Domain ebol-api.allhours.com
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-26 11:42
Last seen 2026-02-09 18:46
Open for 45 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60d7e801319da390ae7136bcf6d8744d5692af0884Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: DELETE /api/v1/Documents/UndoProcess/{id} GET /api/v1/Absences/Analyze GET /api/v1/Documents GET /api/v1/Documents/Process/{id} GET /api/v1/Documents/ProcessActions/{id} GET /api/v1/Documents/{id} GET /api/v1/SystemSettings GET /api/v1/SystemSettings/Configuration POST /api/v1/Absences/Notify POST /api/v1/Absences/Notify/Bulk POST /api/v1/Documents/Import POST /api/v1/Documents/Synchronize POST /api/v1/SystemSettings/Bulk PUT /api/v1/Documents/Process/Bulk PUT /api/v1/SystemSettings/{id}Found on 2026-02-09 18:46
-
-
Open service 20.50.2.65:443 ยท ebol-api.allhours.com
2026-01-23 08:42
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 08:42:47 GMT Location: index.html Strict-Transport-Security: max-age=2592000
Found 2026-01-23 by HttpPluginCreate report