LeakIX - Host 20.50.64.2

Host 20.50.64.2

Ireland

MICROSOFT-CORP-MSN-AS-BLOCK

Debian

Software information

Apache Apache 2.4.38

tcp/443

Apache Apache

tcp/443

Kestrel Kestrel

tcp/443 tcp/80

daphne

tcp/443

gunicorn

tcp/443

nginx nginx

tcp/443 tcp/80

nginx nginx 1.19.2

tcp/443

nginx nginx 1.29.0

tcp/443

nginx nginx 1.29.4

tcp/443

nginx nginx 1.24.0

tcp/443

nginx nginx 1.29.3

tcp/443

nginx nginx 1.28.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: mpregnskap.kundesjekk.no
Port: 443
URL: https://mpregnskap.kundesjekk.no

First seen 2025-12-25 05:56
Last seen 2026-02-09 23:29
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 23:29
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: preprodml.cellent.online
Port: 443
URL: https://preprodml.cellent.online

First seen 2025-12-26 11:43
Last seen 2026-02-09 23:29
Open for 45 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549bb22fb32b560dba331c4b72649294819d6615cf9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /mlmanagement/Token/DeactivateTokens
DELETE /mlqueue/QuestionnaireQueue/RemoveExpiredQuestionnaires
DELETE /mlqueueconfig/QuestionnaireQueueConfiguration/DeleteQuestionnaireQueueConfiguration
GET /info
GET /mlfront/BusinessMessage
GET /mlfront/File/GetQuestionnaireFilesFromQuestions
GET /mlfront/File/zip/{questionId}
GET /mlfront/File/{fileId}
GET /mlgen/{sessionId}/GetSurveyHtml
GET /mlgen/{sessionId}/GetSurveyHtmlContent
GET /mlgen/{sessionId}/GetSurveyPdf
GET /mlmanagement/Token/GetTokens
GET /mlqueueconfig/QuestionnaireQueueConfiguration/GetQuestionnaireQueueConfiguration
GET /mlqueueconfig/QuestionnaireQueueConfiguration/GetQuestionnaireQueueConfigurations
GET /mlrecon/Recon/Notify
POST /InitialData/SaveInitialData
POST /mlfront/File/upload/{questionId}
POST /mlfront/Process/FinishInsuranceProcess
POST /mlfront/Process/InitInsuranceProcess
POST /mlfront/Question/GetPageQuestions
POST /mlfront/Question/MarkAsReadonly
POST /mlfront/Question/SaveAnswer
POST /mlfront/View/GetBlob
POST /mlfront/View/GetInitialData
POST /mlfront/View/GetPage
POST /mlfront/View/GetSection
POST /mlfront/View/GetTranslations
POST /mlfront/View/GetWizardDetails
POST /mlmanagement/Configurator/ActivateQuestionnaire
POST /mlmanagement/Configurator/AddAnswer
POST /mlmanagement/Configurator/CreateDraftQuestionnaire
POST /mlmanagement/Configurator/ScreeningCallback
POST /mlmanagement/Configurator/SendAnalystReview
POST /mlmanagement/Configurator/SendQuestionnaireToAiAnalysis
POST /mlmanagement/Configurator/SendToExternalSystem
POST /mlmanagement/Configurator/SendToExternalSystemUsingToken
POST /mlmanagement/Managment/ClearCache
POST /mlmanagement/Token/GenerateToken
POST /mlqueue/QuestionnaireQueue/CheckAndFillMissingQuestionnaires
POST /mlqueue/QuestionnaireQueue/GetAvailableQuestionnaireId
POST /mlqueue/QuestionnaireQueue/InitMultipleQuestionnaireGeneration
POST /mlqueue/QuestionnaireQueue/InitQuestionnaireGeneration
POST /mlqueue/QuestionnaireQueue/InitQuestionnaireGenerationFromImport
POST /mlqueueconfig/QuestionnaireQueueConfiguration/CreateOrUpdateQuestionnaireQueueConfigurations
POST /mlqueueconfig/QuestionnaireQueueConfiguration/CreateQuestionnaireQueueConfiguration

Found on 2026-02-09 23:29

Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 20.50.64.2
Domain: www.zerowastestockholm.org
Port: 443
URL: https://www.zerowastestockholm.org

First seen 2025-12-11 07:38
Last seen 2026-02-09 22:52
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6e4d0086bf3be3129e328fe3c34256b53b0db79eb

GraphQL introspection enabled at /api/graphql
Types: 456 (by kind: ENUM: 16, INPUT_OBJECT: 122, OBJECT: 298, SCALAR: 15, UNION: 5)
Operations:
- Query: Query | fields: article, articles, articlesConnection, download, downloads
- Mutation: Mutation | fields: createArticle, createDownload, deleteArticle, updateArticle, updateDownload
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2026-02-09 22:52

399.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6e4d0086bf3be3129e328fe3c34256b53ac11cd1f

GraphQL introspection enabled at /api/graphql
Types: 456 (by kind: ENUM: 16, INPUT_OBJECT: 122, OBJECT: 298, SCALAR: 15, UNION: 5)
Operations:
- Query: Query | fields: article, articles, articlesConnection, download, downloads
- Mutation: Mutation | fields: createArticle, createDownload, deleteArticle, updateArticle, updateDownload
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-02-09 21:05

399.3 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: vokonomias.kundesjekk.no
Port: 443
URL: https://vokonomias.kundesjekk.no

First seen 2025-12-22 06:14
Last seen 2026-02-09 22:18
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 22:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: auth.api.dev.duepay.co.za
Port: 443
URL: https://auth.api.dev.duepay.co.za

First seen 2025-10-28 08:15
Last seen 2026-02-09 22:09
Open for 104 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549ab5c4f4acc2a17c011e74bb4b23196969753ea26
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /authentication/login
POST /authentication/twoFactorLogin
POST /twoFactor/totp/activate
POST /twoFactor/totp/login
POST /twoFactor/totp/register
```
  Found on 2026-02-09 22:09
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 20.50.64.2
Domain: zerowastestockholm.org
Port: 443
URL: https://zerowastestockholm.org

First seen 2025-12-11 07:38
Last seen 2026-02-09 21:03
Open for 60 days

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6e4d0086bf3be3129e328fe3c34256b53b0db79eb

GraphQL introspection enabled at /api/graphql
Types: 456 (by kind: ENUM: 16, INPUT_OBJECT: 122, OBJECT: 298, SCALAR: 15, UNION: 5)
Operations:
- Query: Query | fields: article, articles, articlesConnection, download, downloads
- Mutation: Mutation | fields: createArticle, createDownload, deleteArticle, updateArticle, updateDownload
Directives: deprecated, include, skip, specifiedBy (total: 4)

Readable stores: 0

Found on 2026-02-09 21:03

399.3 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6e4d0086bf3be3129e328fe3c34256b53ac11cd1f

GraphQL introspection enabled at /api/graphql
Types: 456 (by kind: ENUM: 16, INPUT_OBJECT: 122, OBJECT: 298, SCALAR: 15, UNION: 5)
Operations:
- Query: Query | fields: article, articles, articlesConnection, download, downloads
- Mutation: Mutation | fields: createArticle, createDownload, deleteArticle, updateArticle, updateDownload
Directives: deprecated, include, skip, specifiedBy (total: 4)

Found on 2026-01-16 11:36

399.3 kBytes

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: ekobanken.kundcheck.se
Port: 443
URL: https://ekobanken.kundcheck.se

First seen 2025-12-23 08:47
Last seen 2026-02-09 20:24
Open for 48 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354949d437d3e2951e39d5b021dbc17f59e0406c375f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /NorBankIdSigning/api/recipients/{recipientId}
DELETE /NorBankIdSigning/api/signjobs/{signJobId}
DELETE /SDOSigning/api/signjobs/{signJobId}
DELETE /aml/api/Monitor/person/{personId}
DELETE /aml/api/Risk/collections/rules/criteria/{criteriaId}
DELETE /aml/api/Risk/collections/rules/{ruleId}
GET /Signing/api/signjobs
GET /Signing/api/signjobs/{signJobId}
GET /Signing/api/signjobs/{signJobId}/{urlpart}
GET /Signing/api/signjobsv1p5
GET /aml/api/KAR/{karId}
GET /aml/api/KAR/{karId}/downloadReport
GET /aml/api/Monitor/active
GET /aml/api/Risk/collections
GET /aml/api/Risk/collections/{collectionId}
GET /aml/api/Risk/download/{entityId}
GET /aml/api/Risk/download/{screeningId}/{type}
GET /aml/api/Risk/{entityId}
GET /aml/api/Risk/{entityId}/score
GET /aml/api/Template/list
GET /aml/api/Template/listTemplates/{search}
GET /aml/api/notification
GET /aml/api/rolesearch/search
GET /aml/api/screening/organization/{screeningId}
GET /aml/api/screening/organization/{screeningId}/download-report/{type}
GET /aml/api/screening/person/{screeningId}
GET /aml/api/screening/person/{screeningId}/download-report
GET /aml/v1/id-checks
GET /aml/v2/id-checks/open
GET /api/Config/featuresswitches
GET /api/EventHistory/entity/{EntityId}
GET /api/EventHistory/{EventId}
GET /api/WebForm/template/{templateId}
GET /api/WebForm/{id}/result
GET /api/WebForm/{screeningId}
GET /api/WebForm/{screeningId}/download
GET /api/WebForm/{screeningId}/download/{blobStorageId}
GET /api/WebForm/{screeningId}/exists/{blobStorageId}
GET /api/WebForm/{screeningId}/generate
GET /api/v1/Webhook
GET /api/v1/Webhook/events/{eventId}
GET /api/v1/Webhook/{subscriptionid}
GET /api/v1/Webhook/{subscriptionid}/events
GET /api/webhook
GET /api/webhook/events/{eventId}
GET /api/webhook/{subscriptionid}
GET /api/webhook/{subscriptionid}/events
GET /signingview/dist/message
POST /KundesjekkSigning/api/start
POST /NorBankIdSigning/api/start
POST /SDOSigning/api/start
POST /SignicatSigning/api/start
POST /aml/api/KAR
POST /aml/api/Monitor/person
POST /aml/api/Risk
POST /aml/api/Risk/recommendation
POST /aml/api/Risk/webform
POST /aml/api/Risk/{webFormId}/update-entity-id/{entityId}
POST /aml/api/notification/authenticated/{screeningId}
POST /aml/api/notification/cancel/{entityId}
POST /aml/api/notification/copy/{signJobId}
POST /aml/api/notification/email/{emailId}
POST /aml/api/notification/next/{entityId}
POST /aml/api/notification/resend/{entity}
POST /aml/api/notification/send/webform/{screeningId}
POST /aml/api/notification/sms/{smsId}
POST /aml/api/screening/beneficial
POST /aml/api/screening/bulk/authenticated
POST /aml/api/screening/bulk/unauthenticated
POST /aml/api/screening/organization
POST /aml/api/screening/person/authenticated
POST /aml/api/screening/person/unauthenticated
POST /aml/api/screening/person/unauthenticatedsanctiononly
POST /aml/v1/id-checks/consent
POST /aml/v1/id-checks/missing
POST /aml/v1/id-checks/reject
POST /api/Support/invite
POST /api/WebForm
POST /api/WebForm/{screeningId}/send
POST /api/v1/Webhook/events/{webhookEventGuid}/resend
POST /api/v1/Webhook/postWebhook
POST /api/webhook/events/{webhookEventGuid}/resend
POST /api/webhook/postWebhook
PUT /Signing/api/signjobs/{signJobId}/reference
PUT /aml/api/KAR/{karId}/reference/{clientReference}
PUT /aml/api/screening/organization/{screeningId}/reference/{clientReference}
PUT /aml/api/screening/person/{screeningId}/reference/{clientReference}
PUT /aml/api/screening/{type}/{screeningId}/activate
PUT /aml/api/screening/{type}/{screeningId}/deactivate

Found on 2026-02-09 20:24

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-02-02 09:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: merchant.api.dev.duepay.co.za
Port: 443
URL: https://merchant.api.dev.duepay.co.za

First seen 2025-10-28 08:17
Last seen 2026-02-09 20:07
Open for 104 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035492f7a51723a32db4b7a15e6989bf4b1fbc432a4ff

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /bankAccounts
GET /bankAccounts/{id}
GET /bills
GET /bills/{id}
GET /profile
GET /references/bankAccountTypes
GET /references/bankAccountTypes/{code}
GET /references/banks
GET /references/banks/{code}
GET /references/billStatuses
GET /references/billStatuses/{code}
GET /references/countries
GET /references/countries/{code}
GET /references/currencies
GET /references/currencies/{code}
GET /references/customerTypes
GET /references/customerTypes/{code}
GET /references/paymentMandateTypes
GET /references/paymentMandateTypes/{code}
GET /references/paymentStatuses
GET /references/paymentStatuses/{code}
GET /references/settlementStatuses
GET /references/settlementStatuses/{code}
GET /references/transactionTypes
GET /references/transactionTypes/{code}
GET /xero/accounts/bank
GET /xero/accounts/expense
GET /xero/invoices
GET /xero/link
GET /xero/tenants
POST /bills/{id}/notify
POST /profile/changePassword
POST /profile/register
POST /profile/verify
POST /xero/accounts/configure
POST /xero/sync

Found on 2026-02-09 20:07

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-11-26 15:09

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: api.beta.sitephoto.app
Port: 443
URL: https://api.beta.sitephoto.app

First seen 2025-10-28 08:14
Last seen 2026-02-09 18:50
Open for 104 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 18:50
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: dinvi.kundesjekk.no
Port: 443
URL: https://dinvi.kundesjekk.no

First seen 2025-12-10 12:25
Last seen 2026-02-09 18:08
Open for 61 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 18:08
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: brands-jkp.depart-a-mental.com
Port: 443
URL: https://brands-jkp.depart-a-mental.com

First seen 2025-10-23 10:32
Last seen 2026-02-09 18:00
Open for 109 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549344976714f7bbf4a9cf1225abedf01806b15e2cf

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v{version}/checkout/payment/cancel
DELETE /api/v{version}/checkout/terminal/reset
DELETE /api/v{version}/checkout/terminalpayment/cancel
GET /api/v{version}/checkout/payment-result
GET /api/v{version}/checkout/payment/{paymentIntentId}/status
GET /api/v{version}/checkout/selection/{token}/paymentstatus
POST /api/v{version}/admin/createtransfersforintent
POST /api/v{version}/admin/sendcustomernotification
POST /api/v{version}/admin/simulateterminalpayment
POST /api/v{version}/centrawebhook
POST /api/v{version}/checkout/email
POST /api/v{version}/checkout/email/receipt
POST /api/v{version}/checkout/payment
POST /api/v{version}/checkout/selection/{token}/updated
POST /api/v{version}/checkout/terminalpayment
POST /api/v{version}/stripeconnectwebhook
POST /api/v{version}/stripewebhook

Found on 2026-02-09 18:00

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-10-29 08:27

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: usercustomeradminservice-dev.asgo.dk
Port: 80
URL: http://usercustomeradminservice-dev.asgo.dk

First seen 2025-12-26 16:23
Last seen 2026-02-09 15:39
Open for 44 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035490757d2d50f965dc1a91f4063cb6f30dd1bc92fa0
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /customers/deleteusertocustomer/{customerId}/{userId}
GET /applications
GET /customers
GET /customers/{id}
GET /users
GET /users/iscurrentusersuperadmin
GET /users/{id}
POST /applications/{appId}/requestaccess
POST /applications/{appId}/secret
PUT /customers/addusertocustomer/{id}
PUT /customers/updateusertocustomerpermission/{customerId}/{userId}
PUT /users/{id}/changepassword
```
  Found on 2026-02-09 15:39
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: api.dev.sitephoto.app
Port: 443
URL: https://api.dev.sitephoto.app

First seen 2025-10-28 08:16
Last seen 2026-02-09 15:35
Open for 104 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 15:35
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: rewards-clientview-api-dev.ims.tech
Port: 443
URL: https://rewards-clientview-api-dev.ims.tech

First seen 2025-12-18 02:19
Last seen 2026-02-09 14:53
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6052c73d5f775f194368f248e8c0d6444aec473cb8
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/Message/Count
GET /api/v1/Message/History
GET /api/v1/Message/{id}
GET /api/v1/Points/Get
GET /api/v1/Reward/History
GET /api/v1/Reward/HistoryPaging
GET /api/v1/Reward/List
GET /api/v1/Reward/{id}
POST /api/v1/Cards
POST /api/v1/Points/BankPoints
POST /api/v1/Reward/Redeem
POST /api/v1/UserAction
```
  Found on 2026-02-09 14:53
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: sap-connector-test-api.dtek.com
Port: 443
URL: https://sap-connector-test-api.dtek.com

First seen 2025-12-26 17:02
Last seen 2026-02-09 14:15
Open for 44 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035491cea39b63f88f34149a1976449a1976449a19764
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /OpenApi/idoc
POST /api/Idoc
POST /api/Idoc/creatio
```
  Found on 2026-02-09 14:15
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: test-b2b-ecom.f-engelservice.com
Port: 80
URL: http://test-b2b-ecom.f-engelservice.com

First seen 2026-01-06 01:36
Last seen 2026-02-09 13:30
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 13:30
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: rewards-integration-api-dev.ims.tech
Port: 80
URL: http://rewards-integration-api-dev.ims.tech

First seen 2025-12-18 02:16
Last seen 2026-02-09 06:20
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60ba3750d0e108fcc2ae36194946a5699ca7b52e4f

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/EndUser
GET /api/v1/EndUser/{id}
GET /api/v1/EndUserPersistentData/GetDataByKeyName/{endUserExternalId}/{keyName}
GET /api/v1/EndUserPersistentData/GetDataForUser/{endUserExternalId}
GET /api/v1/Engagement/EndUser/{endUserId}/{mediaType}
GET /api/v1/Engagement/Template/{brandId}
GET /api/v1/Engagement/Template/{brandId}/{templateName}
GET /api/v1/EngagementOptOut/EndUser/{id}
GET /api/v1/IntegrationAPILog
GET /api/v1/Intervention
GET /api/v1/Intervention/User/{userId}
GET /api/v1/Intervention/{id}
POST /api/v1/EndUser/AttachPolicy
POST /api/v1/EndUser/Create
POST /api/v1/EndUser/RemovePolicy
POST /api/v1/EndUser/Role
POST /api/v1/EndUserPersistentData
POST /api/v1/Engagement/EndUser/{endUserId}
POST /api/v1/Intervention/Create
POST /api/v1/Intervention/Update
POST /api/v1/Messaging/Send
POST /api/v1/Points/Add
POST /api/v1/Points/Remove
POST /api/v1/RuleTestAndLog/LogRule
POST /api/v1/Rules/ExecuteRule
POST /api/v1/ScoreConversion/ConvertScore
PUT /api/v1/EndUser/{id}/Reenroll

Found on 2026-02-09 06:20

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60ba3750d0e108fcc2ae36194946a5699c02978382

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/EndUser
GET /api/v1/EndUser/{id}
GET /api/v1/EndUserPersistentData/GetDataByKeyName/{endUserExternalId}/{keyName}
GET /api/v1/EndUserPersistentData/GetDataForUser/{endUserExternalId}
GET /api/v1/Engagement/EndUser/{endUserId}/{mediaType}
GET /api/v1/Engagement/Template/{brandId}
GET /api/v1/Engagement/Template/{brandId}/{templateName}
GET /api/v1/EngagementOptOut/EndUser/{id}
GET /api/v1/IntegrationAPILog
GET /api/v1/Intervention
GET /api/v1/Intervention/User/{userId}
GET /api/v1/Intervention/{id}
POST /api/v1/EndUser/AttachPolicy
POST /api/v1/EndUser/Create
POST /api/v1/EndUser/RemovePolicy
POST /api/v1/EndUserPersistentData
POST /api/v1/Engagement/EndUser/{endUserId}
POST /api/v1/Intervention/Create
POST /api/v1/Intervention/Update
POST /api/v1/Messaging/Send
POST /api/v1/Points/Add
POST /api/v1/Points/Remove
POST /api/v1/RuleTestAndLog/LogRule
POST /api/v1/Rules/ExecuteRule
POST /api/v1/ScoreConversion/ConvertScore
PUT /api/v1/EndUser/{id}/Reenroll

Found on 2026-01-16 09:17

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: rewards-identity-api-dev.ims.tech
Port: 80
URL: http://rewards-identity-api-dev.ims.tech

First seen 2025-12-18 02:14
Last seen 2026-02-09 03:48
Open for 53 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60ce5a3e5830147da767936f9e7d1c4c8d931adce2
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /Authenticate/GenerateAPPToken
POST /Authenticate/GenerateIntegratorsAPIMasterToken
POST /Authenticate/GenerateIntegratorsAPIToken
POST /Authenticate/GenerateUIAPIMasterToken
POST /Authenticate/GenerateUIAPIToken
```
  Found on 2026-02-09 03:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: rewards-clientview-api-dev.ims.tech
Port: 80
URL: http://rewards-clientview-api-dev.ims.tech

First seen 2025-12-18 02:19
Last seen 2026-02-08 23:27
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6052c73d5f775f194368f248e8c0d6444aec473cb8
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/Message/Count
GET /api/v1/Message/History
GET /api/v1/Message/{id}
GET /api/v1/Points/Get
GET /api/v1/Reward/History
GET /api/v1/Reward/HistoryPaging
GET /api/v1/Reward/List
GET /api/v1/Reward/{id}
POST /api/v1/Cards
POST /api/v1/Points/BankPoints
POST /api/v1/Reward/Redeem
POST /api/v1/UserAction
```
  Found on 2026-02-08 23:27
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: documentservice-dev.asgo.dk
Port: 80
URL: http://documentservice-dev.asgo.dk

First seen 2026-01-06 00:38
Last seen 2026-02-07 17:46
Open for 32 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354926a8942accace339f7cb5ed77cb5f523ae19e4bc
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /documents
GET /documents/{id}
GET /documents/{id}/pdf
GET /templates
GET /templates/{id}
POST /documents/pdf
POST /documents/zip
```
  Found on 2026-02-07 17:46
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: staging-lab-api.bidvestalice.com
Port: 443
URL: https://staging-lab-api.bidvestalice.com

First seen 2025-12-26 10:52
Last seen 2026-02-06 06:18
Open for 41 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035490315d328998c8c8d3370ce17af877135cb3ab372

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/BusinessProcess
GET /api/BusinessProcess/{id}
GET /api/Category
GET /api/Category/{id}
GET /api/Clients
GET /api/Clients/{id}
GET /api/Countries
GET /api/Countries/{id}
GET /api/Customers
GET /api/Customers/{id}
GET /api/DataAssetDefinition
GET /api/DataAssetDefinition/{id}
GET /api/DataAssetFiles
GET /api/DataAssetFiles/{id}
GET /api/DataAssetTransformation/SQLDataTypes
GET /api/DataAssetTransformation/{id}
GET /api/LinkDataAssetDefinitionToProcedureStep
GET /api/LinkDataAssetDefinitionToProcedureStep/{id}
GET /api/LocalLab
GET /api/LocalLab/update
GET /api/LocalLab/update/{target}/{arch}/{version}
GET /api/PreflightChecks/auth
GET /api/PreflightChecks/un-auth
GET /api/Problems
GET /api/Problems/{id}
GET /api/ProcedureOutcomeType
GET /api/ProcedureOutcomeType/{id}
GET /api/ProcedureSteps
GET /api/ProcedureSteps/{id}
GET /api/Procedures
GET /api/Procedures/{id}
GET /api/Projects
GET /api/Projects/{id}
GET /api/RoleAssignments
GET /api/RoleAssignments/{id}
GET /api/Roles
GET /api/Roles/{id}
GET /api/Schema
GET /api/Schema/GetReservedNames
GET /api/Schema/{dataAssetDefinitionId}
GET /api/SourceDefinition
GET /api/SourceDefinition/{id}
GET /api/SourceFiles
GET /api/SourceFiles/{id}
GET /api/Status
GET /api/Status/{id}
GET /api/Users
GET /api/Users/{id}
POST /api/DataAssetTransformation/CreateTable

Found on 2026-02-06 06:18

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: fokuskapital.kundesjekk.no
Port: 443
URL: https://fokuskapital.kundesjekk.no

First seen 2026-01-01 02:41
Last seen 2026-02-05 04:19
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-05 04:19
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: tenura.kundesjekk.no
Port: 443
URL: https://tenura.kundesjekk.no

First seen 2025-12-21 02:17
Last seen 2026-02-05 03:50
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-05 03:50
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: api.thriveaccounts.ninja
Port: 443
URL: https://api.thriveaccounts.ninja

First seen 2026-01-03 08:52
Last seen 2026-02-04 22:51
Open for 32 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-04 22:51
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.107.246.44
Domain: admin.test.miros.app
Port: 443
URL: https://admin.test.miros.app

First seen 2025-12-02 10:08
Last seen 2026-02-02 12:26
Open for 62 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350fa2d6a4f2ca8dd4b71af973b576df8c8

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /api/License/machine
GET /api/License/timestamp
POST /api/License/self
POST /api/License/updateclaims
POST /connect/token

Found on 2026-02-02 12:26

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e6e9f16a8e66ef6f2f8008ebc7de1b8613003c7

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/License/machine
GET /api/License/timestamp
POST /api/License/self
POST /api/License/updateclaims
POST /connect/token

Found on 2026-01-09 01:51

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350fa2d6a4f2ca8dd4b1169d68f2e1c0ac2

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /api/License/machine
GET /api/License/timestamp
GET /license-ui/{licenseId}
GET /license-ui/{licenseId}/file
GET /license-uis
POST /api/License/self
POST /api/License/updateclaims
POST /connect/token
POST /license-ui
POST /license-ui/{licenseId}/activate
PUT /license-ui/{licenseId}/merge-duplicate

Found on 2025-12-13 11:17

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354917b922a095cb8b0ab98ad98e08a01ec792aab9f5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Configuration/state
GET /api/Configuration/all
GET /api/Configuration/applied
GET /api/Configuration/byid
GET /api/Configuration/changes
GET /api/Configuration/clone
GET /api/Device
GET /api/Device/{id}
GET /api/Iot
GET /api/License
GET /api/License/machine
GET /api/License/self/approved
GET /api/License/timestamp
GET /api/License/wavex/create/download
GET /api/License/wavex/create/file
GET /api/Organization
GET /api/Organization/{id}
GET /api/Parameter
GET /api/Parameter/group
GET /api/Parameter/group/{id}
GET /api/Parameter/{id}
GET /api/Ping
GET /api/Settings/frontend
GET /api/Site
GET /api/Site/{id}
GET /api/Sync/configuration/metadata/ids
GET /api/Sync/configuration/metadata/missing
GET /api/Sync/configuration/missing
GET /api/Sync/configuration/timestamps
GET /api/Tenant
GET /api/User
GET /api/User/claims
GET /api/User/organization/{organizationId}
GET /authenticationapi/check
GET /authenticationapi/external/login
GET /authenticationapi/how
GET /authenticationapi/logout
POST /api/Configuration/tag
POST /api/License/self
POST /api/License/updateclaims
POST /api/Sync/configuration
POST /api/Sync/configuration/metadata
POST /authenticationapi/login
PUT /api/Configuration
PUT /api/User/permission/site/allowed
PUT /api/User/permission/site/owner

Found on 2025-12-11 11:10

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: test-b2b-ecom.f-engelservice.com
Port: 443
URL: https://test-b2b-ecom.f-engelservice.com

First seen 2026-01-06 01:36
Last seen 2026-02-02 08:14
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 08:14
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: utleiekristiansand.kundesjekk.no
Port: 443
URL: https://utleiekristiansand.kundesjekk.no

First seen 2025-12-24 03:15
Last seen 2026-02-02 08:02
Open for 40 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 08:02
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: rewards-identity-api-dev.ims.tech
Port: 443
URL: https://rewards-identity-api-dev.ims.tech

First seen 2025-12-18 02:14
Last seen 2026-02-02 05:44
Open for 46 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60ce5a3e5830147da767936f9e7d1c4c8d931adce2
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /Authenticate/GenerateAPPToken
POST /Authenticate/GenerateIntegratorsAPIMasterToken
POST /Authenticate/GenerateIntegratorsAPIToken
POST /Authenticate/GenerateUIAPIMasterToken
POST /Authenticate/GenerateUIAPIToken
```
  Found on 2026-02-02 05:44
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: sap-connector-test-consumer.dtek.com
Port: 443
URL: https://sap-connector-test-consumer.dtek.com

First seen 2025-12-26 17:02
Last seen 2026-02-02 05:08
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549e05dfe92e05dfe92e05dfe92e05dfe92e05dfe92
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /sap/test-params
```
  Found on 2026-02-02 05:08
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: api-jkp.depart-a-mental.com
Port: 443
URL: https://api-jkp.depart-a-mental.com

First seen 2025-10-30 18:21
Last seen 2026-02-02 04:40
Open for 94 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-02-02 04:40

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549344976714f7bbf4a9cf1225abedf01806b15e2cf

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v{version}/checkout/payment/cancel
DELETE /api/v{version}/checkout/terminal/reset
DELETE /api/v{version}/checkout/terminalpayment/cancel
GET /api/v{version}/checkout/payment-result
GET /api/v{version}/checkout/payment/{paymentIntentId}/status
GET /api/v{version}/checkout/selection/{token}/paymentstatus
POST /api/v{version}/admin/createtransfersforintent
POST /api/v{version}/admin/sendcustomernotification
POST /api/v{version}/admin/simulateterminalpayment
POST /api/v{version}/centrawebhook
POST /api/v{version}/checkout/email
POST /api/v{version}/checkout/email/receipt
POST /api/v{version}/checkout/payment
POST /api/v{version}/checkout/selection/{token}/updated
POST /api/v{version}/checkout/terminalpayment
POST /api/v{version}/stripeconnectwebhook
POST /api/v{version}/stripewebhook

Found on 2026-01-22 23:24

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: rewards-integration-api-dev.ims.tech
Port: 443
URL: https://rewards-integration-api-dev.ims.tech

First seen 2025-12-18 02:16
Last seen 2026-02-02 03:47
Open for 46 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60ba3750d0e108fcc2ae36194946a5699ca7b52e4f

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/EndUser
GET /api/v1/EndUser/{id}
GET /api/v1/EndUserPersistentData/GetDataByKeyName/{endUserExternalId}/{keyName}
GET /api/v1/EndUserPersistentData/GetDataForUser/{endUserExternalId}
GET /api/v1/Engagement/EndUser/{endUserId}/{mediaType}
GET /api/v1/Engagement/Template/{brandId}
GET /api/v1/Engagement/Template/{brandId}/{templateName}
GET /api/v1/EngagementOptOut/EndUser/{id}
GET /api/v1/IntegrationAPILog
GET /api/v1/Intervention
GET /api/v1/Intervention/User/{userId}
GET /api/v1/Intervention/{id}
POST /api/v1/EndUser/AttachPolicy
POST /api/v1/EndUser/Create
POST /api/v1/EndUser/RemovePolicy
POST /api/v1/EndUser/Role
POST /api/v1/EndUserPersistentData
POST /api/v1/Engagement/EndUser/{endUserId}
POST /api/v1/Intervention/Create
POST /api/v1/Intervention/Update
POST /api/v1/Messaging/Send
POST /api/v1/Points/Add
POST /api/v1/Points/Remove
POST /api/v1/RuleTestAndLog/LogRule
POST /api/v1/Rules/ExecuteRule
POST /api/v1/ScoreConversion/ConvertScore
PUT /api/v1/EndUser/{id}/Reenroll

Found on 2026-02-02 03:47

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60ba3750d0e108fcc2ae36194946a5699c02978382

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/v1/EndUser
GET /api/v1/EndUser/{id}
GET /api/v1/EndUserPersistentData/GetDataByKeyName/{endUserExternalId}/{keyName}
GET /api/v1/EndUserPersistentData/GetDataForUser/{endUserExternalId}
GET /api/v1/Engagement/EndUser/{endUserId}/{mediaType}
GET /api/v1/Engagement/Template/{brandId}
GET /api/v1/Engagement/Template/{brandId}/{templateName}
GET /api/v1/EngagementOptOut/EndUser/{id}
GET /api/v1/IntegrationAPILog
GET /api/v1/Intervention
GET /api/v1/Intervention/User/{userId}
GET /api/v1/Intervention/{id}
POST /api/v1/EndUser/AttachPolicy
POST /api/v1/EndUser/Create
POST /api/v1/EndUser/RemovePolicy
POST /api/v1/EndUserPersistentData
POST /api/v1/Engagement/EndUser/{endUserId}
POST /api/v1/Intervention/Create
POST /api/v1/Intervention/Update
POST /api/v1/Messaging/Send
POST /api/v1/Points/Add
POST /api/v1/Points/Remove
POST /api/v1/RuleTestAndLog/LogRule
POST /api/v1/Rules/ExecuteRule
POST /api/v1/ScoreConversion/ConvertScore
PUT /api/v1/EndUser/{id}/Reenroll

Found on 2026-01-16 03:32

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: updatesite-qa01-safetynet.rmlp.com
Port: 443
URL: https://updatesite-qa01-safetynet.rmlp.com

First seen 2025-12-22 06:46
Last seen 2026-02-02 03:23
Open for 41 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549751894f58ccb784db2a7062e3b22a74641ceb927
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/HeartBeat
GET /api/TransparentRanges/ALL
GET /api/TransparentRanges/{datacentreId}
GET /api/radius/clients/{datacentreId}
GET /api/xml/{proxycontenttype}
GET /api/{proxycontenttype}
GET /api/{proxycontenttype}/{id}
```
  Found on 2026-02-02 03:23
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: staging-identity.bidvestalice.com
Port: 443
URL: https://staging-identity.bidvestalice.com

First seen 2025-12-26 10:55
Last seen 2026-02-02 02:33
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354901e64ab578761f3324375ddeddee23170bfa4daa
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Admin/users
GET /api/ConfirmAccount/email
GET /api/ConfirmAccount/sign-up
GET /api/Preflight
GET /api/RefreshTokens
GET /api/TimeBasedOtp/{email}
GET /api/TimeBasedOtp/{email}/reset
GET /api/Token
POST /api/Admin/setusermfareset/{id}
POST /api/Admin/setuserpasswordreset/{id}
POST /api/ConfirmAccount/send-email-confirmation
POST /api/ForgotPassword
POST /api/Login
POST /api/MultifactorAuthentication
POST /api/RefreshTokens/refreshtoken
POST /api/RefreshTokens/revoketoken
POST /api/Registration
POST /api/ResetPassword
```
  Found on 2026-02-02 02:33
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: urbanjungle.kundesjekk.no
Port: 443
URL: https://urbanjungle.kundesjekk.no

First seen 2026-01-08 07:28
Last seen 2026-02-01 23:20
Open for 24 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-01 23:20
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: node-guard.com
Port: 443
URL: https://node-guard.com

First seen 2025-11-26 04:48
Last seen 2026-02-01 22:22
Open for 67 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549a9de8360d30e6cf0d2909218bbecfb3ef8a681da

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/audit
GET /api/v1/geographies
GET /api/v1/geographies/{geographyId}
GET /api/v1/node-types
GET /api/v1/node-types/{nodeTypeId}
GET /api/v1/nodes
GET /api/v1/nodes/source-nodes
GET /api/v1/nodes/{nodeId}
GET /api/v1/nodes/{nodeId}/aggregate-dashboard
GET /api/v1/nodes/{nodeId}/hierarchy
GET /api/v1/nodes/{nodeId}/incoming-risk-links
GET /api/v1/nodes/{nodeId}/outgoing-risk-links
GET /api/v1/organizations
GET /api/v1/organizations/{organizationId}
GET /api/v1/organizations/{organizationId}/orm-settings
GET /api/v1/reports/active-risks
GET /api/v1/reports/active-risks-list
GET /api/v1/reviews
GET /api/v1/risk-links
GET /api/v1/risk-links/by-risk-owner
GET /api/v1/risk-links/{riskLinkId}
GET /api/v1/risk-owners
GET /api/v1/risk-owners/{riskOwnerId}
GET /api/v1/supervisory-organizations
GET /api/v1/supervisory-organizations/{supervisoryOrganizationId}
POST /api/v1/risk-links/{riskLinkId}/accept
POST /api/v1/risk-links/{riskLinkId}/reject

Found on 2026-02-01 22:22

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549a9de8360d30e6cf0d2909218bbecfb3efdbf9bf1

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/audit
GET /api/v1/geographies
GET /api/v1/geographies/{geographyId}
GET /api/v1/node-types
GET /api/v1/node-types/{nodeTypeId}
GET /api/v1/nodes
GET /api/v1/nodes/source-nodes
GET /api/v1/nodes/{nodeId}
GET /api/v1/nodes/{nodeId}/hierarchy
GET /api/v1/nodes/{nodeId}/incoming-risk-links
GET /api/v1/nodes/{nodeId}/outgoing-risk-links
GET /api/v1/organizations
GET /api/v1/organizations/{organizationId}
GET /api/v1/reports/active-risks
GET /api/v1/reports/active-risks-list
GET /api/v1/risk-links
GET /api/v1/risk-links/by-risk-owner
GET /api/v1/risk-links/{riskLinkId}
GET /api/v1/risk-owners
GET /api/v1/risk-owners/{riskOwnerId}
GET /api/v1/supervisory-organizations
GET /api/v1/supervisory-organizations/{supervisoryOrganizationId}
POST /api/v1/risk-links/{riskLinkId}/accept
POST /api/v1/risk-links/{riskLinkId}/reject

Found on 2026-01-23 09:22

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-12-19 07:27

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: iconomy.kundesjekk.no
Port: 443
URL: https://iconomy.kundesjekk.no

First seen 2026-01-04 04:30
Last seen 2026-02-01 18:18
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-01 18:18
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: documentservice-dev.asgo.dk
Port: 443
URL: https://documentservice-dev.asgo.dk

First seen 2026-01-06 00:38
Last seen 2026-01-23 11:20
Open for 17 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354926a8942accace339f7cb5ed77cb5f523ae19e4bc
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /documents
GET /documents/{id}
GET /documents/{id}/pdf
GET /templates
GET /templates/{id}
POST /documents/pdf
POST /documents/zip
```
  Found on 2026-01-23 11:20
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: messaging-api-sit.ims.tech
Port: 443
URL: https://messaging-api-sit.ims.tech

First seen 2025-12-19 09:36
Last seen 2026-01-22 18:45
Open for 34 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d609b521de6b420c38c9a53f89bc6ba8426c6ba8426
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /api/v1/Message/SendEmail
POST /api/v1/Message/SendEvent
POST /api/v1/Message/SendPushNotification
POST /api/v1/Message/SendSMS
```
  Found on 2026-01-22 18:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: usercustomeradminservice-dev.asgo.dk
Port: 443
URL: https://usercustomeradminservice-dev.asgo.dk

First seen 2025-12-26 16:23
Last seen 2026-01-16 11:28
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035490757d2d50f965dc1a91f4063cb6f30dd1bc92fa0
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /customers/deleteusertocustomer/{customerId}/{userId}
GET /applications
GET /customers
GET /customers/{id}
GET /users
GET /users/iscurrentusersuperadmin
GET /users/{id}
POST /applications/{appId}/requestaccess
POST /applications/{appId}/secret
PUT /customers/addusertocustomer/{id}
PUT /customers/updateusertocustomerpermission/{customerId}/{userId}
PUT /users/{id}/changepassword
```
  Found on 2026-01-16 11:28
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: demo.e-dziennikbudowy.gunb.gov.pl
Port: 443
URL: https://demo.e-dziennikbudowy.gunb.gov.pl

First seen 2025-12-22 05:49
Last seen 2026-01-16 07:35
Open for 25 days

Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5303b8d97a0406db04c75171ab73653d849ce5337

Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /audits/codes
GET /audits/logs
GET /audits/paging
GET /configurations
GET /configurations/api-version
GET /configurations/pages
GET /configurations/pages/{code}
GET /configurations/regulations
GET /configurations/{code}
GET /dictionaries
GET /dictionaries/categories
GET /dictionaries/details
GET /dictionaries/{code}
GET /dictionaries/{code}/entries
GET /edbs/notifications
GET /edbs/paging
GET /edbs/paging/export/{format}
GET /edbs/proposals
GET /edbs/proposals/list/paging
GET /edbs/proposals/list/paging/export/{format}
GET /edbs/proposals/my/list/paging
GET /edbs/proposals/my/list/paging/export/{format}
GET /edbs/proposals/my/{id}
GET /edbs/proposals/{id}
GET /edbs/proposals/{id}/history
GET /edbs/user/paging
GET /edbs/user/paging/export/{format}
GET /edbs/users/{id}/participant-roles
GET /edbs/{id}
GET /edbs/{id}/archival
GET /edbs/{id}/export/pdf
GET /edbs/{id}/logs
GET /edbs/{id}/logs/{entryLogId}
GET /edbs/{id}/participants
GET /edbs/{id}/participants/can_add_roles
GET /edbs/{id}/participants/only_me
GET /edbs/{id}/participants/{participantId}
GET /edbs/{id}/privileges
GET /edbs/{id}/representatives
GET /edbs/{id}/statuses
GET /info_messages
GET /location/commune
GET /location/district
GET /location/province
GET /notification/news
GET /notification/paging
GET /permissions/groups/{code}/roles
GET /permissions/oauth_clients/paging
GET /permissions/roles/{role-code}/groups
GET /permissions/users/{user-id}/groups
GET /permissions/users/{user-id}/roles
GET /resources/user/{id}/**
GET /users
GET /users/ecrub_data
GET /users/gugik_data
GET /users/identity_providers
GET /users/info
GET /users/info/user
GET /users/last_role
GET /users/main_role
GET /users/managed_groups
GET /users/paging
GET /users/paging/export/{format}
GET /users/regulation
GET /users/specialities
GET /users/subordinate_roles
GET /v1/application/applicant_role_code
GET /v1/application/construction_type_code
GET /v1/application/edb_number
GET /v1/application/legal_type_code
GET /v1/application/permit_admin_code
GET /v1/application/status
GET /v1/application/status_code
GET /v1/export/csv
GET /v1/export/xml
GET /verification/paging
GET /weather
GET /web-push
POST /audits
POST /dictionaries/{code}/entries/location
POST /edbs/import
POST /edbs/proposals/plots/file
POST /edbs/proposals/{id}/accept
POST /edbs/proposals/{id}/forward
POST /edbs/proposals/{id}/reject
POST /edbs/proposals/{id}/withdraw
POST /edbs/{edbId}/participants/{participantId}/contact_email
POST /edbs/{id}/accept-item
POST /edbs/{id}/assign
POST /edbs/{id}/confirm
POST /edbs/{id}/logs/{entryLogId}/cancel
POST /edbs/{id}/logs/{entryLogId}/correct
POST /edbs/{id}/participants/{hash}/confirm_new
POST /edbs/{id}/participants/{participantId}/additional_info
POST /edbs/{id}/participants/{participantId}/confirm
POST /edbs/{id}/participants/{participantId}/coordinator
POST /edbs/{id}/participants/{participantId}/end_date
POST /edbs/{id}/participants/{participantId}/official_info
POST /mail/{name}
POST /mail/{name}/async
POST /notification/add
POST /notification/add/mail
POST /permissions/oauth_clients
POST /reports/{reportId}
POST /resources/temp
POST /v1/application/import
POST /v1/application/import/file
POST /v1/import
POST /verification
POST /verification/ios
POST /web-push/apns
PUT /dictionaries/{code}/details
PUT /dictionaries/{code}/entries/{entry-code}
PUT /dictionaries/{code}/entries/{entry-code}/location
PUT /notification/receiving
PUT /permissions/oauth_clients/{client_id}
PUT /permissions/roles/{role-code}/groups/users
PUT /users/info/{id}
PUT /users/passwd
PUT /users/privileges
PUT /users/{id}/block
PUT /users/{id}/passwd

Found on 2026-01-16 07:35

Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
Found on 2025-12-22 05:49

Create report

GraphQL introspection is enabled.

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 20.50.64.2
Domain: ax.lessor.dk
Port: 443
URL: https://ax.lessor.dk

First seen 2025-12-01 09:25
Last seen 2026-01-16 05:10
Open for 45 days
- Severity: medium
  Fingerprint: c2db3a1c40d490db2337d3d683e0d9a5b2e1fca769a884ed278ca4fd278ca4fd
```
GraphQL introspection enabled at /api/graphql
Types: 32 (by kind: ENUM: 2, INPUT_OBJECT: 1, OBJECT: 24, SCALAR: 4, UNION: 1)
Operations:
- Query: Query | fields: file, fileOrFolder, folder, forumThread, forumThreads
Directives: deprecated, include, skip (total: 3)
```
  Found on 2026-01-16 05:10
  
  41.1 kBytes
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: api.sitephoto.app
Port: 443
URL: https://api.sitephoto.app

First seen 2025-10-28 08:15
Last seen 2026-01-16 02:50
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-16 02:50
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: consil.kundesjekk.no
Port: 443
URL: https://consil.kundesjekk.no

First seen 2025-12-26 17:36
Last seen 2026-01-16 02:38
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-16 02:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: staging-b2b-id.f-engelservice.com
Port: 443
URL: https://staging-b2b-id.f-engelservice.com

First seen 2025-12-26 15:03
Last seen 2026-01-09 18:45
Open for 14 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a7f7747cf8b3a877d429345d1cff4b93d066d4f5
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/echo/clearcmslocalcache
GET /api/echo/is-new
GET /api/echo/test-ip
GET /api/echo/{input}
GET /api/users/{userId}
GET /api/users/{userId}/confirm_email
GET /api/users/{userId}/generate-activationcode
GET /api/users/{userId}/generate-reset-password-code
GET /connect/authorize
GET /connect/endsession
GET /connect/verify
POST /api/users
POST /api/users/{userId}/changepasswordbyadmin
POST /api/users/{userId}/verify-info
POST /connect/device
POST /connect/logout
```
  Found on 2026-01-09 18:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: staging-b2b-id.f-engelservice.com
Port: 80
URL: http://staging-b2b-id.f-engelservice.com

First seen 2025-12-30 05:49
Last seen 2026-01-08 23:24
Open for 9 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a7f7747cf8b3a877d429345d1cff4b93d066d4f5
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/echo/clearcmslocalcache
GET /api/echo/is-new
GET /api/echo/test-ip
GET /api/echo/{input}
GET /api/users/{userId}
GET /api/users/{userId}/confirm_email
GET /api/users/{userId}/generate-activationcode
GET /api/users/{userId}/generate-reset-password-code
GET /connect/authorize
GET /connect/endsession
GET /connect/verify
POST /api/users
POST /api/users/{userId}/changepasswordbyadmin
POST /api/users/{userId}/verify-info
POST /connect/device
POST /connect/logout
```
  Found on 2026-01-08 23:24
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.64.2
Domain: admin.test.miros.app
Port: 80
URL: http://admin.test.miros.app

First seen 2025-12-02 10:08
Last seen 2025-12-13 20:14
Open for 11 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354917b922a095cb8b0ab98ad98e08a01ec792aab9f5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Configuration/state
GET /api/Configuration/all
GET /api/Configuration/applied
GET /api/Configuration/byid
GET /api/Configuration/changes
GET /api/Configuration/clone
GET /api/Device
GET /api/Device/{id}
GET /api/Iot
GET /api/License
GET /api/License/machine
GET /api/License/self/approved
GET /api/License/timestamp
GET /api/License/wavex/create/download
GET /api/License/wavex/create/file
GET /api/Organization
GET /api/Organization/{id}
GET /api/Parameter
GET /api/Parameter/group
GET /api/Parameter/group/{id}
GET /api/Parameter/{id}
GET /api/Ping
GET /api/Settings/frontend
GET /api/Site
GET /api/Site/{id}
GET /api/Sync/configuration/metadata/ids
GET /api/Sync/configuration/metadata/missing
GET /api/Sync/configuration/missing
GET /api/Sync/configuration/timestamps
GET /api/Tenant
GET /api/User
GET /api/User/claims
GET /api/User/organization/{organizationId}
GET /authenticationapi/check
GET /authenticationapi/external/login
GET /authenticationapi/how
GET /authenticationapi/logout
POST /api/Configuration/tag
POST /api/License/self
POST /api/License/updateclaims
POST /api/Sync/configuration
POST /api/Sync/configuration/metadata
POST /authenticationapi/login
PUT /api/Configuration
PUT /api/User/permission/site/allowed
PUT /api/User/permission/site/owner

Found on 2025-12-13 20:14

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.64.2
Domain: davecyberblog.online
Port: 443
URL: https://davecyberblog.online

First seen 2024-06-28 00:43
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf176423f3e94de8919b64c8919b64c8919b64c
```
Found 2 files trough .DS_Store spidering:

/assets
/index.html
```
  Found on 2024-06-28 00:43
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.50.64.2
Domain: rpa.tibagroup.com
Port: 443
URL: https://rpa.tibagroup.com

First seen 2023-07-07 10:06
Last seen 2024-02-02 10:14
Open for 210 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc4c64d19d0cea692a81f2471b895dcce1
```
Found 4 files trough .DS_Store spidering:

/static
/static/css
/static/js
/static/media
```
  Found on 2024-02-02 10:14
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 20.50.64.2
Domain: www.codewiththemistoklis.com
Port: 443
URL: https://www.codewiththemistoklis.com

First seen 2022-06-30 00:03
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb3ad39a5a
```
[core]
	repositoryformatversion = 0
	filemode = false
	bare = false
	logallrefupdates = true
	ignorecase = true
[remote "origin"]
	url = https://github.com/azureappserviceoss/wordpress-azure
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
[branch "linux-appservice"]
	remote = origin
	merge = refs/heads/linux-appservice
```
  Found on 2022-06-30 00:03
  
  380 Bytes
Create report

Open service 20.50.64.2:80 · people.fortedigital.com

2026-02-08 08:48

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sun, 08 Feb 2026 08:49:01 GMT
Location: https://people.fortedigital.com/

Found 2 days ago by HttpPlugin

Host 20.50.64.2

Ireland

Software information

Swagger API description is publicly available

Swagger API description is publicly available

GraphQL introspection is enabled.

Swagger API description is publicly available

Swagger API description is publicly available

GraphQL introspection is enabled.

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

GraphQL introspection is enabled.

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

MacOS file listing through .DS_Store file

MacOS file listing through .DS_Store file

Git configuration and history exposed