Domain copilot-api.enlabsoftware.com
Vietnam
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 14.224.156.34
Domain: copilot-api.enlabsoftware.com
Port: 8443
URL: https://copilot-api.enlabsoftware.com:8443First seen 2025-12-05 09:36
Last seen 2025-12-11 05:55
Open for 5 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb4dad927ce3d59acb08b66f18998697494e8fdf136Public Swagger UI/API detected at path: /api/swagger.json - sample paths: DELETE /conversations/{c_id} DELETE /saved-messages/{message_id} GET /conversations GET /messages GET /messages/{message_id}/more-like-this GET /messages/{message_id}/suggested-questions GET /meta GET /parameters GET /passport GET /remote-files/{url} GET /saved-messages GET /site GET /system-features GET /webapp/access-mode GET /webapp/permission PATCH /conversations/{c_id}/pin PATCH /conversations/{c_id}/unpin POST /audio-to-text POST /chat-messages POST /chat-messages/{task_id}/stop POST /completion-messages POST /completion-messages/{task_id}/stop POST /conversations/{c_id}/name POST /email-code-login POST /email-code-login/validity POST /files/upload POST /forgot-password POST /forgot-password/resets POST /forgot-password/validity POST /login POST /messages/{message_id}/feedbacks POST /remote-files/upload POST /text-to-audio POST /workflows/run POST /workflows/tasks/{task_id}/stopFound on 2025-12-11 05:55
-