Domain api.gatship.com
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-29 11:25
Last seen 2026-02-02 03:35
Open for 34 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e9debab590e9aafed008ec2045447d856e35c525Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/Clients GET /api/v1/Clients/{clientNumber} GET /api/v1/ExchangeRates GET /api/v1/Expenses GET /api/v1/Expenses/ExpenseTemplates GET /api/v1/Expenses/{expenseId} GET /api/v1/Expenses/{expenseId}/Files/{documentId} GET /api/v1/Portcalls GET /api/v1/PurchaseInvoices GET /api/v1/PurchaseInvoices/{invoiceId} GET /api/v1/PurchaseInvoices/{invoiceId}/File GET /api/v1/SalesInvoices GET /api/v1/SalesInvoices/ByInvoiceNumber GET /api/v1/SalesInvoices/{invoiceId}/File GET /api/v1/Test/About-me GET /api/v1/Test/Ping POST /api/v1/Clients/{clientNumber}/MarkAsExported POST /api/v1/Expenses/AdvancePayment POST /api/v1/Expenses/{expenseId}/MarkAsExported POST /api/v1/Expenses/{expenseId}/MarkAsProcessed POST /api/v1/Portcalls/{portcallId}/MarkAsExported POST /api/v1/Portcalls/{portcallId}/UpdateDynamicFields POST /api/v1/PurchaseInvoices/{invoiceId}/CreateExpenseLine POST /api/v1/PurchaseInvoices/{invoiceId}/MarkAsExported POST /api/v1/SalesInvoices/{invoiceId}/MarkAsExported POST /api/v1/SalesInvoices/{invoiceId}/Settled POST /api/v1/Test/Clear-cache PUT /api/v1/ExchangeRates/{fromCurrencyCode}/{toCurrencyCode} PUT /api/v1/PurchaseInvoices/{invoiceId}/ConnectToBudgetLineFound on 2026-02-02 03:35 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e9debab590e9aafed008ec2045447d8541d252d7Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/Clients GET /api/v1/Clients/{clientNumber} GET /api/v1/ExchangeRates GET /api/v1/Expenses GET /api/v1/Expenses/ExpenseTemplates GET /api/v1/Expenses/{expenseId} GET /api/v1/Expenses/{expenseId}/Files/{documentId} GET /api/v1/Portcalls GET /api/v1/PurchaseInvoices GET /api/v1/PurchaseInvoices/{invoiceId}/File GET /api/v1/SalesInvoices GET /api/v1/SalesInvoices/ByInvoiceNumber GET /api/v1/SalesInvoices/{invoiceId}/File GET /api/v1/Test/About-me GET /api/v1/Test/Ping POST /api/v1/Clients/{clientNumber}/MarkAsExported POST /api/v1/Expenses/AdvancePayment POST /api/v1/Expenses/{expenseId}/MarkAsExported POST /api/v1/Expenses/{expenseId}/MarkAsProcessed POST /api/v1/Portcalls/{portcallId}/MarkAsExported POST /api/v1/Portcalls/{portcallId}/UpdateDynamicFields POST /api/v1/PurchaseInvoices/{invoiceId}/CreateExpenseLine POST /api/v1/PurchaseInvoices/{invoiceId}/MarkAsExported POST /api/v1/SalesInvoices/{invoiceId}/MarkAsExported POST /api/v1/SalesInvoices/{invoiceId}/Settled POST /api/v1/Test/Clear-cache PUT /api/v1/ExchangeRates/{fromCurrencyCode}/{toCurrencyCode} PUT /api/v1/PurchaseInvoices/{invoiceId}/ConnectToBudgetLineFound on 2026-01-16 00:37
-