LeakIX - Host api-test.simarine.net

Domain api-test.simarine.net

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.105.224.34
Domain: api-test.simarine.net
Port: 443
URL: https://api-test.simarine.net

First seen 2025-12-29 14:47
Last seen 2026-02-01 23:33
Open for 34 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035499aee10551943698271c51352e1a6fececd52e870

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Agreement
GET /api/Agreement/active
GET /api/Agreement/required
GET /api/Agreement/required_count
GET /api/Agreement/{id}
GET /api/AuthorizationDemo/admin/system-status
GET /api/AuthorizationDemo/device/{deviceSerial}/access-required
GET /api/AuthorizationDemo/device/{deviceSerial}/owner-only
GET /api/Certificate
GET /api/Certificate/certificateFile
GET /api/Device
GET /api/Device/registered
GET /api/Device/{deviceSerial}/online
GET /api/Device/{deviceSerial}/status
GET /api/Feedback
GET /api/Integration/certendpoint
GET /api/Integration/endpoint
GET /api/Integration/password
GET /api/Integration/port
GET /api/Integration/username
GET /api/MqttStatus/connection
GET /api/MqttStatus/devices
GET /api/MqttStatus/status
GET /api/MqttStatus/subscriptions
GET /api/Profile/profile
GET /api/Test/user-info
POST /api/Agreement/consent
POST /api/Device/delete
POST /api/Device/register
POST /api/Device/setascurrentdevice
POST /api/Device/{deviceSerial}/commands
POST /api/Device/{deviceSerial}/configure
POST /api/Device/{deviceSerial}/firmware/update
POST /api/Test/join-device-group/{deviceSerial}
POST /api/Test/simulate-signalr-call

Found on 2026-02-01 23:33

Create report

Open service 20.105.224.34:443 · api-test.simarine.net

2026-01-22 23:00

HTTP/1.1 404 Not Found
Connection: close
Content-Type: text/plain
Date: Thu, 22 Jan 2026 23:01:26 GMT
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:1abe9e70-1c30-401f-b7b4-022c4a1744e8


Status Code: 404; Not Found

Found 2026-01-22 by HttpPlugin

Create report

api-test.simarine.net

Fingerprint:

b516064f2c7f696a58d80813f3651ce0770e2fc2f52f6fb077d4dd2b82f4aea9

CN:

api-test.simarine.net

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-12-29 00:00

Not after:

2026-04-14 23:59

Domain summary

api-test.simarine.net 1

1 recorded

IP summary

20.105.224.34 2

1 recorded