Domain billing.dev.workai.cloud
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-04 00:11
Last seen 2026-01-23 09:51
Open for 80 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549939d29424bd6f5581ddd325ab1bdc380ab994697Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /BySubscription(uuid={uuid}) GET /GeneratePdf(invoiceNumber={invoiceNumber}) GET /api/About/Version GET /v1/Coupons({key}) GET /v1/Coupons/{key} GET /v1/Invoices GET /v1/Invoices/$count GET /v1/Invoices/BySubscription(uuid={uuid}) GET /v1/Invoices/Elastic.Billing.API.BySubscription(uuid={uuid}) GET /v1/Invoices/Elastic.Billing.API.GeneratePdf(invoiceNumber={invoiceNumber}) GET /v1/Invoices/GeneratePdf(invoiceNumber={invoiceNumber}) GET /v1/Offers GET /v1/Offers/$count GET /v1/Organizations({key}) GET /v1/Organizations/{key} GET /v1/Subscriptions GET /v1/Subscriptions/$count POST /v1/Organizations POST /v1/Subscriptions({key})/AddLicenses POST /v1/Subscriptions({key})/Cancel POST /v1/Subscriptions({key})/Elastic.Billing.API.AddLicenses POST /v1/Subscriptions({key})/Elastic.Billing.API.Cancel POST /v1/Subscriptions/{key}/AddLicenses POST /v1/Subscriptions/{key}/Cancel POST /v1/Subscriptions/{key}/Elastic.Billing.API.AddLicenses POST /v1/Subscriptions/{key}/Elastic.Billing.API.CancelFound on 2026-01-23 09:51
-
-
Open service 20.105.224.45:443 · billing.dev.workai.cloud
2026-01-23 09:51
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Fri, 23 Jan 2026 09:51:47 GMT Set-Cookie: ARRAffinity=ffbca59b025949de884b4d868d5979b22329f43e038fd0828f4548a11a1dec35;Path=/;HttpOnly;Secure;Domain=billing.dev.workai.cloud Set-Cookie: ARRAffinitySameSite=ffbca59b025949de884b4d868d5979b22329f43e038fd0828f4548a11a1dec35;Path=/;HttpOnly;SameSite=None;Secure;Domain=billing.dev.workai.cloud Transfer-Encoding: chunked Strict-Transport-Security: max-age=2592000 x-trace-id: 5520cc334d4d4c4601c43377fde53048 healthy
Found 2026-01-23 by HttpPluginCreate report
-
Open service 20.105.224.45:443 · billing.dev.workai.cloud
2026-01-09 14:42
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Fri, 09 Jan 2026 14:43:57 GMT Set-Cookie: ARRAffinity=e8c3b4220b9f97cf537feeb7ca8d7ede0c132f0c307819c4775a3815213a81d8;Path=/;HttpOnly;Secure;Domain=billing.dev.workai.cloud Set-Cookie: ARRAffinitySameSite=e8c3b4220b9f97cf537feeb7ca8d7ede0c132f0c307819c4775a3815213a81d8;Path=/;HttpOnly;SameSite=None;Secure;Domain=billing.dev.workai.cloud Transfer-Encoding: chunked Strict-Transport-Security: max-age=2592000 x-trace-id: 88e6b92d163a3f8596f93356bf327719 healthy
Found 2026-01-09 by HttpPluginCreate report
-
Open service 20.105.224.45:80 · billing.dev.workai.cloud
2026-01-03 00:04
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sat, 03 Jan 2026 00:04:39 GMT Location: https://billing.dev.workai.cloud/
Found 2026-01-03 by HttpPluginCreate report
-
Open service 20.105.224.45:443 · billing.dev.workai.cloud
2026-01-03 00:04
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Sat, 03 Jan 2026 00:04:39 GMT Set-Cookie: ARRAffinity=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;Secure;Domain=billing.dev.workai.cloud Set-Cookie: ARRAffinitySameSite=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;SameSite=None;Secure;Domain=billing.dev.workai.cloud Transfer-Encoding: chunked Strict-Transport-Security: max-age=2592000 x-trace-id: fd38ddcdd1c5dcd50a7459f1665e6310 healthy
Found 2026-01-03 by HttpPluginCreate report
-
Open service 20.105.224.45:443 · billing.dev.workai.cloud
2026-01-02 11:39
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Fri, 02 Jan 2026 11:39:24 GMT Set-Cookie: ARRAffinity=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;Secure;Domain=billing.dev.workai.cloud Set-Cookie: ARRAffinitySameSite=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;SameSite=None;Secure;Domain=billing.dev.workai.cloud Transfer-Encoding: chunked Strict-Transport-Security: max-age=2592000 x-trace-id: a7b108a9d56e54f287f15599dc329cbd healthy
Found 2026-01-02 by HttpPluginCreate report
-
Open service 20.105.224.45:443 · billing.dev.workai.cloud
2025-12-22 19:37
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Mon, 22 Dec 2025 19:37:10 GMT Set-Cookie: ARRAffinity=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;Secure;Domain=billing.dev.workai.cloud Set-Cookie: ARRAffinitySameSite=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;SameSite=None;Secure;Domain=billing.dev.workai.cloud Transfer-Encoding: chunked Strict-Transport-Security: max-age=2592000 x-trace-id: 3ec2d26e216458862b52c02962b31250 healthy
Found 2025-12-22 by HttpPluginCreate report