LeakIX - Host virtualcoach.seat.com

Domain virtualcoach.seat.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.17.100.232
Domain: virtualcoach.seat.com
Port: 443
URL: https://virtualcoach.seat.com

First seen 2025-10-23 15:45
Last seen 2026-02-09 07:59
Open for 108 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bfb408001101893f310b1f660338569b965c9e5b3
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /app/auth/logout
GET /app/download/{modelId}
GET /app/download/{type}/{modelId}/{id}
GET /app/users
POST /app/activate-model
POST /app/auth/activate
POST /app/auth/login
POST /app/auth/recover-password
POST /app/auth/verify-code
POST /app/classification-model
PUT /app/auth/refresh
PUT /app/change-password
PUT /app/user-exercise-answer
PUT /app/user-quiz-answer
PUT /app/user-theoretical-access
```
  Found on 2026-02-09 07:59
Create report

Open service 2.17.100.232:443 · virtualcoach.seat.com

2026-01-09 17:46

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Fri, 09 Jan 2026 17:46:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Jan 2026 17:46:53 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2026-01-09 by HttpPlugin

Create report

Open service 2.16.204.71:80 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Location: https://virtualcoach.seat.com:443/
Expires: Thu, 08 Jan 2026 07:53:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:53:38 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 2a02:26f0:480:23::1726:6295:80 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Location: https://virtualcoach.seat.com:443/
Expires: Thu, 08 Jan 2026 07:53:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:53:37 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 2a02:26f0:480:23::1726:6295:443 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Thu, 08 Jan 2026 07:52:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:52:56 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2026-01-08 by HttpPlugin

Create report

Open service 2.16.204.89:443 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Thu, 08 Jan 2026 07:52:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:52:57 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2026-01-08 by HttpPlugin

Create report

Open service 2a02:26f0:480:23::1726:62ac:80 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Location: https://virtualcoach.seat.com:443/
Expires: Thu, 08 Jan 2026 07:53:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:53:34 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 2.16.204.89:80 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 134
Location: https://virtualcoach.seat.com:443/
Expires: Thu, 08 Jan 2026 07:53:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:53:37 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 2a02:26f0:480:23::1726:62ac:443 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Thu, 08 Jan 2026 07:52:56 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:52:56 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2026-01-08 by HttpPlugin

Create report

Open service 2.16.204.71:443 · virtualcoach.seat.com

2026-01-08 07:52

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Thu, 08 Jan 2026 07:52:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jan 2026 07:52:57 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2026-01-08 by HttpPlugin

Create report

Open service 2.17.100.232:443 · virtualcoach.seat.com

2026-01-02 06:56

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Fri, 02 Jan 2026 06:56:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jan 2026 06:56:07 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2026-01-02 by HttpPlugin

Create report

Open service 2.17.100.232:443 · virtualcoach.seat.com

2025-12-23 04:51

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://virtualcoach.seat.com/admin
Content-Language: en-US
Expires: Tue, 23 Dec 2025 04:51:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 23 Dec 2025 04:51:15 GMT
Connection: close
x-edgio-req-uri: %{request_uri:1}
x-edgio-rewrite: %{uri}
x-ruleset-version: 2.5

Found 2025-12-23 by HttpPlugin

Create report

api.prod.aws.seat.cloud.vwgroup.comapi.prod.seatmo.seat.cloud.vwgroup.comapi.productdata.seat.vwgroup.comapi.servicesgateway.seat.vwgroup.comapp.prod.security.seat.cloud.vwgroup.comapp.prod.smartwarranty.seat.cloud.vwgroup.comapps.datadriven.seat.cloud.vwgroup.comassets-successfactors.seat.comcardismantling.seat.eschatbotrrhh.seat.escm-tt.cupratrackingtool.comconfac.seat.esdocuware.seat.esediwebmat.seat.esescooter.prod.aws.seat.cloud.vwgroup.comfastlanett.api.seat.comgalo.seat.esgh-sec-app.prod.security.seat.cloud.vwgroup.comhotline.cro.seat.comhypml.seat.esola.prod.code.seat.cloud.vwgroup.comorder-service.prod.mygarage.seat.cloud.vwgroup.comqconnect.prod.code.seat.cloud.vwgroup.comseat.feather.deseatnetwork.seat.comsecure.prd.seat.essmartwarranty.prod.code.seat.cloud.vwgroup.comtriton.seat.comtriton3gen.seat.comusedparts.auction.seatcupra.comvalecaj.seat.esviban.seat.esvirtualcoach.seat.comvolkswagen-autoeuropa.feather.dewww.feather.dewww.mygarage.com.esyes.seat.es

Fingerprint:

20ad4cb8d3b7d78d3db6a63e29da3d021d0c8aa615f9bf19e84bf967fbf5b89d

CN:

secure.prd.seat.es

Key:

RSA-2048

Issuer:

R13

Not before:

2026-01-08 06:53

Not after:

2026-04-08 06:53

api.prod.aws.seat.cloud.vwgroup.comapi.prod.seatmo.seat.cloud.vwgroup.comapi.productdata.seat.vwgroup.comapi.servicesgateway.seat.vwgroup.comapp.prod.security.seat.cloud.vwgroup.comapp.prod.smartwarranty.seat.cloud.vwgroup.comapps.datadriven.seat.cloud.vwgroup.comassets-successfactors.seat.comcardismantling.seat.eschatbotrrhh.seat.escm-tt.cupratrackingtool.comconfac.seat.esdocuware.seat.esediwebmat.seat.esescooter.prod.aws.seat.cloud.vwgroup.comfastlanett.api.seat.comgalo.seat.esgh-sec-app.prod.security.seat.cloud.vwgroup.comhotline.cro.seat.comhypml.seat.esola.prod.code.seat.cloud.vwgroup.comorder-service.prod.mygarage.seat.cloud.vwgroup.comqconnect.prod.code.seat.cloud.vwgroup.comseat.feather.deseat.folyo.esseatnetwork.seat.comsecure.prd.seat.essmartwarranty.prod.code.seat.cloud.vwgroup.comtriton.seat.comtriton3gen.seat.comusedparts.auction.seatcupra.comvalecaj.seat.esviban.seat.esvirtualcoach.seat.comvolkswagen-autoeuropa.feather.dewww.feather.dewww.mygarage.com.esyes.seat.es

Fingerprint:

8ef7efded8fc945fd5f937f314385f43ded8f1b0abc0c3cecb372602ac817c97

CN:

secure.prd.seat.es

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-12 08:40

Not after:

2026-03-12 08:40

Domain summary

virtualcoach.seat.com 11

1 recorded

IP summary

2.17.100.232 1 2.16.204.71 1 2a02:26f0:480:23::1726:6295 1 2.16.204.89 1 2a02:26f0:480:23::1726:62ac 1

5 recorded

Domain virtualcoach.seat.com

Germany

Swagger API description is publicly available

Domain summary

IP summary