Domain course-api.ehbotest.nl
The Netherlands
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-22 04:12
Last seen 2026-01-23 00:29
Open for 31 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b84afd05e16f71aa76aacb694d6e57bdad58357bPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/ScormData/courseparticipation/{courseParticipationId} GET /api/Authentication/contentaccess/{courseId} GET /api/Authentication/courseparticipation GET /api/Authentication/login GET /api/Authentication/token/access GET /api/Authentication/token/refresh GET /api/Course/info/{courseId} GET /api/Info GET /api/Lms GET /api/Lms/id/{id} GET /api/ScormData/available GET /api/ScormData/latestcourseparticipation GET /api/ScormData/results GET /api/User GET /api/User/existing POST /api/Authentication/registeruser POST /api/Lms/webhook POST /api/ScormData/courseparticipation POST /api/ScormData/reset POST /api/ScormData/startcourse POST /api/Webinar/addtocourse POST /api/Webinar/removefromcourse PUT /api/ScormDataFound on 2026-01-23 00:29
-
-
Open service 13.69.68.45:443 ยท course-api.ehbotest.nl
2026-01-23 00:29
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 00:29:41 GMT Server: Kestrel Access-Control-Allow-Headers: Accept, Accept-Encoding, Accept-Language, Authorization, Connection, Content-Length, Content-Type, Host, Origin, Referer, sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-platform, Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, User-Agent Cache-Control: no-store
Found 2026-01-23 by HttpPluginCreate report