Domain auth.operio.co
The Netherlands
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-05 11:53
Last seen 2026-02-02 07:21
Open for 88 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035494723033b3e1a976f1a19a478891f7dcaee712234Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /Account/Customer/{resourceId} GET /Account GET /Account/FieldPersons GET /Account/FieldPersons/{contractorResourceId} GET /Account/FieldPersonsContractorById GET /Account/GetCustomerRoles GET /Account/GetSettingsUser GET /Account/GetSettingsUsers GET /Account/GetSubscription GET /Account/MyInformation GET /Account/RequestPasswordReset GET /Account/Roles GET /Account/RolesForContractors GET /Account/Supervizors GET /Account/{resourceId} POST /Account/DownloadCustomerUsersWithFilter POST /Account/DownloadSrv365UsersWithFilter POST /Account/GetCustomerUsers POST /Account/GetWithFilter POST /Account/MultiCreateOrUpdateSrv365Users POST /Account/MultiCreateOrUpdateUsers POST /Account/SubmitPasswordReset POST /Account/{resourceId}/RemoveProfilePicture POST /Account/{resourceId}/UploadProfilePicture PUT /Account/UpdateSubscription PUT /Account/{resourceId}/Password PUT /Account/{resourceId}/SetInitialPasswordFound on 2026-02-02 07:21
-
-
Open service 13.69.68.4:443 ยท auth.operio.co
2026-01-23 07:21
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 07:21:39 GMT Server: Kestrel
Found 2026-01-23 by HttpPluginCreate report