Domain studentfirst-pbi14099b-admin.studentfirst.dev
The Netherlands
MICROSOFT-CORP-MSN-AS-BLOCK
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.101.2.157
Domain: studentfirst-pbi14099b-admin.studentfirst.dev
Port: 443
URL: https://studentfirst-pbi14099b-admin.studentfirst.devFirst seen 2025-11-20 22:54
Last seen 2026-01-03 00:08
Open for 43 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656Public Swagger UI/API detected at path: /swagger-ui.html
Found on 2026-01-03 00:08
-
-
Open service 20.101.2.157:443 · studentfirst-pbi14099b-admin.studentfirst.dev
2026-01-10 01:56
HTTP/1.1 404 Site Not Found Content-Length: 2667 Connection: close Content-Type: text/html Date: Sat, 10 Jan 2026 01:57:49 GMT Page title: Microsoft Azure Web App - Error 404 <!DOCTYPE html> <html> <head> <title>Microsoft Azure Web App - Error 404</title> <style type="text/css"> html { height: 100%; width: 100%; } #feature { width: 960px; margin: 75px auto 0 auto; overflow: auto; } #content { font-family: "Segoe UI"; font-weight: normal; font-size: 22px; color: #ffffff; float: left; margin-top: 68px; margin-left: 0px; vertical-align: middle; } #content h1 { font-family: "Segoe UI Light"; color: #ffffff; font-weight: normal; font-size: 60px; line-height: 48pt; width: 800px; } a, a:visited, a:active, a:hover { color: #ffffff; } #content a.button { background: #0DBCF2; border: 1px solid #FFFFFF; color: #FFFFFF; display: inline-block; font-family: Segoe UI; font-size: 24px; line-height: 46px; margin-top: 10px; padding: 0 15px 3px; text-decoration: none; } #content a.button img { float: right; padding: 10px 0 0 15px; } #content a.button:hover { background: #1C75BC; } </style> <script type="text/javascript"> function toggle_visibility(id) { var e = document.getElementById(id); if (e.style.display == 'block') e.style.display = 'none'; else e.style.display = 'block'; } </script> </head> <body bgcolor="#00abec"> <div id="feature"> <div id="content"> <h1>404 Web Site not found.</h1> <p>You may be seeing this error due to one of the reasons listed below :</p> <ul> <li>Custom domain has not been configured inside Azure. See <a href="https://go.microsoft.com/fwlink/?linkid=2194614">how to map an existing domain</a> to resolve this.</li> <li>Client cache is still pointing the domain to old IP address. Clear the cache by running the command <i>ipconfig/flushdns.</i></li> </ul> <p>Checkout <a href="https://go.microsoft.com/fwlink/?linkid=2194451">App Service Domain FAQ</a> for more questions.</p> </div> </div> </body> </html>Found 2026-01-10 by HttpPluginCreate report
-
Open service 20.101.2.157:443 · studentfirst-pbi14099b-admin.studentfirst.dev
2026-01-03 00:08
HTTP/1.1 200 OK Content-Length: 3989 Connection: close Content-Type: text/html Date: Sat, 03 Jan 2026 00:08:26 GMT Cache-Control: public, must-revalidate, max-age=30 ETag: "21887148" Last-Modified: Fri, 26 Dec 2025 19:43:54 GMT Strict-Transport-Security: max-age=10886400; includeSubDomains; preload Referrer-Policy: same-origin X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-DNS-Prefetch-Control: off Page title: Student First Admin <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Student First Admin</title> <base href="/" /> <link href="css/bootstrap/bootstrap.min.css?v=25.78" rel="stylesheet" /> <link href="css/app.css?v=25.78" rel="stylesheet" /> <link href="GlobalEdTech.Sis.WebApp.SPA.styles.css?v=25.78" rel="stylesheet" /> <link href="css/studentfirst.css?v=25.78" rel="stylesheet" /> <link href="https://unpkg.com/swagger-ui-dist/swagger-ui.css" rel="stylesheet" /> <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png"> <link rel="icon" type="image/png" href="favicon.png" /> <!--<link rel="manifest" href="/site.webmanifest">--> <link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5"> <link rel="stylesheet" href="https://unpkg.com/@progress/kendo-font-icons/dist/index.css" /> <meta name="msapplication-TileColor" content="#da532c"> <meta name="theme-color" content="#ffffff"> </head> <body> <div id="app"> <svg class="loading-progress"> <circle r="40%" cx="50%" cy="50%" /> <circle r="40%" cx="50%" cy="50%" /> </svg> <div class="loading-progress-text"></div> </div> <div id="blazor-error-ui"> <div class="error-content"> <div class="error-icon">⚠️</div> <div class="error-title" data-localize="ERROR_TITLE">Something went wrong</div> <div class="error-message" data-localize="ERROR_MESSAGE">The Student First system encountered an issue. Please refresh the page to continue.</div> <div class="error-actions"> <a href="" class="reload" data-localize="REFRESH_PAGE">Refresh Page</a> <a class="dismiss">✕</a> </div> </div> </div> <script> // Conditionally hide blazor-error-ui based on URL (function() { const currentUrl = window.location.href.toLowerCase(); const isDevelopment = currentUrl.includes('localhost') || currentUrl.includes('studentfirst.dev'); if (!isDevelopment) { const errorUi = document.getElementById('blazor-error-ui'); if (errorUi) { errorUi.style.display = 'none'; // Also prevent it from being shown by adding a CSS class override const style = document.createElement('style'); style.textContent = '#blazor-error-ui { display: none !important; }'; document.head.appendChild(style); } } })(); </script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js?v=25.78"></script> <script src="https://kendo.cdn.telerik.com/2025.1.227/js/kendo.all.min.js?v=25.78"></script> <script src="https://unpkg.com/swagger-ui-dist/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist/swagger-ui-standalone-preset.js"></script> <script src="_content/Telerik.UI.for.Blazor/js/telerik-blazor.js?v=25.78"></script> <script src="_content/Microsoft.Authentication.WebAssembly.Msal/AuthenticationService.js?v=25.78"></script> <script src="_framework/blazor.webassembly.js?v=25.78"></script> <script src="js/kendo-ui-license (1).js"></script> <script src="js/error-localization.js?v=25.78" charset="utf-8"></script> <script src="js/app.js?v=25.78"></script> <script src="js/scriptLoader.js?v=25.78"></script> <script src="js/go.js?v=25.78"></script> <script src="js/gojs-scripts.js?v=25.78"></script> <script src="js/kendo-script-workflow.js?v=25.78"></script> <script src="https://kit.fontawesome.com/4e6292f6e8.js?v=25.78" crossorigin="anonymous"></script> <script src="_content/Telerik.ReportViewer.Blazor/interop.js?v=25.78" defer></script> </body> </html>Found 2026-01-03 by HttpPluginCreate report
-
Open service 20.101.2.157:443 · studentfirst-pbi14099b-admin.studentfirst.dev
2025-12-23 03:40
HTTP/1.1 200 OK Content-Length: 3989 Connection: close Content-Type: text/html Date: Tue, 23 Dec 2025 03:40:05 GMT Cache-Control: public, must-revalidate, max-age=30 ETag: "46442495" Last-Modified: Fri, 19 Dec 2025 21:20:25 GMT Strict-Transport-Security: max-age=10886400; includeSubDomains; preload Referrer-Policy: same-origin X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-DNS-Prefetch-Control: off Page title: Student First Admin <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Student First Admin</title> <base href="/" /> <link href="css/bootstrap/bootstrap.min.css?v=25.77" rel="stylesheet" /> <link href="css/app.css?v=25.77" rel="stylesheet" /> <link href="GlobalEdTech.Sis.WebApp.SPA.styles.css?v=25.77" rel="stylesheet" /> <link href="css/studentfirst.css?v=25.77" rel="stylesheet" /> <link href="https://unpkg.com/swagger-ui-dist/swagger-ui.css" rel="stylesheet" /> <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png"> <link rel="icon" type="image/png" href="favicon.png" /> <!--<link rel="manifest" href="/site.webmanifest">--> <link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5"> <link rel="stylesheet" href="https://unpkg.com/@progress/kendo-font-icons/dist/index.css" /> <meta name="msapplication-TileColor" content="#da532c"> <meta name="theme-color" content="#ffffff"> </head> <body> <div id="app"> <svg class="loading-progress"> <circle r="40%" cx="50%" cy="50%" /> <circle r="40%" cx="50%" cy="50%" /> </svg> <div class="loading-progress-text"></div> </div> <div id="blazor-error-ui"> <div class="error-content"> <div class="error-icon">⚠️</div> <div class="error-title" data-localize="ERROR_TITLE">Something went wrong</div> <div class="error-message" data-localize="ERROR_MESSAGE">The Student First system encountered an issue. Please refresh the page to continue.</div> <div class="error-actions"> <a href="" class="reload" data-localize="REFRESH_PAGE">Refresh Page</a> <a class="dismiss">✕</a> </div> </div> </div> <script> // Conditionally hide blazor-error-ui based on URL (function() { const currentUrl = window.location.href.toLowerCase(); const isDevelopment = currentUrl.includes('localhost') || currentUrl.includes('studentfirst.dev'); if (!isDevelopment) { const errorUi = document.getElementById('blazor-error-ui'); if (errorUi) { errorUi.style.display = 'none'; // Also prevent it from being shown by adding a CSS class override const style = document.createElement('style'); style.textContent = '#blazor-error-ui { display: none !important; }'; document.head.appendChild(style); } } })(); </script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js?v=25.77"></script> <script src="https://kendo.cdn.telerik.com/2025.1.227/js/kendo.all.min.js?v=25.77"></script> <script src="https://unpkg.com/swagger-ui-dist/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist/swagger-ui-standalone-preset.js"></script> <script src="_content/Telerik.UI.for.Blazor/js/telerik-blazor.js?v=25.77"></script> <script src="_content/Microsoft.Authentication.WebAssembly.Msal/AuthenticationService.js?v=25.77"></script> <script src="_framework/blazor.webassembly.js?v=25.77"></script> <script src="js/kendo-ui-license (1).js"></script> <script src="js/error-localization.js?v=25.77" charset="utf-8"></script> <script src="js/app.js?v=25.77"></script> <script src="js/scriptLoader.js?v=25.77"></script> <script src="js/go.js?v=25.77"></script> <script src="js/gojs-scripts.js?v=25.77"></script> <script src="js/kendo-script-workflow.js?v=25.77"></script> <script src="https://kit.fontawesome.com/4e6292f6e8.js?v=25.77" crossorigin="anonymous"></script> <script src="_content/Telerik.ReportViewer.Blazor/interop.js?v=25.77" defer></script> </body> </html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 20.101.2.157:443 · studentfirst-pbi14099b-admin.studentfirst.dev
2025-12-20 16:47
HTTP/1.1 200 OK Content-Length: 3989 Connection: close Content-Type: text/html Date: Sat, 20 Dec 2025 16:47:04 GMT Cache-Control: public, must-revalidate, max-age=30 ETag: "46442495" Last-Modified: Fri, 19 Dec 2025 21:20:25 GMT Strict-Transport-Security: max-age=10886400; includeSubDomains; preload Referrer-Policy: same-origin X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-DNS-Prefetch-Control: off Page title: Student First Admin <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Student First Admin</title> <base href="/" /> <link href="css/bootstrap/bootstrap.min.css?v=25.77" rel="stylesheet" /> <link href="css/app.css?v=25.77" rel="stylesheet" /> <link href="GlobalEdTech.Sis.WebApp.SPA.styles.css?v=25.77" rel="stylesheet" /> <link href="css/studentfirst.css?v=25.77" rel="stylesheet" /> <link href="https://unpkg.com/swagger-ui-dist/swagger-ui.css" rel="stylesheet" /> <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png"> <link rel="icon" type="image/png" href="favicon.png" /> <!--<link rel="manifest" href="/site.webmanifest">--> <link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5"> <link rel="stylesheet" href="https://unpkg.com/@progress/kendo-font-icons/dist/index.css" /> <meta name="msapplication-TileColor" content="#da532c"> <meta name="theme-color" content="#ffffff"> </head> <body> <div id="app"> <svg class="loading-progress"> <circle r="40%" cx="50%" cy="50%" /> <circle r="40%" cx="50%" cy="50%" /> </svg> <div class="loading-progress-text"></div> </div> <div id="blazor-error-ui"> <div class="error-content"> <div class="error-icon">⚠️</div> <div class="error-title" data-localize="ERROR_TITLE">Something went wrong</div> <div class="error-message" data-localize="ERROR_MESSAGE">The Student First system encountered an issue. Please refresh the page to continue.</div> <div class="error-actions"> <a href="" class="reload" data-localize="REFRESH_PAGE">Refresh Page</a> <a class="dismiss">✕</a> </div> </div> </div> <script> // Conditionally hide blazor-error-ui based on URL (function() { const currentUrl = window.location.href.toLowerCase(); const isDevelopment = currentUrl.includes('localhost') || currentUrl.includes('studentfirst.dev'); if (!isDevelopment) { const errorUi = document.getElementById('blazor-error-ui'); if (errorUi) { errorUi.style.display = 'none'; // Also prevent it from being shown by adding a CSS class override const style = document.createElement('style'); style.textContent = '#blazor-error-ui { display: none !important; }'; document.head.appendChild(style); } } })(); </script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js?v=25.77"></script> <script src="https://kendo.cdn.telerik.com/2025.1.227/js/kendo.all.min.js?v=25.77"></script> <script src="https://unpkg.com/swagger-ui-dist/swagger-ui-bundle.js"></script> <script src="https://unpkg.com/swagger-ui-dist/swagger-ui-standalone-preset.js"></script> <script src="_content/Telerik.UI.for.Blazor/js/telerik-blazor.js?v=25.77"></script> <script src="_content/Microsoft.Authentication.WebAssembly.Msal/AuthenticationService.js?v=25.77"></script> <script src="_framework/blazor.webassembly.js?v=25.77"></script> <script src="js/kendo-ui-license (1).js"></script> <script src="js/error-localization.js?v=25.77" charset="utf-8"></script> <script src="js/app.js?v=25.77"></script> <script src="js/scriptLoader.js?v=25.77"></script> <script src="js/go.js?v=25.77"></script> <script src="js/gojs-scripts.js?v=25.77"></script> <script src="js/kendo-script-workflow.js?v=25.77"></script> <script src="https://kit.fontawesome.com/4e6292f6e8.js?v=25.77" crossorigin="anonymous"></script> <script src="_content/Telerik.ReportViewer.Blazor/interop.js?v=25.77" defer></script> </body> </html>Found 2025-12-20 by HttpPluginCreate report
*.msha-slice-3-am2-0-ase.p.azurewebsites.net*.scm.msha-slice-3-am2-0-ase.p.azurewebsites.net*.msha-slice-3-am2-0-ase.p.azure-mobile.net*.scm.msha-slice-3-am2-0-ase.p.azure-mobile.netmsha-slice-3-am2-0-ase.scm.p.azurewebsites.net
CN:
*.msha-slice-3-am2-0-ase.p.azurewebsites.net
Not before:
2025-11-22 14:26
Not after:
2026-05-21 14:26
studentfirst-pbi14099b-admin.studentfirst.dev
CN:
studentfirst-pbi14099b-admin.studentfirst.dev
Not before:
2025-11-06 00:00
Not after:
2026-04-14 23:59