Domain api.yebolearn.com
United States
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-07 13:48
Last seen 2026-01-09 14:58
Open for 33 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 14:58
-
-
Open service 172.217.208.121:443 · api.yebolearn.com
2026-01-09 14:58
HTTP/1.1 404 Not Found content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 vary: Origin, Accept-Encoding access-control-allow-credentials: true x-request-id: f84c2457-e2c4-4c50-9a24-581fa5c04b0d ratelimit-policy: 100;w=900 ratelimit-limit: 100 ratelimit-remaining: 98 ratelimit-reset: 898 content-type: application/json; charset=utf-8 etag: W/"6a-BvkJgTXoKtTIo/GV/tB18cPub/o" x-cloud-trace-context: 2b4f4a11c69d32e794ec7dd422911d75 date: Fri, 09 Jan 2026 14:58:07 GMT server: Google Frontend Content-Length: 106 Connection: close {"success":false,"message":"Route / not found","error":{"code":"NOT_FOUND","message":"Route / not found"}}Found 2026-01-09 by HttpPluginCreate report
-
Open service 172.217.208.121:443 · api.yebolearn.com
2026-01-02 14:39
HTTP/1.1 404 Not Found content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 vary: Origin, Accept-Encoding access-control-allow-credentials: true x-request-id: 1b843647-c166-42a9-b01c-4debf7d77efd ratelimit-policy: 100;w=900 ratelimit-limit: 100 ratelimit-remaining: 98 ratelimit-reset: 899 content-type: application/json; charset=utf-8 etag: W/"6a-BvkJgTXoKtTIo/GV/tB18cPub/o" x-cloud-trace-context: ac6f22f3f099d712579a635a7a462421 date: Fri, 02 Jan 2026 14:39:34 GMT server: Google Frontend Content-Length: 106 Connection: close {"success":false,"message":"Route / not found","error":{"code":"NOT_FOUND","message":"Route / not found"}}Found 2026-01-02 by HttpPluginCreate report
-
Open service 172.217.208.121:443 · api.yebolearn.com
2025-12-23 06:10
HTTP/1.1 404 Not Found content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 vary: Origin, Accept-Encoding access-control-allow-credentials: true x-request-id: a1311af4-ce97-4db1-b622-22b0e076d408 ratelimit-policy: 100;w=900 ratelimit-limit: 100 ratelimit-remaining: 98 ratelimit-reset: 900 content-type: application/json; charset=utf-8 etag: W/"6a-BvkJgTXoKtTIo/GV/tB18cPub/o" x-cloud-trace-context: c8d44fd937ab8e6a3175a17f741e4afd date: Tue, 23 Dec 2025 06:10:49 GMT server: Google Frontend Content-Length: 106 Connection: close {"success":false,"message":"Route / not found","error":{"code":"NOT_FOUND","message":"Route / not found"}}Found 2025-12-23 by HttpPluginCreate report
-
Open service 172.217.208.121:443 · api.yebolearn.com
2025-12-21 03:13
HTTP/1.1 404 Not Found content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 vary: Origin, Accept-Encoding access-control-allow-credentials: true x-request-id: d645da97-a1f9-41ee-857f-34364f812f88 ratelimit-policy: 100;w=900 ratelimit-limit: 100 ratelimit-remaining: 98 ratelimit-reset: 900 content-type: application/json; charset=utf-8 etag: W/"6a-BvkJgTXoKtTIo/GV/tB18cPub/o" x-cloud-trace-context: dfa04cb35dd23584c6f7cf41553cf0ea date: Sun, 21 Dec 2025 03:13:39 GMT server: Google Frontend Content-Length: 106 Connection: close {"success":false,"message":"Route / not found","error":{"code":"NOT_FOUND","message":"Route / not found"}}Found 2025-12-21 by HttpPluginCreate report
-
Open service 172.217.208.121:443 · api.yebolearn.com
2025-12-19 05:22
HTTP/1.1 404 Not Found content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin origin-agent-cluster: ?1 referrer-policy: no-referrer strict-transport-security: max-age=15552000; includeSubDomains x-content-type-options: nosniff x-dns-prefetch-control: off x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-xss-protection: 0 vary: Origin, Accept-Encoding access-control-allow-credentials: true x-request-id: 752b1301-3bea-4ac7-9b1a-5ff8e7a8eed5 ratelimit-policy: 100;w=900 ratelimit-limit: 100 ratelimit-remaining: 98 ratelimit-reset: 899 content-type: application/json; charset=utf-8 etag: W/"6a-BvkJgTXoKtTIo/GV/tB18cPub/o" x-cloud-trace-context: c5961a36a683f95455627cd8d65e964b date: Fri, 19 Dec 2025 05:22:39 GMT server: Google Frontend Content-Length: 106 Connection: close {"success":false,"message":"Route / not found","error":{"code":"NOT_FOUND","message":"Route / not found"}}Found 2025-12-19 by HttpPluginCreate report