Domain communications-test.api.rgcore.com
United Kingdom
Software information
Kestrel
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.90.134.43
Domain: communications-test.api.rgcore.com
Port: 443
URL: https://communications-test.api.rgcore.comFirst seen 2026-01-12 23:25
Last seen 2026-01-16 14:10
Open for 3 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549785b71db7b050e09572328fe16d697dc766e7221Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /s/Parse/{key} GET /s/{key} GET /v1/Accounts GET /v1/BlockCustomer GET /v1/Communications/CallerId GET /v1/Communications/Campaign/{campaignName} GET /v1/Communications/CaselistMissedCalls GET /v1/Communications/Counts/IVR GET /v1/Communications/Counts/MF GET /v1/Communications/Counts/RR GET /v1/Communications/Customer GET /v1/Communications/CustomerHistory GET /v1/Communications/Report GET /v1/Communications/UnreadsSproc GET /v1/Communications/VvcSnapshots/{aRef}/{gtRef} GET /v1/Sms/GetSmsProviders GET /v1/Sms/OutStatus GET /v1/Sms/ParentSlots GET /v1/TwilioVideo/geolocation/{aref}/{gtref} GET /v1/TwilioVideo/geolocation/{aref}/{gtref}/last GET /v1/Verify/ValidateSMS GET /v1/Verify/VerifySMS POST /v1/Communications/LastContact POST /v1/Email/Send POST /v1/Email/Status POST /v1/Letter/Send POST /v1/Notifications/Message POST /v1/Sms/VonageInbound POST /v1/Sms/VonageStatus POST /v1/TwilioCall/Dial POST /v1/TwilioCall/recording POST /v1/TwilioVideo POST /v1/TwilioVideo/geolocation PUT /v1/Communications/Amend PUT /v1/Communications/MarkCasesCommsAsReadFound on 2026-01-16 14:10
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.90.134.43
Domain: communications-test.api.rgcore.com
Port: 80
URL: http://communications-test.api.rgcore.comFirst seen 2026-01-12 23:25
Last seen 2026-01-22 11:55
Open for 9 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549785b71db7b050e09572328fe16d697dc766e7221Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /s/Parse/{key} GET /s/{key} GET /v1/Accounts GET /v1/BlockCustomer GET /v1/Communications/CallerId GET /v1/Communications/Campaign/{campaignName} GET /v1/Communications/CaselistMissedCalls GET /v1/Communications/Counts/IVR GET /v1/Communications/Counts/MF GET /v1/Communications/Counts/RR GET /v1/Communications/Customer GET /v1/Communications/CustomerHistory GET /v1/Communications/Report GET /v1/Communications/UnreadsSproc GET /v1/Communications/VvcSnapshots/{aRef}/{gtRef} GET /v1/Sms/GetSmsProviders GET /v1/Sms/OutStatus GET /v1/Sms/ParentSlots GET /v1/TwilioVideo/geolocation/{aref}/{gtref} GET /v1/TwilioVideo/geolocation/{aref}/{gtref}/last GET /v1/Verify/ValidateSMS GET /v1/Verify/VerifySMS POST /v1/Communications/LastContact POST /v1/Email/Send POST /v1/Email/Status POST /v1/Letter/Send POST /v1/Notifications/Message POST /v1/Sms/VonageInbound POST /v1/Sms/VonageStatus POST /v1/TwilioCall/Dial POST /v1/TwilioCall/recording POST /v1/TwilioVideo POST /v1/TwilioVideo/geolocation PUT /v1/Communications/Amend PUT /v1/Communications/MarkCasesCommsAsReadFound on 2026-01-22 11:55
-
-
Open service 20.90.134.43:80 · communications-test.api.rgcore.com
2026-01-22 11:55
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Thu, 22 Jan 2026 11:56:06 GMT Server: Kestrel Set-Cookie: ARRAffinity=d7fc18b8847de35b7f66a5fee35f553e2f0b0d145db44f6e48ff132385e672a5;Path=/;HttpOnly;Domain=communications-test.api.rgcore.com Transfer-Encoding: chunked Request-Context: appId=cid-v1:4fe16f9c-dfcf-49d2-b5c7-57e9a25b2641 Page title: Richmond Group <html lang="en"> <head> <meta charset="utf-8"/> <title>Richmond Group</title> <style> body { font-family: 'Libre Baskerville', 'Plantin', 'Mrs Eaves',serif; } .text { font-size: 70px; text-align: center; position: relative; display: inline-block; margin: 19px 0 0 0; width: 100%; } </style> <link rel="shortcut icon" href="#"> </head> <body> <div class="text"> <span><strong>Richmond</strong> Group</span> </div> </body> </html>Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.90.134.43:80 · communications-test.api.rgcore.com
2026-01-12 23:25
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Mon, 12 Jan 2026 23:26:06 GMT Server: Kestrel Set-Cookie: ARRAffinity=d7fc18b8847de35b7f66a5fee35f553e2f0b0d145db44f6e48ff132385e672a5;Path=/;HttpOnly;Domain=communications-test.api.rgcore.com Transfer-Encoding: chunked Request-Context: appId=cid-v1:4fe16f9c-dfcf-49d2-b5c7-57e9a25b2641 Page title: Richmond Group <html lang="en"> <head> <meta charset="utf-8"/> <title>Richmond Group</title> <style> body { font-family: 'Libre Baskerville', 'Plantin', 'Mrs Eaves',serif; } .text { font-size: 70px; text-align: center; position: relative; display: inline-block; margin: 19px 0 0 0; width: 100%; } </style> <link rel="shortcut icon" href="#"> </head> <body> <div class="text"> <span><strong>Richmond</strong> Group</span> </div> </body> </html>Found 2026-01-12 by HttpPluginCreate report
-
Open service 20.90.134.43:443 · communications-test.api.rgcore.com
2026-01-12 23:25
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Mon, 12 Jan 2026 23:26:05 GMT Server: Kestrel Set-Cookie: ARRAffinity=d7fc18b8847de35b7f66a5fee35f553e2f0b0d145db44f6e48ff132385e672a5;Path=/;HttpOnly;Secure;Domain=communications-test.api.rgcore.com Set-Cookie: ARRAffinitySameSite=d7fc18b8847de35b7f66a5fee35f553e2f0b0d145db44f6e48ff132385e672a5;Path=/;HttpOnly;SameSite=None;Secure;Domain=communications-test.api.rgcore.com Transfer-Encoding: chunked Request-Context: appId=cid-v1:4fe16f9c-dfcf-49d2-b5c7-57e9a25b2641 Page title: Richmond Group <html lang="en"> <head> <meta charset="utf-8"/> <title>Richmond Group</title> <style> body { font-family: 'Libre Baskerville', 'Plantin', 'Mrs Eaves',serif; } .text { font-size: 70px; text-align: center; position: relative; display: inline-block; margin: 19px 0 0 0; width: 100%; } </style> <link rel="shortcut icon" href="#"> </head> <body> <div class="text"> <span><strong>Richmond</strong> Group</span> </div> </body> </html>Found 2026-01-12 by HttpPluginCreate report