Domain loanbook-test.api.rgcore.com
United Kingdom
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.90.134.43
Domain: loanbook-test.api.rgcore.com
Port: 443
URL: https://loanbook-test.api.rgcore.comFirst seen 2026-01-12 13:11
Last seen 2026-02-03 03:34
Open for 21 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498102aa97f6e0f41cb31f7f5ddd5df299004e699cPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/Loanbook/Allocation GET /api/v1/Loanbook/AppVersionCheck GET /api/v1/Loanbook/AppWhitelisted GET /api/v1/Loanbook/ArrearsCaselist GET /api/v1/Loanbook/Counts GET /api/v1/Loanbook/CurrentCount/{id} GET /api/v1/Loanbook/CurrentFlags GET /api/v1/Loanbook/CustomFlagTypes GET /api/v1/Loanbook/DataTypes GET /api/v1/Loanbook/DeDupe GET /api/v1/Loanbook/EventHistory GET /api/v1/Loanbook/Events GET /api/v1/Loanbook/ID GET /api/v1/Loanbook/LastDebtCollectionSubmissionDate GET /api/v1/Loanbook/LitigationAllocationList GET /api/v1/Loanbook/LiveCaselist GET /api/v1/Loanbook/Report GET /api/v1/Loanbook/Search GET /api/v1/Loanbook/WordList GET /api/v1/Loanbook/{LoanbookID} GET /api/v1/Loanbook/{LoanbookID}/CheckRegularDay GET /api/v1/Loanbook/{LoanbookID}/CollectionAdvantageReport GET /api/v1/Loanbook/{LoanbookID}/DefaultAndSettlementAmount GET /api/v1/Loanbook/{LoanbookID}/OriginalPaymentPlan GET /api/v1/Loanbook/{LoanbookID}/Statement GET /api/v1/Loanbook/{loanbookId}/RenderedStatement GET /api/v1/PushNotifications/Register/Handle/{handle} GET /api/v1/PushNotifications/Register/Id/{id} GET /api/v1/PushNotifications/Register/PushPlatforms GET /api/v1/PushNotifications/Register/Tag/{tag} POST /api/v1/Loanbook/AddBulkFlags POST /api/v1/Loanbook/AddLoan POST /api/v1/Loanbook/AppLoginSuccess POST /api/v1/Loanbook/CreateCustomFlagType POST /api/v1/Loanbook/FlagCaseList POST /api/v1/Loanbook/MostRecentLoanHistory POST /api/v1/Loanbook/NewWordList POST /api/v1/Loanbook/{LoanbookID}/AddTransaction POST /api/v1/Loanbook/{LoanbookID}/Allocation POST /api/v1/Loanbook/{LoanbookID}/DebtCollectionCase POST /api/v1/Loanbook/{LoanbookID}/Event POST /api/v1/PushNotifications/Register PUT /api/v1/Loanbook/AmendLender PUT /api/v1/Loanbook/Deactivate PUT /api/v1/Loanbook/EditCustomFlagType PUT /api/v1/Loanbook/ReportGenerated PUT /api/v1/Loanbook/Unsubscribe PUT /api/v1/Loanbook/{LoanbookID}/Amend PUT /api/v1/Loanbook/{LoanbookID}/ChangeRegularDay PUT /api/v1/Loanbook/{LoanbookID}/Flag/{FlagId} PUT /api/v1/Loanbook/{LoanbookID}/Scribble PUT /api/v1/Loanbook/{loanbookId}/PaymentsFound on 2026-02-03 03:34
-
-
Open service 20.90.134.43:80 · loanbook-test.api.rgcore.com
2026-01-12 13:11
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 12 Jan 2026 13:12:40 GMT Location: https://loanbook-test.api.rgcore.com/
Found 2026-01-12 by HttpPluginCreate report
-
Open service 20.90.134.43:443 · loanbook-test.api.rgcore.com
2026-01-12 13:11
HTTP/1.1 200 OK Content-Length: 641 Connection: close Content-Type: text/html Date: Mon, 12 Jan 2026 13:12:39 GMT Server: Kestrel Accept-Ranges: bytes ETag: "1dc6863db9fb601" Last-Modified: Mon, 08 Dec 2025 16:58:21 GMT Request-Context: appId=cid-v1:dc42f251-cc31-4dfa-9b2d-c7e37cd615d6 Page title: Richmond Group <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <title>Richmond Group</title> <style> body { font-family: 'Libre Baskerville', 'Plantin', 'Mrs Eaves'; } .text { font-size: 70px; text-align: center; position: relative; display: inline-block; margin: 19px 0px 0px 0px; width: 100%; } </style> <link rel="shortcut icon" href="#"> </head> <body> <div class="text"> <span><strong>Richmond</strong> Group</span> </div> </body> </html> <script> console.log("V0.0.0.7") </script>Found 2026-01-12 by HttpPluginCreate report