12-29 10:06
Last seen 2026-02-09 14:49
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-02-09 14:49
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: app.onburd.com
Port: 80
URL: http://app.onburd.com

First seen 2025-01-13 20:58
Last seen 2026-02-08 19:41
Open for 390 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176422b63f4829d750e299d750e299d750e29
```
Found 2 files trough .DS_Store spidering:

/css
/icons
```
  Found on 2026-02-08 19:41
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dashboard.mariusmarina.ro
Port: 443
URL: https://dashboard.mariusmarina.ro

First seen 2026-01-11 16:36
Last seen 2026-02-02 09:04
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 09:04
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: connectfleetapi.scanreach.com
Port: 443
URL: https://connectfleetapi.scanreach.com

First seen 2025-12-12 01:49
Last seen 2026-02-02 06:56
Open for 52 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d48037bfb5205f9efa335cf9c60dbd4f8e0da6fc

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /Claims
GET /Version
GET /api/access/member
GET /api/access/member/{azureAdB2CId}
GET /api/answer-invitation/{token}
GET /api/me
GET /api/organizations
GET /api/organizations/{organizationId}
GET /api/organizations/{organizationId}/api-tokens
GET /api/organizations/{organizationId}/api-tokens/{apiTokenId}
GET /api/organizations/{organizationId}/invitations
GET /api/organizations/{organizationId}/members
GET /api/organizations/{organizationId}/sites
GET /api/organizations/{organizationId}/sites/{siteId}
GET /api/organizations/{organizationId}/sites/{siteId}/embarkedPersonnel
GET /api/organizations/{organizationId}/sites/{siteId}/nodes
GET /api/organizations/{organizationId}/sites/{siteId}/snapshots
GET /api/organizations/{organizationId}/sites/{siteId}/view
POST /api/organizations/{organizationId}/invitations/{invitationId}/resend
PUT /api/organizations/{organizationId}/invitations/{invitationId}
PUT /api/organizations/{organizationId}/members/{memberId}

Found on 2026-02-02 06:56

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-16 08:01

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d607e6df0a058017ea949863cf224b3c346106ac203

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /Claims
GET /Version
GET /api/access/member
GET /api/access/member/{azureAdB2CId}
GET /api/answer-invitation/{token}
GET /api/me
GET /api/organizations
GET /api/organizations/{organizationId}
GET /api/organizations/{organizationId}/api-tokens
GET /api/organizations/{organizationId}/api-tokens/{apiTokenId}
GET /api/organizations/{organizationId}/invitations
GET /api/organizations/{organizationId}/members
GET /api/organizations/{organizationId}/sites
GET /api/organizations/{organizationId}/sites/{siteId}
GET /api/organizations/{organizationId}/sites/{siteId}/embarkedPersonnel
GET /api/organizations/{organizationId}/sites/{siteId}/nodes
GET /api/organizations/{organizationId}/sites/{siteId}/snapshots
GET /api/organizations/{organizationId}/sites/{siteId}/view
POST /api/organizations/{organizationId}/invitations/{invitationId}/resend
PUT /api/organizations/{organizationId}/invitations/{invitationId}
PUT /api/organizations/{organizationId}/members/{memberId}

Found on 2025-12-19 09:57

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: efiling.nigerianbar.ng
Port: 443
URL: https://efiling.nigerianbar.ng

First seen 2025-12-29 09:11
Last seen 2026-02-02 06:16
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-02-02 06:16
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: efiling.courts.gov.ng
Port: 443
URL: https://efiling.courts.gov.ng

First seen 2025-12-29 09:11
Last seen 2026-02-02 06:16
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-02-02 06:16
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: app.nairabox.com
Port: 443
URL: https://app.nairabox.com

First seen 2025-11-17 14:27
Last seen 2026-02-02 05:51
Open for 76 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176422b63f4829d750e299d750e299d750e29
```
Found 2 files trough .DS_Store spidering:

/css
/icons
```
  Found on 2026-02-02 05:51
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: eurofirms-cpq-dev.eurofirms.es
Port: 443
URL: https://eurofirms-cpq-dev.eurofirms.es

First seen 2026-01-11 13:29
Last seen 2026-02-02 05:29
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 05:29
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: vehicle-consumption.ws-dev.moviatrafik.dk
Port: 443
URL: https://vehicle-consumption.ws-dev.moviatrafik.dk

First seen 2025-12-28 06:29
Last seen 2026-02-01 22:21
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60adbd378be7762b4ae7762b4ae7762b4ae7762b4a
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /DataLog/ElectricVehicle
POST /DataLog/ElectricVehicleBatch
```
  Found on 2026-02-01 22:21
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: apc-ots.ws-dev.moviatrafik.dk
Port: 443
URL: https://apc-ots.ws-dev.moviatrafik.dk

First seen 2025-12-28 06:30
Last seen 2026-02-01 22:21
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60fa9712a4f84cc579f84cc579f84cc579f84cc579
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /CountingReport
POST /CountingReport/Batch
```
  Found on 2026-02-01 22:21
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: api.acceptance.myiwell.nl
Port: 443
URL: https://api.acceptance.myiwell.nl

First seen 2025-11-04 15:06
Last seen 2026-02-01 22:05
Open for 89 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-02-01 22:05

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d2f52cbbab8cead8f0aedcae94e46157abf1ef85

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/alerts/export
GET /api/v1/batteries
GET /api/v1/batteries/edgemodules
GET /api/v1/batteries/{deviceId}/specification
GET /api/v1/batteries/{deviceId}/status
GET /api/v1/batteries/{deviceId}/telemetry
GET /api/v1/curtailment/{deviceId}/curtailmentdevices
GET /api/v1/edge-devices
GET /api/v1/forecasts/{siteId}/grid-energy
GET /api/v1/location/{cubeId}
GET /api/v1/locations/search
GET /api/v1/maintenance-windows
GET /api/v1/site-mappings
POST /api/v1/alerts/event
POST /api/v1/api-keys/regenerate
POST /api/v1/batteries/powersetpointschedule
POST /api/v1/batteries/triggerTelemetryUpload
POST /api/v1/curtailment/{deviceId}/schedule

Found on 2025-12-25 05:05

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d2f52cbbab8cead8f0aedcae94e461576207ec80

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/alerts/export
GET /api/v1/batteries
GET /api/v1/batteries/edgemodules
GET /api/v1/batteries/{deviceId}/specification
GET /api/v1/batteries/{deviceId}/status
GET /api/v1/batteries/{deviceId}/telemetry
GET /api/v1/curtailment/{deviceId}/curtailmentdevices
GET /api/v1/forecasts/{siteId}/grid-energy
GET /api/v1/location/{cubeId}
GET /api/v1/locations/search
GET /api/v1/maintenance-windows
GET /api/v1/site-mappings
POST /api/v1/alerts/event
POST /api/v1/api-keys/regenerate
POST /api/v1/batteries/powersetpointschedule
POST /api/v1/batteries/triggerTelemetryUpload
POST /api/v1/curtailment/{deviceId}/schedule

Found on 2025-12-01 13:46

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: apc.ws-dev.moviatrafik.dk
Port: 443
URL: https://apc.ws-dev.moviatrafik.dk

First seen 2025-12-28 06:31
Last seen 2026-01-23 00:52
Open for 25 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d608e8c789666980c36a14cef26a52cb233f026e71e
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /Journey/CurrentByVehicle/{vehicleRef}
GET /Journey/TimeTable/{date}
POST /CountingReport
POST /CountingReport/Batch
POST /PositionReport
POST /PositionReport/Batch
```
  Found on 2026-01-23 00:52
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dot-papti.ws-dev.moviatrafik.dk
Port: 443
URL: https://dot-papti.ws-dev.moviatrafik.dk

First seen 2025-12-09 09:54
Last seen 2026-01-16 11:53
Open for 38 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549975d5cc7d41fd9cda1e61e2207ccb64b3a5c6cab
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /Departures/{stopPointId}/{lineRef}
GET /DeparturesLines/{stopPointId}/{lineRefs}
GET /DeviationMessage
GET /DeviationsLine/{lineRef}
GET /Lines/{stopPointId}
```
  Found on 2026-01-16 11:53
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: dev.policy.ciam.munichre.com
Port: 443
URL: https://dev.policy.ciam.munichre.com

First seen 2025-11-04 08:16
Last seen 2026-01-16 02:36
Open for 72 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-16 02:36

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cb147c2deb50ea9c54fffa4d9dbe1a17254bdb0b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/health/ping
POST /api/applicationValidation
POST /api/applicationValidation/retrieveByIdentifierUri
POST /api/changePassword/validate
POST /api/emailVerification/send
POST /api/emailVerification/verify
POST /api/hsb/propertyMigration
POST /api/invitationValidation/validate
POST /api/mfa/check
POST /api/mfa/options
POST /api/mfa/required
POST /api/mfa/track
POST /api/mrdpApplications/tokenEnrichment
POST /api/recoveryCodes/activated
POST /api/recoveryCodes/options
POST /api/signInValidation/accepted
POST /api/signInValidation/accountlinking
POST /api/signInValidation/activateaccount
POST /api/signInValidation/builddirectoryprofile
POST /api/signInValidation/builddisplayname
POST /api/signInValidation/checkRequireSignIn
POST /api/signInValidation/checkUserExistence
POST /api/signInValidation/checkautomaticonboarding
POST /api/signInValidation/checkautomaticonboarding2
POST /api/signInValidation/idps2
POST /api/signInValidation/processlogin
POST /api/signInValidation/processlogin2
POST /api/signInValidation/resolveparameters
POST /api/signInValidation/validateinviteaccepted
POST /api/signInValidation/validateuserisprovisioned
POST /api/signInValidation/verifyhasmultipleidps
POST /api/signup/addNewUserToApplication
POST /api/signup/emailUsed
POST /api/synchronization/user
POST /api/tokenEnrichment

Found on 2026-01-09 02:56

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cb147c2deb50ea9c54fffa4d9dbe1a17ea561813

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/health/ping
POST /api/applicationValidation
POST /api/applicationValidation/retrieveByIdentifierUri
POST /api/changePassword/validate
POST /api/emailVerification/send
POST /api/emailVerification/verify
POST /api/hsb/propertyMigration
POST /api/invitationValidation/validate
POST /api/mfa/check
POST /api/mfa/options
POST /api/mfa/track
POST /api/mrdpApplications/tokenEnrichment
POST /api/recoveryCodes/activated
POST /api/recoveryCodes/options
POST /api/signInValidation/accepted
POST /api/signInValidation/accountlinking
POST /api/signInValidation/activateaccount
POST /api/signInValidation/builddirectoryprofile
POST /api/signInValidation/builddisplayname
POST /api/signInValidation/checkRequireSignIn
POST /api/signInValidation/checkUserExistence
POST /api/signInValidation/checkautomaticonboarding
POST /api/signInValidation/checkautomaticonboarding2
POST /api/signInValidation/idps2
POST /api/signInValidation/processlogin
POST /api/signInValidation/processlogin2
POST /api/signInValidation/resolveparameters
POST /api/signInValidation/validateinviteaccepted
POST /api/signInValidation/validateuserisprovisioned
POST /api/signInValidation/verifyhasmultipleidps
POST /api/signup/addNewUserToApplication
POST /api/signup/emailUsed
POST /api/synchronization/user
POST /api/tokenEnrichment

Found on 2026-01-02 00:05

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cb147c2deb50ea9c54fffa4d9dbe1a173b9694c7

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/health
GET /api/health/ping
POST /api/applicationValidation
POST /api/applicationValidation/retrieveByIdentifierUri
POST /api/changePassword/validate
POST /api/emailVerification/send
POST /api/emailVerification/verify
POST /api/hsb/propertyMigration
POST /api/invitationValidation/validate
POST /api/mfa/check
POST /api/mfa/options
POST /api/mrdpApplications/tokenEnrichment
POST /api/recoveryCodes/activated
POST /api/recoveryCodes/options
POST /api/signInValidation/accepted
POST /api/signInValidation/accountlinking
POST /api/signInValidation/activateaccount
POST /api/signInValidation/builddirectoryprofile
POST /api/signInValidation/builddisplayname
POST /api/signInValidation/checkRequireSignIn
POST /api/signInValidation/checkUserExistence
POST /api/signInValidation/checkautomaticonboarding
POST /api/signInValidation/checkautomaticonboarding2
POST /api/signInValidation/idps2
POST /api/signInValidation/processlogin
POST /api/signInValidation/processlogin2
POST /api/signInValidation/resolveparameters
POST /api/signInValidation/validateinviteaccepted
POST /api/signInValidation/validateuserisprovisioned
POST /api/signInValidation/verifyhasmultipleidps
POST /api/signup/addNewUserToApplication
POST /api/signup/emailUsed
POST /api/synchronization/user
POST /api/tokenEnrichment

Found on 2025-12-16 09:39

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.7
Domain: api.fudura.acceptance.myiwell.nl
Port: 443
URL: https://api.fudura.acceptance.myiwell.nl

First seen 2025-10-14 13:43
Last seen 2025-11-03 18:58
Open for 20 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-11-03 18:58

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d2f52cbbab8cead8f0aedcae94e461576207ec80

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/alerts/export
GET /api/v1/batteries
GET /api/v1/batteries/edgemodules
GET /api/v1/batteries/{deviceId}/specification
GET /api/v1/batteries/{deviceId}/status
GET /api/v1/batteries/{deviceId}/telemetry
GET /api/v1/curtailment/{deviceId}/curtailmentdevices
GET /api/v1/forecasts/{siteId}/grid-energy
GET /api/v1/location/{cubeId}
GET /api/v1/locations/search
GET /api/v1/maintenance-windows
GET /api/v1/site-mappings
POST /api/v1/alerts/event
POST /api/v1/api-keys/regenerate
POST /api/v1/batteries/powersetpointschedule
POST /api/v1/batteries/triggerTelemetryUpload
POST /api/v1/curtailment/{deviceId}/schedule

Found on 2025-10-29 06:54

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d2f52cbbab8cead8f0aedcae94e461570f5e7fdb

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/alerts/export
GET /api/v1/batteries
GET /api/v1/batteries/edgemodules
GET /api/v1/batteries/{deviceId}/specification
GET /api/v1/batteries/{deviceId}/status
GET /api/v1/batteries/{deviceId}/telemetry
GET /api/v1/curtailment/{deviceId}/curtailmentdevices
GET /api/v1/location/{cubeId}
GET /api/v1/locations/search
GET /api/v1/maintenance-windows
GET /api/v1/site-mappings
POST /api/v1/alerts/event
POST /api/v1/api-keys/regenerate
POST /api/v1/batteries/powersetpointschedule
POST /api/v1/batteries/triggerTelemetryUpload
POST /api/v1/curtailment/{deviceId}/schedule

Found on 2025-10-20 18:12

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: test-planfamille.baloise.be
Port: 443
URL: https://test-planfamille.baloise.be

First seen 2023-01-25 07:51
Last seen 2023-12-24 07:08
Open for 332 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8bc298658bc298658bc298658bc29865
```
Found 1 files trough .DS_Store spidering:

/css
```
  Found on 2023-12-24 07:08
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: test-gezinsplan.baloise.be
Port: 443
URL: https://test-gezinsplan.baloise.be

First seen 2023-01-25 14:08
Last seen 2023-12-24 03:45
Open for 332 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8bc298658bc298658bc298658bc29865
```
Found 1 files trough .DS_Store spidering:

/css
```
  Found on 2023-12-24 03:45
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: acc-gezinsplan.baloise.be
Port: 443
URL: https://acc-gezinsplan.baloise.be

First seen 2023-02-27 15:36
Last seen 2023-12-24 00:44
Open for 299 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8bc298658bc298658bc298658bc29865
```
Found 1 files trough .DS_Store spidering:

/css
```
  Found on 2023-12-24 00:44
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: acc-planfamille.baloise.be
Port: 443
URL: https://acc-planfamille.baloise.be

First seen 2023-02-27 00:21
Last seen 2023-12-24 00:03
Open for 299 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8bc298658bc298658bc298658bc29865
```
Found 1 files trough .DS_Store spidering:

/css
```
  Found on 2023-12-24 00:03
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: card.baloise.be
Port: 443
URL: https://card.baloise.be

First seen 2022-11-23 10:01
Last seen 2023-04-09 23:44
Open for 137 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c1a5d9b0f1a5d9b0f86a43f366da66c0f4d2de7e94d2de7e9
```
Found 3 files trough .DS_Store spidering:

/email
/email/img
/email/Mailchimp mails
```
  Found on 2022-11-23 10:01
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: planfamille.baloise.be
Port: 443
URL: https://planfamille.baloise.be

First seen 2023-04-06 09:11
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8bc298658bc298658bc298658bc29865
```
Found 1 files trough .DS_Store spidering:

/css
```
  Found on 2023-04-06 09:11
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.2.7
Domain: gezinsplan.baloise.be
Port: 443
URL: https://gezinsplan.baloise.be

First seen 2023-04-06 09:11
- Severity: low
  Fingerprint: 5f32cf5d6962f09c63442d9d63442d9d8bc298658bc298658bc298658bc29865
```
Found 1 files trough .DS_Store spidering:

/css
```
  Found on 2023-04-06 09:11
Create report

Open service 20.50.2.7:80 · btp-dev.bystronic.com

2026-02-10 03:40

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Tue, 10 Feb 2026 03:41:23 GMT
Location: https://btp-dev.bystronic.com/

Found 2026-02-10 by HttpPlugin

Host 20.50.2.7

The Netherlands

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

MacOS file listing through .DS_Store file

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

MacOS file listing through .DS_Store file

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file