Domain api.nibbl.pet
United Kingdom
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-18 18:00
Last seen 2026-02-01 19:41
Open for 75 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-01 19:41 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498123c691db90c0f626832b530cae7d25ed9e3c65Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/v1/carers/me/images/{imageId} GET /api/v1/AnimalTypes GET /api/v1/Auth/me GET /api/v1/Auth/sessions GET /api/v1/Bookings GET /api/v1/Bookings/{bookingId} GET /api/v1/Carers GET /api/v1/Carers/{slug} GET /api/v1/Pets GET /api/v1/Pets/{id} GET /api/v1/carers/me GET /api/v1/carers/me/faqs GET /api/v1/carers/me/services GET /api/v1/messages/threads GET /api/v1/messages/threads/{threadId} GET /api/v1/messages/unread-count GET /api/v1/owners/me/vet-practice GET /documents/{path} GET /media/{path} POST /api/v1/Auth/accept-terms POST /api/v1/Auth/change-password POST /api/v1/Auth/forgot-password POST /api/v1/Auth/login POST /api/v1/Auth/refresh POST /api/v1/Auth/register POST /api/v1/Auth/reset-password POST /api/v1/Auth/revoke POST /api/v1/Auth/revoke-all POST /api/v1/Auth/social-login POST /api/v1/Bookings/{bookingId}/cancel POST /api/v1/Bookings/{bookingId}/confirm POST /api/v1/Bookings/{bookingId}/decline POST /api/v1/Carers/{id}/connect POST /api/v1/Pets/{petId}/image POST /api/v1/Pets/{petId}/vaccinations POST /api/v1/carers/me/documents POST /api/v1/carers/me/images/{type} POST /api/v1/contact POST /api/v1/messages/threads/{threadId}/reply PUT /api/v1/Auth/me/marketing-preference PUT /api/v1/Pets/vaccinations/{vaccinationId} PUT /api/v1/carers/me/documents/{documentId}Found on 2026-01-16 04:37 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498123c691db90c0f626832b530cae7d25bfae422ePublic Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/v1/carers/me/images/{imageId} GET /api/v1/AnimalTypes GET /api/v1/Auth/me GET /api/v1/Auth/sessions GET /api/v1/Bookings GET /api/v1/Bookings/{bookingId} GET /api/v1/Carers GET /api/v1/Carers/{slug} GET /api/v1/Pets GET /api/v1/Pets/{id} GET /api/v1/carers/me GET /api/v1/carers/me/faqs GET /api/v1/carers/me/services GET /api/v1/messages/threads GET /api/v1/messages/threads/{threadId} GET /api/v1/messages/unread-count GET /api/v1/owners/me/vet-practice GET /documents/{path} POST /api/v1/Auth/accept-terms POST /api/v1/Auth/change-password POST /api/v1/Auth/forgot-password POST /api/v1/Auth/login POST /api/v1/Auth/refresh POST /api/v1/Auth/register POST /api/v1/Auth/reset-password POST /api/v1/Auth/revoke POST /api/v1/Auth/revoke-all POST /api/v1/Auth/social-login POST /api/v1/Bookings/{bookingId}/cancel POST /api/v1/Bookings/{bookingId}/confirm POST /api/v1/Bookings/{bookingId}/decline POST /api/v1/Carers/{id}/connect POST /api/v1/Pets/{petId}/image POST /api/v1/Pets/{petId}/vaccinations POST /api/v1/carers/me/documents POST /api/v1/carers/me/images/{type} POST /api/v1/contact POST /api/v1/messages/threads/{threadId}/reply PUT /api/v1/Auth/me/marketing-preference PUT /api/v1/Pets/vaccinations/{vaccinationId} PUT /api/v1/carers/me/documents/{documentId}Found on 2025-11-21 08:04
-