Domain calendars.demo.workai.cloud
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.69.68.16
Domain: calendars.demo.workai.cloud
Port: 443
URL: https://calendars.demo.workai.cloudFirst seen 2025-10-23 00:03
Last seen 2026-01-16 09:41
Open for 85 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cafa191211da241da1cbdfe6dabd40762a1375f5Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/Event/{id}/EventTerm/{eventTermId}/EventTermParticipant/{eventTermParticipantId} GET /Account/LoggedOut GET /Account/Logout GET /Account/ProcessLogout GET /api/Category GET /api/Category/{id} GET /api/Event GET /api/Event/{id} GET /api/Event/{id}/EventAssignment GET /api/Event/{id}/EventAssignment/{eventAssignmentId} GET /api/Event/{id}/EventTerm GET /api/Event/{id}/EventTerm/{eventTermId} GET /api/Event/{id}/EventTerm/{eventTermId}/EventTermParticipant GET /api/Event/{id}/EventTerm/{eventTermId}/EventTermParticipantUnassigned GET /api/Event/{id}/UnassignedGroup GET /api/Event/{id}/UnassignedUser GET /api/Group GET /api/Group/{groupId} GET /api/MyEvent/All GET /api/MyEvent/Calendar GET /api/MyEvent/Calendar/Day GET /api/MyEvent/Calendar/Month GET /api/MyEvent/Lecturer GET /api/MyEvent/Registered GET /api/MyEvent/{eventId}/EventTerm/{eventTermId}/OtherTerms GET /api/MyEvent/{id}/Details GET /api/MyEvent/{id}/PrimaryParticipants GET /api/Settings GET /api/User GET /api/User/{userId} GET /api/administration/user/{userId}/Role GET /error/{code} PATCH /api/MyEvent/{id}/EventTermParticipant/{eventTermParticipantId} POST /api/CasbinMaintenance/casbin-initialization POST /api/Event/{id}/EventAssignments POST /api/Maintenance/RegisterNotifications POST /api/MyEvent/{id}/PrimaryParticipants/Excel POST /api/MyEvent/{id}/Register POST /api/MyEvent/{id}/Unregister POST /api/Provision POST /api/Provision/PublishAndRebuildCopiedContent POST /api/tenants/create POST /api/tenants/disable/{tenantName} POST /api/tenants/edit POST /api/tenants/enable/{tenantName} POST /api/tenants/remove/{tenantName} POST /api/tenants/setupFound on 2026-01-16 09:41
-