Domain webapi-usc.torus-technology.com
United States
Software information
Microsoft-IIS 10.0
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.118.48.5
Domain: webapi-usc.torus-technology.com
Port: 443
URL: https://webapi-usc.torus-technology.comFirst seen 2025-11-28 01:17
Last seen 2026-02-09 20:05
Open for 73 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549c911ac2b83c5d2e994b11c0dd89173652ffbdd2bPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/Alert GET /api/Alert/{id} GET /api/AlertTemplate GET /api/AlertTemplate/{id} GET /api/Application/GetConfigurations GET /api/Application/GetCustomerList GET /api/Application/GetCustomerListForAdmins GET /api/Application/GetPermissions GET /api/Application/GetPermittedConfigurations GET /api/Application/GetPermittedUILocalisations GET /api/Application/GetUILocalisations GET /api/Application/GetUILookups GET /api/BulkData GET /api/BulkData/GetExportFileURL GET /api/BulkData/GetFileDeleteUrl GET /api/BulkData/GetImportFileBlobDetails GET /api/BulkData/GetImportFileURL GET /api/BulkData/GetImportLogFileURL GET /api/Cabinet GET /api/Cabinet/GetAllCabinetDataMasks GET /api/Cabinet/GetCabinetBasicDetails GET /api/Cabinet/GetCabinetItemsByCabinet GET /api/Cabinet/GetCabinetsByCustomer GET /api/Cabinet/GetUserAccessibleItemsByCustomer GET /api/Cabinet/{id} GET /api/ColumnConfiguration/GetColumnsByReportName GET /api/Configuration GET /api/Configuration/{id} GET /api/Customer GET /api/Customer/GetLogoDeleteUrl GET /api/Customer/GetLogoReadUrl GET /api/Customer/GetLogoWriteUrl GET /api/Customer/{id} GET /api/DeviceUpdate GET /api/DeviceUpdate/GetPendingDeviceUpdates GET /api/DeviceUpdate/{id} GET /api/EventAlarmConfiguration GET /api/EventAlarmConfiguration/{id} GET /api/EventPriority GET /api/ExternalSystem GET /api/ExternalSystem/GetExternalSystemDevices GET /api/ExternalSystem/GetExternalSystemPropertyMappings GET /api/ExternalSystem/GetExternalSystemsWithDataMasksForCustomer GET /api/ExternalSystem/GetHasPingIdSystem GET /api/ExternalSystem/GetMiddlewareBlobUrl GET /api/ExternalSystem/{id} GET /api/Groups GET /api/Groups/GetCustomerAccessGroups GET /api/Groups/{id} GET /api/HelpCentre/GetDownloadUrl GET /api/ItemGroup GET /api/ItemGroup/GetItemGroupsByCustomer GET /api/ItemGroup/GetItemListByItemGroup GET /api/ItemGroup/{id} GET /api/LocalisationTexts GET /api/LocalisationTexts/{id} GET /api/Lookups GET /api/Lookups/{id} GET /api/MiddlewareLog/GetMiddlewareLogEvents GET /api/Permissions GET /api/Permissions/GetPermissionsByRole GET /api/Permissions/GetRolesByCustomer GET /api/Permissions/{id} GET /api/ReportSubscription GET /api/ReportSubscription/{id} GET /api/Site GET /api/Site/GetDataMaskForSite GET /api/Site/GetSecondaryDataMasksForSite GET /api/Site/GetSiteConfigurationsBySite GET /api/Site/GetSitesByCustomer GET /api/Site/{id} GET /api/User GET /api/User/GetEffectiveCustomerForUser GET /api/User/GetPIN GET /api/User/GetUsersBatchByCustomer GET /api/User/GetUsersByCustomer GET /api/User/{id} GET /api/UserGroup GET /api/UserGroup/GetUserGroupsBatchByCustomer GET /api/UserGroup/GetUserGroupsByCustomer GET /api/UserGroup/{id} POST /api/Alert/SendOverdueAlertSMS POST /api/DeviceUpdate/Publish POST /api/ExternalSystem/SyncExternalData POST /api/ExternalSystem/UpdateForceUserImportEpoch POST /api/ExternalSystem/UpdateTestEventEpoch POST /api/User/Access PUT /api/ColumnConfiguration/SetColumnConfigurationsForReportFound on 2026-02-09 20:05
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.118.48.5
Domain: webapi-usc.torus-technology.com
Port: 80
URL: http://webapi-usc.torus-technology.comFirst seen 2025-11-28 01:17
Last seen 2026-02-09 18:59
Open for 73 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549c911ac2b83c5d2e994b11c0dd89173652ffbdd2bPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/Alert GET /api/Alert/{id} GET /api/AlertTemplate GET /api/AlertTemplate/{id} GET /api/Application/GetConfigurations GET /api/Application/GetCustomerList GET /api/Application/GetCustomerListForAdmins GET /api/Application/GetPermissions GET /api/Application/GetPermittedConfigurations GET /api/Application/GetPermittedUILocalisations GET /api/Application/GetUILocalisations GET /api/Application/GetUILookups GET /api/BulkData GET /api/BulkData/GetExportFileURL GET /api/BulkData/GetFileDeleteUrl GET /api/BulkData/GetImportFileBlobDetails GET /api/BulkData/GetImportFileURL GET /api/BulkData/GetImportLogFileURL GET /api/Cabinet GET /api/Cabinet/GetAllCabinetDataMasks GET /api/Cabinet/GetCabinetBasicDetails GET /api/Cabinet/GetCabinetItemsByCabinet GET /api/Cabinet/GetCabinetsByCustomer GET /api/Cabinet/GetUserAccessibleItemsByCustomer GET /api/Cabinet/{id} GET /api/ColumnConfiguration/GetColumnsByReportName GET /api/Configuration GET /api/Configuration/{id} GET /api/Customer GET /api/Customer/GetLogoDeleteUrl GET /api/Customer/GetLogoReadUrl GET /api/Customer/GetLogoWriteUrl GET /api/Customer/{id} GET /api/DeviceUpdate GET /api/DeviceUpdate/GetPendingDeviceUpdates GET /api/DeviceUpdate/{id} GET /api/EventAlarmConfiguration GET /api/EventAlarmConfiguration/{id} GET /api/EventPriority GET /api/ExternalSystem GET /api/ExternalSystem/GetExternalSystemDevices GET /api/ExternalSystem/GetExternalSystemPropertyMappings GET /api/ExternalSystem/GetExternalSystemsWithDataMasksForCustomer GET /api/ExternalSystem/GetHasPingIdSystem GET /api/ExternalSystem/GetMiddlewareBlobUrl GET /api/ExternalSystem/{id} GET /api/Groups GET /api/Groups/GetCustomerAccessGroups GET /api/Groups/{id} GET /api/HelpCentre/GetDownloadUrl GET /api/ItemGroup GET /api/ItemGroup/GetItemGroupsByCustomer GET /api/ItemGroup/GetItemListByItemGroup GET /api/ItemGroup/{id} GET /api/LocalisationTexts GET /api/LocalisationTexts/{id} GET /api/Lookups GET /api/Lookups/{id} GET /api/MiddlewareLog/GetMiddlewareLogEvents GET /api/Permissions GET /api/Permissions/GetPermissionsByRole GET /api/Permissions/GetRolesByCustomer GET /api/Permissions/{id} GET /api/ReportSubscription GET /api/ReportSubscription/{id} GET /api/Site GET /api/Site/GetDataMaskForSite GET /api/Site/GetSecondaryDataMasksForSite GET /api/Site/GetSiteConfigurationsBySite GET /api/Site/GetSitesByCustomer GET /api/Site/{id} GET /api/User GET /api/User/GetEffectiveCustomerForUser GET /api/User/GetPIN GET /api/User/GetUsersBatchByCustomer GET /api/User/GetUsersByCustomer GET /api/User/{id} GET /api/UserGroup GET /api/UserGroup/GetUserGroupsBatchByCustomer GET /api/UserGroup/GetUserGroupsByCustomer GET /api/UserGroup/{id} POST /api/Alert/SendOverdueAlertSMS POST /api/DeviceUpdate/Publish POST /api/ExternalSystem/SyncExternalData POST /api/ExternalSystem/UpdateForceUserImportEpoch POST /api/ExternalSystem/UpdateTestEventEpoch POST /api/User/Access PUT /api/ColumnConfiguration/SetColumnConfigurationsForReportFound on 2026-02-09 18:59
-
-
Open service 20.118.48.5:80 · webapi-usc.torus-technology.com
2026-01-23 07:41
HTTP/1.1 307 Temporary Redirect Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 07:41:46 GMT Server: Microsoft-IIS/10.0 Location: https://webapi-usc.torus-technology.com/ Set-Cookie: ARRAffinity=af72d8249c4a49585ad96f9177cad93a0e6b606b97c7081d2c21378ea8b3e106;Path=/;HttpOnly;Domain=webapi-usc.torus-technology.com Request-Context: appId=cid-v1:7ba8b337-a1f8-4d98-b0f3-0a67cea8e4b5 X-Powered-By: ASP.NET
Found 2026-01-23 by HttpPluginCreate report
-
Open service 20.118.48.5:443 · webapi-usc.torus-technology.com
2026-01-23 03:50
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 03:51:25 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=af72d8249c4a49585ad96f9177cad93a0e6b606b97c7081d2c21378ea8b3e106;Path=/;HttpOnly;Secure;Domain=webapi-usc.torus-technology.com Set-Cookie: ARRAffinitySameSite=af72d8249c4a49585ad96f9177cad93a0e6b606b97c7081d2c21378ea8b3e106;Path=/;HttpOnly;SameSite=None;Secure;Domain=webapi-usc.torus-technology.com Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:7ba8b337-a1f8-4d98-b0f3-0a67cea8e4b5 X-Powered-By: ASP.NET
Found 2026-01-23 by HttpPluginCreate report
-
Open service 20.118.48.5:80 · webapi-usc.torus-technology.com
2026-01-10 01:20
HTTP/1.1 307 Temporary Redirect Content-Length: 0 Connection: close Date: Sat, 10 Jan 2026 01:21:45 GMT Server: Microsoft-IIS/10.0 Location: https://webapi-usc.torus-technology.com/ Set-Cookie: ARRAffinity=54400adf1c9d0764aefa6d4ffdd7d4c6a996801b0ccad3ab4611b3892b419729;Path=/;HttpOnly;Domain=webapi-usc.torus-technology.com Request-Context: appId=cid-v1:7ba8b337-a1f8-4d98-b0f3-0a67cea8e4b5 X-Powered-By: ASP.NET
Found 2026-01-10 by HttpPluginCreate report