LeakIX - Host 13.69.68.16

Host 13.69.68.16

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Microsoft-IIS 10.0

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: spaces.demo.workai.cloud
Port: 443
URL: https://spaces.demo.workai.cloud

First seen 2025-12-08 00:11
Last seen 2026-02-10 00:20
Open for 64 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-10 00:20
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: fullscan-en.cybersecurityassessmenttool.com
Port: 443
URL: https://fullscan-en.cybersecurityassessmenttool.com

First seen 2025-12-08 07:57
Last seen 2026-02-09 21:09
Open for 63 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 21:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: isa-muecke.soviaretail.de
Port: 443
URL: https://isa-muecke.soviaretail.de

First seen 2025-12-26 11:33
Last seen 2026-02-09 19:55
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 19:55
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035494b85c9ebdd0cd098738ded18730fcbf51562ba17
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /auth/SignIn
GET /auth/SignOut
GET /exec/testsecure
POST /auth/AuthorizeAccess
POST /auth/GetExternalLoginProvider
POST /auth/GetExternalLoginProviders
POST /auth/Login
POST /auth/Logout
POST /auth/OfflineApiLogin
POST /auth/OfflineApiLogout
POST /exec/CallFunction
POST /exec/CallFunctionAsync
POST /exec/ExecuteProcess
POST /exec/ExecuteProcessRaw
POST /exec/GetPresentationSettings
POST /exec/GetResource
POST /exec/ProcessOnlineProcessActivityRequest
POST /exec/ProcessRequest
POST /exec/UploadTrace
```
  Found on 2026-01-23 04:10
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: integrations.demo.workai.cloud
Port: 443
URL: https://integrations.demo.workai.cloud

First seen 2025-10-25 00:12
Last seen 2026-02-09 19:25
Open for 107 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d91597c679b180052c7c722d427aaa44c4d36a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/Configuration/check-licenses
GET /v1/Integrations
GET /v1/Integrations/$count
GET /v1/Integrations/Elastic.Integrations.API.EnableSharePoint
GET /v1/Integrations/Elastic.Integrations.API.EnableSharePointCallback
GET /v1/Integrations/EnableSharePoint
GET /v1/Integrations/EnableSharePointCallback
GET /v1/{organizationId}/GoogleCloud/GetConfiguration
GET /v1/{organizationId}/GoogleDrive/Search
POST /v1/AI/Buddy
POST /v1/AI/Chat
POST /v1/AI/GenerateImage
POST /v1/AI/IdentifyNotAllowedContent
POST /v1/AI/SendPageBlocksToLLM
POST /v1/Integrations/DisableAirly
POST /v1/Integrations/DisableAzureMaps
POST /v1/Integrations/DisableDarkSky
POST /v1/Integrations/DisablePexels
POST /v1/Integrations/DisableSharePoint
POST /v1/Integrations/EnableAirly
POST /v1/Integrations/EnableAzureMaps
POST /v1/Integrations/EnableDarkSky
POST /v1/Integrations/EnablePexels
POST /v1/{organizationId}/GoogleCloud/UploadConfiguration

Found on 2026-02-09 19:25

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d91597722fd07d6377bd5326241a40a44281eb

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/Integrations
GET /v1/Integrations/$count
GET /v1/Integrations/Elastic.Integrations.API.EnableSharePoint
GET /v1/Integrations/Elastic.Integrations.API.EnableSharePointCallback
GET /v1/Integrations/EnableSharePoint
GET /v1/Integrations/EnableSharePointCallback
GET /v1/{organizationId}/GoogleCloud/GetConfiguration
GET /v1/{organizationId}/GoogleDrive/Search
POST /v1/AI/Buddy
POST /v1/AI/Chat
POST /v1/AI/GenerateImage
POST /v1/AI/IdentifyNotAllowedContent
POST /v1/AI/SendPageBlocksToLLM
POST /v1/Integrations/DisableAirly
POST /v1/Integrations/DisableAzureMaps
POST /v1/Integrations/DisableDarkSky
POST /v1/Integrations/DisablePexels
POST /v1/Integrations/DisableSharePoint
POST /v1/Integrations/EnableAirly
POST /v1/Integrations/EnableAzureMaps
POST /v1/Integrations/EnableDarkSky
POST /v1/Integrations/EnablePexels
POST /v1/{organizationId}/GoogleCloud/UploadConfiguration

Found on 2025-12-27 03:40

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-11-26 13:28

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: users.demo.workai.cloud
Port: 443
URL: https://users.demo.workai.cloud

First seen 2025-10-25 00:12
Last seen 2026-02-09 19:01
Open for 107 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 19:01
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: captcha.atm.it
Port: 443
URL: https://captcha.atm.it

First seen 2026-01-02 10:18
Last seen 2026-02-09 18:29
Open for 38 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6063bfce8b66ed06bd1609276e1609276e1609276e
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /Captcha
GET /Captcha/speech/{Guid}
POST /Captcha/{Guid}/{Value}
```
  Found on 2026-02-09 18:29
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: auth-api.test.fastbookspa.it
Port: 80
URL: http://auth-api.test.fastbookspa.it

First seen 2026-01-10 21:11
Last seen 2026-02-09 18:25
Open for 29 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d60bf756b04c69c44efb8b72cd1864139ee3e883

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Identity/users/{clientId}/feature/{feature}
DELETE /api/KeyClaims/claimValues/{keyClaimValueId}
DELETE /api/Users/{username}
GET /api/Adws
GET /api/Adws/fillpage
GET /api/Adws/search
GET /api/ApiScopes
GET /api/ApiScopes/{scopeId}
GET /api/ApiScopes/{scopeId}/Clients
GET /api/Clients
GET /api/Clients/{clientId}
GET /api/Clients/{clientId}/Scopes
GET /api/Clients/{id}/excel
GET /api/Features
GET /api/Features/{featureId}
GET /api/Features/{featureId}/Clients
GET /api/KeyClaims
GET /api/KeyClaims/{keyClaimId}
GET /api/Roles
GET /api/Roles/{roleId}
GET /api/Roles/{roleId}/Clients
GET /api/Roles/{roleId}/Features
GET /api/Users
GET /api/Users/search
PATCH /api/Users/{userName}/ToggleLockout
POST /api/Adws/import/{samAccountName}
POST /api/Clients/{clientId}/Scopes/{scope}
POST /api/Clients/{clientId}/enable
POST /api/Features/excel
POST /api/Identity/excel
POST /api/Identity/users
POST /api/Identity/users/{clientId}/2fa
POST /api/Identity/users/{clientId}/completeDraft
POST /api/Identity/usersFeature
POST /api/KeyClaims/{keyClaimId}/claimValues
POST /api/Roles/excel
POST /api/Roles/{roleId}/Features/{featureId}
PUT /api/Adws/changepwd
PUT /api/Adws/groupupdate
PUT /api/Identity/users/{clientId}

Found on 2026-02-09 18:25

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: sandbox-product-api.evidentlife.se
Port: 443
URL: https://sandbox-product-api.evidentlife.se

First seen 2026-01-10 23:58
Last seen 2026-02-09 18:20
Open for 29 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b9cef15600f562272f6008ff1c11d111d8d602e5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/needsguide
GET /api/v1/offers/evidentgo/get-offer
GET /api/v1/offers/{country}/{year}/{month}/{id}/policy
GET /api/v1/products
GET /api/v1/products/{id}
GET /api/v1/products/{id}/lookup-bankaccount
GET /api/v1/products/{id}/premium
GET /api/v1/validation/bankaccount
POST /api/v1/offers/evidentgo/accept-offer
POST /api/v1/products/evidentgo/save-init-data
POST /api/v1/products/evidentgo/submit
POST /api/v1/products/{id}/application
PUT /api/v1/offers/{country}/{year}/{month}/{id}
PUT /api/v1/offers/{country}/{year}/{month}/{id}/accept-by-signing

Found on 2026-02-09 18:20

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b9cef15600f562272f6008ff1c11d111ec92815b

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/needsguide
GET /api/v1/offers/evidentgo/get-offer
GET /api/v1/offers/{country}/{year}/{month}/{id}/policy
GET /api/v1/products
GET /api/v1/products/{id}
GET /api/v1/products/{id}/lookup-bankaccount
GET /api/v1/products/{id}/premium
GET /api/v1/validation/bankaccount
POST /api/v1/offers/evidentgo/accept-offer
POST /api/v1/products/evidentgo/submit
POST /api/v1/products/{id}/application
PUT /api/v1/offers/{country}/{year}/{month}/{id}
PUT /api/v1/offers/{country}/{year}/{month}/{id}/accept-by-signing

Found on 2026-01-23 13:07

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b9cef1564068cf5056b9c12e6358a4fac7e757a6

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/needsguide
GET /api/v1/offers/{country}/{year}/{month}/{id}/policy
GET /api/v1/products
GET /api/v1/products/{id}
GET /api/v1/products/{id}/lookup-bankaccount
GET /api/v1/products/{id}/premium
GET /api/v1/validation/bankaccount
POST /api/v1/products/{id}/application
PUT /api/v1/offers/{country}/{year}/{month}/{id}
PUT /api/v1/offers/{country}/{year}/{month}/{id}/accept-by-signing

Found on 2026-01-16 23:45

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: graph.demo.workai.cloud
Port: 443
URL: https://graph.demo.workai.cloud

First seen 2025-11-22 00:11
Last seen 2026-02-09 18:17
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035493b3b73509b9c7a87891c30cfc00c33911884ccb5
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /.well-known/oauth-authorization-server
GET /api/config
GET /api/limits
GET /api/products
GET /open-api/{service}/swagger.json
GET /proxy-openapi/swagger.json
```
  Found on 2026-02-09 18:17
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: beta.ventri.bellybalance.se
Port: 80
URL: http://beta.ventri.bellybalance.se

First seen 2026-01-11 05:19
Last seen 2026-02-09 18:16
Open for 29 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549f3f354653f9fb89b794b708d30bf3b4286ae4be1

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/BackOffice/users/{userId}
DELETE /api/users/remove
GET /api/BackOffice/users
GET /api/BackOffice/verificationTokens
GET /api/ContentfulNews/status
GET /api/Test/test
GET /api/bellyDiaryEntries
GET /api/bellyDiaryExport
GET /api/bellyDiaryStatistics
GET /api/favorites
GET /api/legacy/log/favorites
GET /api/legacy/log/scans
GET /api/me
GET /api/news/relevant
GET /api/profiles/{externalId}
GET /api/programme
GET /api/programme/progress
GET /api/programmes/{programmeId}
GET /api/programmes/{programmeId}/progress
GET /api/recipeCategories
GET /api/recipeCategories/{categoryId}/recipes
GET /api/recipeFavorites
GET /api/recipes
GET /api/recipes/{recipeId}
GET /api/scannerEntries
GET /api/settings
GET /api/status_check
GET /api/surveySessions
GET /api/surveySessions/{sessionId}
GET /api/surveys/{surveyId}
GET /api/users/{userId}
POST /api/authentication/generateJwtTokenFromLogin
POST /api/authentication/generateJwtTokenFromRefreshToken
POST /api/authentication/generateJwtTokenFromTrialVerificationToken
POST /api/authentication/revokeRefreshToken
POST /api/authentication/sendTrialVerificationToken
POST /api/code-verification
POST /api/email-verification
POST /api/favorites/create
POST /api/favorites/remove
POST /api/iterable/add-user
POST /api/legacy/favoritelog
POST /api/legacy/scanlog
POST /api/marketing/subscribe
POST /api/me/acceptTermsAndConditions
POST /api/news/markAsDismissed
POST /api/news/markAsRead
POST /api/profiles/{externalId}/sendVerificationCode
POST /api/profiles/{externalId}/verify
POST /api/programme/completeStepPart
POST /api/programme/completeStepPartV2
POST /api/programme/removeMyProgress
POST /api/programme/startStepPart
POST /api/programmes/{programmeId}/progress/completeStepPart
POST /api/programmes/{programmeId}/progress/startStepPart
POST /api/settings/updateMobileId
POST /api/statistics
POST /api/subscriptions/payments
POST /api/subscriptions/refresh_payments
POST /api/surveySessions/{sessionId}/submitAnswers
POST /api/users/{userId}/acceptTermsAndConditions
POST /api/users/{userId}/disablePushNotifications
POST /api/users/{userId}/enablePushNotifications
POST /api/users/{userId}/setNickname
POST /api/users/{userId}/updateMobileId
POST /api/users/{userId}/updateProfile
POST /api/webhooks/apple
POST /api/webhooks/google
POST /api/webhooks/wordpress
POST /api/zendesk/subscribe-news
PUT /api/BackOffice/users/{userId}/reset

Found on 2026-02-09 18:16

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: api.hallowplatform.com
Port: 443
URL: https://api.hallowplatform.com

First seen 2026-01-11 08:53
Last seen 2026-02-09 18:15
Open for 29 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 18:15
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: thirdparty-inbound-api-sandbox.lueg.de
Port: 443
URL: https://thirdparty-inbound-api-sandbox.lueg.de

First seen 2025-12-29 13:10
Last seen 2026-02-09 16:29
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549777dd9fb7ec001d764981a9364981a9364981a93
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/ping
POST /api/apz/update-order
POST /api/auth
```
  Found on 2026-02-09 16:29
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: learning.demo.workai.cloud
Port: 443
URL: https://learning.demo.workai.cloud

First seen 2025-11-15 00:06
Last seen 2026-02-09 16:07
Open for 86 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 16:07
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: usersprofile.demo.workai.cloud
Port: 443
URL: https://usersprofile.demo.workai.cloud

First seen 2025-11-04 00:04
Last seen 2026-02-09 15:49
Open for 97 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 15:49
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: connector.demo.workai.cloud
Port: 443
URL: https://connector.demo.workai.cloud

First seen 2025-10-25 00:05
Last seen 2026-02-09 15:25
Open for 107 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354959d9159715bf70f558a9ff3abf91808abf91808a
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
POST /v1/InitialForms
POST /v1/InitialIntranets
POST /v1/InitialOrchard
```
  Found on 2026-02-09 15:25
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: api.datamodeldesigner.io
Port: 443
URL: https://api.datamodeldesigner.io

First seen 2026-01-01 02:03
Last seen 2026-02-09 14:47
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 14:47
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: addressbook.demo.workai.cloud
Port: 443
URL: https://addressbook.demo.workai.cloud

First seen 2025-10-25 00:06
Last seen 2026-02-09 13:58
Open for 107 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354959d915976d61b1d4f8ff002b451108da4f9b57c9
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/{org}
GET /v1/{org}/$metadata
GET /v1/{org}/AddressBook
GET /v1/{org}/AddressBook({key})
GET /v1/{org}/AddressBook/$count
GET /v1/{org}/AddressBook/{key}
```
  Found on 2026-02-09 13:58
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: contents.demo.workai.cloud
Port: 443
URL: https://contents.demo.workai.cloud

First seen 2025-11-06 00:02
Last seen 2026-02-09 13:51
Open for 95 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d9159787c8d67d266069f7c9d72109f4afd108

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/ContentBlocks
GET /v1/ContentBlocks({key})
GET /v1/ContentBlocks/$count
GET /v1/ContentBlocks/{key}
GET /v1/ContentSync/Incoming
GET /v1/ContentSync/Outgoing
GET /v1/ContentSync/SyncableContent
GET /v1/ContentSync/SyncableTenant
GET /v1/ContentTags
GET /v1/ContentTags/$count
GET /v1/ContentTypes({key})
GET /v1/ContentTypes/{key}
GET /v1/Contents({key})
GET /v1/Contents/HasUserRead/{key}
GET /v1/Contents/List
GET /v1/Contents/{key}
GET /v1/Tags
GET /v1/Tags({key})
GET /v1/Tags/$count
GET /v1/Tags/{key}
POST /v1/ContentSync
POST /v1/ContentSync/Accept
POST /v1/ContentSync/Delete
POST /v1/ContentSync/Disable
POST /v1/ContentSync/Enable
POST /v1/ContentSync/Reject
POST /v1/Contents
POST /v1/Contents/Archive/{key}
POST /v1/Contents/MarkAsRead/{key}
POST /v1/Contents/Publish/{key}
POST /v1/InitialContents
PUT /v1/ContentTags(contentVersionId={contentVersionId},tagId={tagId})

Found on 2026-02-09 13:51

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d9159787c8d67d266069f7c9d72109fcfb3d80

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/ContentBlocks
GET /v1/ContentBlocks({key})
GET /v1/ContentBlocks/$count
GET /v1/ContentBlocks/{key}
GET /v1/ContentSync/Incoming
GET /v1/ContentSync/Outgoing
GET /v1/ContentSync/SyncableContent
GET /v1/ContentSync/SyncableTenant
GET /v1/ContentTags
GET /v1/ContentTags/$count
GET /v1/ContentTypes({key})
GET /v1/ContentTypes/{key}
GET /v1/Contents({key})
GET /v1/Contents/HasUserRead/{key}
GET /v1/Contents/{key}
GET /v1/Tags
GET /v1/Tags({key})
GET /v1/Tags/$count
GET /v1/Tags/{key}
POST /v1/ContentSync
POST /v1/ContentSync/Accept
POST /v1/ContentSync/Delete
POST /v1/ContentSync/Disable
POST /v1/ContentSync/Enable
POST /v1/ContentSync/Reject
POST /v1/Contents
POST /v1/Contents/Archive/{key}
POST /v1/Contents/MarkAsRead/{key}
POST /v1/Contents/Publish/{key}
POST /v1/InitialContents
PUT /v1/ContentTags(contentVersionId={contentVersionId},tagId={tagId})

Found on 2025-12-26 14:19

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: noexisto.volteapi.co
Port: 80
URL: http://noexisto.volteapi.co

First seen 2026-01-06 09:42
Last seen 2026-02-09 08:38
Open for 33 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 08:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: captcha.atm.it
Port: 80
URL: http://captcha.atm.it

First seen 2026-01-02 10:18
Last seen 2026-02-09 08:26
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6063bfce8b66ed06bd1609276e1609276e1609276e
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /Captcha
GET /Captcha/speech/{Guid}
POST /Captcha/{Guid}/{Value}
```
  Found on 2026-02-09 08:26
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: auth-api-test.mfingrosso.it
Port: 80
URL: http://auth-api-test.mfingrosso.it

First seen 2026-01-13 00:40
Last seen 2026-02-09 02:26
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d60bf756b04c69c44efb8b72cd1864139ee3e883

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Identity/users/{clientId}/feature/{feature}
DELETE /api/KeyClaims/claimValues/{keyClaimValueId}
DELETE /api/Users/{username}
GET /api/Adws
GET /api/Adws/fillpage
GET /api/Adws/search
GET /api/ApiScopes
GET /api/ApiScopes/{scopeId}
GET /api/ApiScopes/{scopeId}/Clients
GET /api/Clients
GET /api/Clients/{clientId}
GET /api/Clients/{clientId}/Scopes
GET /api/Clients/{id}/excel
GET /api/Features
GET /api/Features/{featureId}
GET /api/Features/{featureId}/Clients
GET /api/KeyClaims
GET /api/KeyClaims/{keyClaimId}
GET /api/Roles
GET /api/Roles/{roleId}
GET /api/Roles/{roleId}/Clients
GET /api/Roles/{roleId}/Features
GET /api/Users
GET /api/Users/search
PATCH /api/Users/{userName}/ToggleLockout
POST /api/Adws/import/{samAccountName}
POST /api/Clients/{clientId}/Scopes/{scope}
POST /api/Clients/{clientId}/enable
POST /api/Features/excel
POST /api/Identity/excel
POST /api/Identity/users
POST /api/Identity/users/{clientId}/2fa
POST /api/Identity/users/{clientId}/completeDraft
POST /api/Identity/usersFeature
POST /api/KeyClaims/{keyClaimId}/claimValues
POST /api/Roles/excel
POST /api/Roles/{roleId}/Features/{featureId}
PUT /api/Adws/changepwd
PUT /api/Adws/groupupdate
PUT /api/Identity/users/{clientId}

Found on 2026-02-09 02:26

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: files.demo.workai.cloud
Port: 443
URL: https://files.demo.workai.cloud

First seen 2025-12-02 00:06
Last seen 2026-02-06 04:20
Open for 66 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d915974a332445f1b3c223606cfd5502428ab8

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/FileMetadata
GET /v1/FileMetadata({key})
GET /v1/FileMetadata/$count
GET /v1/FileMetadata/{key}
GET /v1/{organizationId}/FileMetadata
GET /v1/{organizationId}/FileMetadata/{key}
GET /v1/{organizationId}/Files/ApiUrl/{apiURL}
GET /v1/{organizationId}/Files/Url/{id}
GET /v1/{organizationId}/Files/Url/{path}
GET /v1/{organizationId}/Files/{id}
GET /v1/{organizationId}/Files/{path}
POST /v1/{organizationId}/Files
POST /v1/{organizationId}/Files/Copy

Found on 2026-02-06 04:20

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d915974a332445f1b3c223606cfd5541d9478d

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/FileMetadata
GET /v1/FileMetadata({key})
GET /v1/FileMetadata/$count
GET /v1/FileMetadata/{key}
GET /v1/{organizationId}/FileMetadata
GET /v1/{organizationId}/FileMetadata/{key}
GET /v1/{organizationId}/Files/Url/{id}
GET /v1/{organizationId}/Files/Url/{path}
GET /v1/{organizationId}/Files/{id}
GET /v1/{organizationId}/Files/{path}
POST /v1/{organizationId}/Files
POST /v1/{organizationId}/Files/Copy

Found on 2025-12-27 04:23

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: tasks-svc.demo.workai.cloud
Port: 443
URL: https://tasks-svc.demo.workai.cloud

First seen 2025-11-09 00:04
Last seen 2026-02-05 19:11
Open for 88 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a8148a761d0053bbc45b5d9ff4eb5af282e65b2b
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /Account/LoggedOut
GET /Account/Logout
GET /Account/ProcessLogout
GET /api/About/api/About/Version
GET /api/Notifications/Image
GET /api/Notifications/Register
GET /api/Tasks
GET /api/Tasks({key})
GET /api/Tasks/$count
GET /api/Tasks/{id}/Action/{actionId}
GET /api/Tasks/{key}
GET /api/content/{contentItemId}
POST /api/Provision
POST /api/Provision/PublishAndRebuildCopiedContent
POST /api/Tasks/BulkDelete
POST /api/content
POST /api/tenants/create
POST /api/tenants/setup
```
  Found on 2026-02-05 19:11
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: dashboard-inspire-tst.skillstown.dev
Port: 443
URL: https://dashboard-inspire-tst.skillstown.dev

First seen 2026-01-11 00:13
Last seen 2026-02-02 12:45
Open for 22 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6043b09fe043b09fe043b09fe043b09fe043b09fe0
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /dashboard/v1/handlers/ans-course-progress
```
  Found on 2026-02-02 12:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: identity-governor-tst.skillstown.dev
Port: 443
URL: https://identity-governor-tst.skillstown.dev

First seen 2026-01-11 00:15
Last seen 2026-02-02 12:45
Open for 22 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035492ff234957ca66696001b1d91105c9a3a41f8b0b4
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/clients
GET /api/v1/clients/{clientId}
GET /api/v1/companies
GET /api/v1/companies/{id}
GET /api/v1/identity-providers
GET /api/v1/identity-providers/{scheme}
GET /api/v1/users/find
GET /api/v1/users/idp/{userId}
GET /api/v1/users/{userId}
POST /api/v1/identity-providers/oidc
POST /api/v1/identity-providers/saml
POST /api/v1/login/context/{email}
POST /api/v1/users
POST /api/v1/users/password-reset-email/{email}
POST /api/v1/users/password-reset/{userId}
POST /api/v1/users/password-set-email/{email}/{inspireCompanyId}
POST /api/v1/users/password/{userId}
```
  Found on 2026-02-02 12:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: announcements.demo.workai.cloud
Port: 443
URL: https://announcements.demo.workai.cloud

First seen 2025-10-26 00:04
Last seen 2026-02-02 12:03
Open for 99 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354959d915975a01596065ba961965ba961965ba9619
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/Announcements
GET /v1/Announcements/$count
```
  Found on 2026-02-02 12:03
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: test-partner-customer-portfolio-api.evidentlife.se
Port: 443
URL: https://test-partner-customer-portfolio-api.evidentlife.se

First seen 2025-12-12 01:16
Last seen 2026-02-02 09:54
Open for 52 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497cba34f29a4eccedbfb2083b25dd1d091632e27f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/customers/{customerId}/cases
GET /api/v1/customers/{customerId}/cases/{id}
GET /api/v1/customers/{customerId}/insurancepolicies
GET /api/v1/customers/{customerId}/insurancepolicies/{id}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations/confirmation
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/certificate
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/invoices
GET /api/v1/customers/{customerId}/invoices/{id}
GET /api/v1/customers/{customerId}/invoices/{id}/file
GET /api/v1/customers/{customerId}/offers
GET /api/v1/customers/{customerId}/offers/{id}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/personaldetails
GET /api/v1/customertestdata/list-approved-customer-ids
GET /api/v1/validation/bankaccount
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/claims
PUT /api/v1/customers/{customerId}/personaldetails/paymentdetails
PUT /api/v1/customers/{customerId}/personaldetails/update-national-personaldetails
PUT /api/v1/customers/{customerId}/testdata/clear-risk-assessment

Found on 2026-02-02 09:54

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497cba34f29a4eccedbfb2083b25dd1d096aff4464

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/customers/{customerId}/cases
GET /api/v1/customers/{customerId}/cases/{id}
GET /api/v1/customers/{customerId}/insurancepolicies
GET /api/v1/customers/{customerId}/insurancepolicies/{id}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations/confirmation
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/certificate
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/invoices
GET /api/v1/customers/{customerId}/invoices/{id}
GET /api/v1/customers/{customerId}/invoices/{id}/file
GET /api/v1/customers/{customerId}/offers
GET /api/v1/customers/{customerId}/offers/{id}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/personaldetails
GET /api/v1/customertestdata/list-approved-customer-ids
GET /api/v1/validation/bankaccount
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/claims
PUT /api/v1/customers/{customerId}/personaldetails/paymentdetails
PUT /api/v1/customers/{customerId}/testdata/clear-risk-assessment

Found on 2026-01-16 22:54

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: quickscan-en.cybersecurityassessmenttool.com
Port: 443
URL: https://quickscan-en.cybersecurityassessmenttool.com

First seen 2025-12-08 07:43
Last seen 2026-02-02 09:44
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 09:44
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: quickscan-ja.cybersecurityassessmenttool.com
Port: 443
URL: https://quickscan-ja.cybersecurityassessmenttool.com

First seen 2025-12-08 07:42
Last seen 2026-02-02 09:44
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 09:44
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: fullscan-ko.cybersecurityassessmenttool.com
Port: 443
URL: https://fullscan-ko.cybersecurityassessmenttool.com

First seen 2025-12-08 07:44
Last seen 2026-02-02 09:44
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 09:44
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: fullscan-ja.cybersecurityassessmenttool.com
Port: 443
URL: https://fullscan-ja.cybersecurityassessmenttool.com

First seen 2025-12-08 07:44
Last seen 2026-02-02 09:44
Open for 56 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 09:44
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: assets-svc.demo.workai.cloud
Port: 443
URL: https://assets-svc.demo.workai.cloud

First seen 2025-11-15 00:07
Last seen 2026-02-02 08:14
Open for 79 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f89923472a691f88e

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetId}
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/Files/CheckUpload
GET /api/Assets/Files/Destinations
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Settings/CanUserGenerateImage
GET /api/Settings/Section/{section}
GET /api/Settings/Sections
GET /api/Settings/{key}
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Copy/{targetParentId}/{assetId}
POST /api/Assets/CopyMany/{targetParentId}
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Files/ValidateExistence
POST /api/Assets/Targets/CreateRoute
POST /api/Provisioning/AssignAdminRoleToTenantCreator/{userId}
POST /api/Tags/Add
POST /api/Tags/AddMany
POST /api/Tags/References
PUT /api/Assets/{assetId}/Tags

Found on 2026-02-02 08:14

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f8992347241373485

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetId}
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/Files/CheckUpload
GET /api/Assets/Files/Destinations
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Settings/CanUserGenerateImage
GET /api/Settings/Section/{section}
GET /api/Settings/Sections
GET /api/Settings/{key}
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Copy/{targetParentId}/{assetId}
POST /api/Assets/CopyMany/{targetParentId}
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Files/ValidateExistence
POST /api/Assets/Targets/CreateRoute
POST /api/Provisioning/AssignAdminRoleToTenantCreator/{userId}
POST /api/Tags/Add
POST /api/Tags/AddMany
POST /api/Tags/References
PUT /api/Assets/{assetId}/Tags

Found on 2026-01-23 03:19

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f8992347226fb3fdf

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/Files/CheckUpload
GET /api/Assets/Files/Destinations
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Settings/CanUserGenerateImage
GET /api/Settings/Section/{section}
GET /api/Settings/Sections
GET /api/Settings/{key}
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Copy/{targetParentId}/{assetId}
POST /api/Assets/CopyMany/{targetParentId}
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Files/ValidateExistence
POST /api/Assets/Targets/CreateRoute
POST /api/Provisioning/AssignAdminRoleToTenantCreator/{userId}
POST /api/Tags/Add
POST /api/Tags/AddMany
POST /api/Tags/References
PUT /api/Assets/{assetId}/Tags

Found on 2026-01-15 00:10

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f89923472ff460dd4

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/Files/CheckUpload
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Settings/CanUserGenerateImage
GET /api/Settings/Section/{section}
GET /api/Settings/Sections
GET /api/Settings/{key}
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Copy/{targetParentId}/{assetId}
POST /api/Assets/CopyMany/{targetParentId}
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Files/ValidateExistence
POST /api/Assets/Targets/CreateRoute
POST /api/Provisioning/AssignAdminRoleToTenantCreator/{userId}
POST /api/Tags/Add
POST /api/Tags/AddMany
POST /api/Tags/References
PUT /api/Assets/{assetId}/Tags

Found on 2025-12-26 13:34

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f8992347293d26143

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Settings/CanUserGenerateImage
GET /api/Settings/Section/{section}
GET /api/Settings/Sections
GET /api/Settings/{key}
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
HEAD /api/Assets/Files/CheckUpload
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Targets/CreateRoute
POST /api/Tags/Add
POST /api/Tags/AddMany
PUT /api/Assets/{assetId}/Tags

Found on 2025-12-14 01:10

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f89923472961ecc4d

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Settings/CanUserGenerateImage
GET /api/Settings/Section/{section}
GET /api/Settings/{key}
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
HEAD /api/Assets/Files/CheckUpload
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Targets/CreateRoute
POST /api/Tags/Add
POST /api/Tags/AddMany
PUT /api/Assets/{assetId}/Tags

Found on 2025-12-01 01:44

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e31c4e13d5b030e30ea259f899234729e429aba

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Assets/Delete/{assetId}
DELETE /api/Assets/DeleteMany
DELETE /api/Tags/DeleteMany
GET /api/Assets
GET /api/Assets/Breadcrumbs/{assetVersionId}
GET /api/Assets/GetMany
GET /api/Assets/Search
GET /api/Assets/Targets/Exists/{targetItemId}
GET /api/Assets/{assetId}/Files
GET /api/Auth/Ping
GET /api/Tags
GET /api/Tags/{tagId}
GET /api/UserRoles
GET /api/UserRoles/{userId}
HEAD /api/Assets/Files/CheckUpload
PATCH /api/Assets/{assetId}/Containers
POST /api/Assets/Containers
POST /api/Assets/Files
POST /api/Assets/Files/CheckNames
POST /api/Assets/Targets/CreateRoute
POST /api/Tags/Add
POST /api/Tags/AddMany
PUT /api/Assets/{assetId}/Tags

Found on 2025-11-23 17:14

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: social.demo.workai.cloud
Port: 443
URL: https://social.demo.workai.cloud

First seen 2025-10-25 00:05
Last seen 2026-02-02 08:12
Open for 100 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 08:12
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: test-partner-risk-assessment-api.evidentlife.se
Port: 443
URL: https://test-partner-risk-assessment-api.evidentlife.se

First seen 2025-12-12 01:17
Last seen 2026-02-02 06:57
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a2da4cb37b27b81e59c06237e8c97da179bbac0e
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /api/v1/assessmentfactors
POST /api/v1/assessmentfactors/evidentgo/search
POST /api/v1/riskassessments/evidentgo/init
POST /api/v1/riskassessments/evidentgo/nextquestion
POST /api/v1/riskassessments/evidentgo/previousquestion
POST /api/v1/riskassessments/evidentgo/save-init-data
POST /api/v1/riskassessments/questions/init
POST /api/v1/riskassessments/questions/next
POST /api/v1/riskassessments/questions/previous
```
  Found on 2026-02-02 06:57
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a2da4cb38e971ea0ae411e54593646c8593646c8
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /api/v1/assessmentfactors
POST /api/v1/riskassessments/questions/init
POST /api/v1/riskassessments/questions/next
POST /api/v1/riskassessments/questions/previous
```
  Found on 2026-01-16 08:03
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: reports.demo.workai.cloud
Port: 443
URL: https://reports.demo.workai.cloud

First seen 2025-10-23 00:03
Last seen 2026-02-02 05:50
Open for 102 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493f592f9c3f2c7e9b471a35323aeeb0bd79c0a2f8

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/ReportDefinitionProduct/{id}
DELETE /api/administration/report/{id}/group/{groupId}
DELETE /api/administration/report/{id}/user/{userId}
GET /Account/LoggedOut
GET /Account/Logout
GET /Account/ProcessLogout
GET /api/Group
GET /api/Group/{groupId}
GET /api/Report
GET /api/Report/{id}
GET /api/Settings
GET /api/User
GET /api/User/{userId}
GET /api/administration/report
GET /api/administration/report/group
GET /api/administration/report/group/{groupId}
GET /api/administration/report/user
GET /api/administration/report/user/{userId}
GET /api/administration/report/{id}
GET /api/administration/report/{id}/group
GET /api/administration/report/{id}/unassignedgroup
GET /api/administration/report/{id}/unassigneduser
GET /api/administration/report/{id}/user
GET /api/administration/user/{userId}/Role
GET /api/report/{id}/token
GET /error/{code}
GET /reportviewer/poc/{id}
GET /reportviewer/{token}
POST /api/CasbinMaintenance/casbin-initialization
POST /api/Maintenance/RegisterNotifications
POST /api/Provision
POST /api/Provision/PublishAndRebuildCopiedContent
POST /api/ReportDefinitionProduct
POST /api/tenants/create
POST /api/tenants/disable/{tenantName}
POST /api/tenants/edit
POST /api/tenants/enable/{tenantName}
POST /api/tenants/remove/{tenantName}
POST /api/tenants/setup

Found on 2026-02-02 05:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: sandbox-risk-assessment-api.evidentlife.se
Port: 443
URL: https://sandbox-risk-assessment-api.evidentlife.se

First seen 2026-01-10 23:40
Last seen 2026-02-02 05:32
Open for 22 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a2da4cb37b27b81e59c06237e8c97da179bbac0e
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /api/v1/assessmentfactors
POST /api/v1/assessmentfactors/evidentgo/search
POST /api/v1/riskassessments/evidentgo/init
POST /api/v1/riskassessments/evidentgo/nextquestion
POST /api/v1/riskassessments/evidentgo/previousquestion
POST /api/v1/riskassessments/evidentgo/save-init-data
POST /api/v1/riskassessments/questions/init
POST /api/v1/riskassessments/questions/next
POST /api/v1/riskassessments/questions/previous
```
  Found on 2026-02-02 05:32
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a2da4cb38e971ea0ae411e54593646c8593646c8
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /api/v1/assessmentfactors
POST /api/v1/riskassessments/questions/init
POST /api/v1/riskassessments/questions/next
POST /api/v1/riskassessments/questions/previous
```
  Found on 2026-01-17 01:48
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: beta.ventri.bellybalance.se
Port: 443
URL: https://beta.ventri.bellybalance.se

First seen 2026-01-11 05:19
Last seen 2026-02-02 05:31
Open for 22 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549f3f354653f9fb89b794b708d30bf3b4286ae4be1

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/BackOffice/users/{userId}
DELETE /api/users/remove
GET /api/BackOffice/users
GET /api/BackOffice/verificationTokens
GET /api/ContentfulNews/status
GET /api/Test/test
GET /api/bellyDiaryEntries
GET /api/bellyDiaryExport
GET /api/bellyDiaryStatistics
GET /api/favorites
GET /api/legacy/log/favorites
GET /api/legacy/log/scans
GET /api/me
GET /api/news/relevant
GET /api/profiles/{externalId}
GET /api/programme
GET /api/programme/progress
GET /api/programmes/{programmeId}
GET /api/programmes/{programmeId}/progress
GET /api/recipeCategories
GET /api/recipeCategories/{categoryId}/recipes
GET /api/recipeFavorites
GET /api/recipes
GET /api/recipes/{recipeId}
GET /api/scannerEntries
GET /api/settings
GET /api/status_check
GET /api/surveySessions
GET /api/surveySessions/{sessionId}
GET /api/surveys/{surveyId}
GET /api/users/{userId}
POST /api/authentication/generateJwtTokenFromLogin
POST /api/authentication/generateJwtTokenFromRefreshToken
POST /api/authentication/generateJwtTokenFromTrialVerificationToken
POST /api/authentication/revokeRefreshToken
POST /api/authentication/sendTrialVerificationToken
POST /api/code-verification
POST /api/email-verification
POST /api/favorites/create
POST /api/favorites/remove
POST /api/iterable/add-user
POST /api/legacy/favoritelog
POST /api/legacy/scanlog
POST /api/marketing/subscribe
POST /api/me/acceptTermsAndConditions
POST /api/news/markAsDismissed
POST /api/news/markAsRead
POST /api/profiles/{externalId}/sendVerificationCode
POST /api/profiles/{externalId}/verify
POST /api/programme/completeStepPart
POST /api/programme/completeStepPartV2
POST /api/programme/removeMyProgress
POST /api/programme/startStepPart
POST /api/programmes/{programmeId}/progress/completeStepPart
POST /api/programmes/{programmeId}/progress/startStepPart
POST /api/settings/updateMobileId
POST /api/statistics
POST /api/subscriptions/payments
POST /api/subscriptions/refresh_payments
POST /api/surveySessions/{sessionId}/submitAnswers
POST /api/users/{userId}/acceptTermsAndConditions
POST /api/users/{userId}/disablePushNotifications
POST /api/users/{userId}/enablePushNotifications
POST /api/users/{userId}/setNickname
POST /api/users/{userId}/updateMobileId
POST /api/users/{userId}/updateProfile
POST /api/webhooks/apple
POST /api/webhooks/google
POST /api/webhooks/wordpress
POST /api/zendesk/subscribe-news
PUT /api/BackOffice/users/{userId}/reset

Found on 2026-02-02 05:31

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: incomingpayments-uat.collectordev.se
Port: 443
URL: https://incomingpayments-uat.collectordev.se

First seen 2026-01-11 07:08
Last seen 2026-02-02 05:30
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549c48d7ac5c48d7ac5c48d7ac5c48d7ac5c48d7ac5
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
PATCH /api/v1/Transactions/{sourceSystem}/{key}
```
  Found on 2026-02-02 05:30
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: organizations.demo.workai.cloud
Port: 443
URL: https://organizations.demo.workai.cloud

First seen 2025-12-24 00:10
Last seen 2026-02-02 04:36
Open for 40 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 04:36
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: api.digitalangel.eu
Port: 443
URL: https://api.digitalangel.eu

First seen 2026-01-12 22:55
Last seen 2026-02-02 02:51
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 02:51
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: graph.intranet.demo.workai.cloud
Port: 443
URL: https://graph.intranet.demo.workai.cloud

First seen 2025-11-22 00:12
Last seen 2026-02-02 01:16
Open for 72 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035493b3b73509b9c7a87891c30cfc00c33911884ccb5
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /.well-known/oauth-authorization-server
GET /api/config
GET /api/limits
GET /api/products
GET /open-api/{service}/swagger.json
GET /proxy-openapi/swagger.json
```
  Found on 2026-02-02 01:16
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: stavanger.isypo-api.net
Port: 443
URL: https://stavanger.isypo-api.net

First seen 2026-01-11 13:34
Last seen 2026-02-02 00:24
Open for 21 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354925f45346fdb2ee6228c03f01bbc87006e9a5bed0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/CheckThatObjectExists
GET /api/Addendum/GetAddendumTypes
GET /api/Addendum/GetAddendumValues
GET /api/Addendum/GetTestUpdateValue
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractNumbers
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Addendum/UpdateAddendumValues
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-02-02 00:24

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549afcc8a85ca52c4b1b5c6e0d338f1154ebdcfd309

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/GetAddendumTypes
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractNumbers
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-01-22 21:31

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: api.erminas.software
Port: 443
URL: https://api.erminas.software

First seen 2026-01-06 06:54
Last seen 2026-02-01 23:23
Open for 26 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035496ecd98eea27f273e303ab787f530b5dca84f7311
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/user/{id}/{isHardDelete}
GET /api/checkout/calculateprice
GET /api/checkout/getcurrenttotalprice
GET /api/checkout/paymentinformation
GET /api/invoice
GET /api/license
GET /api/user
GET /api/user/self
GET /api/user/{id}
POST /api/account/confirmemail
POST /api/account/forgotpassword
POST /api/account/register
POST /api/account/resetpassword
POST /api/checkout/finalizecheckout
POST /api/checkout/sendsingleproductinformation
POST /api/checkout/senduserinformation
POST /api/contact/getmoreinformation
POST /connect/token
```
  Found on 2026-02-01 23:23
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-22 12:03
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: fullscan-zh-cn.cybersecurityassessmenttool.com
Port: 443
URL: https://fullscan-zh-cn.cybersecurityassessmenttool.com

First seen 2025-12-08 07:42
Last seen 2026-02-01 22:38
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-01 22:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: disem.cybersecurityassessmenttool.com
Port: 443
URL: https://disem.cybersecurityassessmenttool.com

First seen 2025-12-08 07:44
Last seen 2026-02-01 22:38
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549767a9b75ce74c49d3ec5b99814d9bb18be619b27
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/FileProcessing/DownloadReport/{guid}
GET /api/v1/FileProcessing/RemoveFileInServer
GET /api/v1/License/IsValidLicense/{license}
POST /api/v1/FileProcessing/UploadMaturityCsv
POST /api/v1/FileProcessing/UploadQuestionnaireCsv
POST /api/v1/Registration/SaveForm
```
  Found on 2026-02-01 22:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: dpg.cybersecurityassessmenttool.com
Port: 443
URL: https://dpg.cybersecurityassessmenttool.com

First seen 2025-12-08 07:54
Last seen 2026-02-01 22:38
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-01 22:38
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: staging.cybersecurityassessmenttool.com
Port: 443
URL: https://staging.cybersecurityassessmenttool.com

First seen 2025-12-08 07:41
Last seen 2026-02-01 22:32
Open for 55 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-01 22:32
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: api.cloudclientvinder.nl
Port: 443
URL: https://api.cloudclientvinder.nl

First seen 2025-12-05 04:16
Last seen 2026-02-01 19:40
Open for 58 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd151e75e4bf7196a6277abb2f7f32f532941be7637ee8a5c22
```
Public Swagger UI/API detected at path: /v3/api-docs - sample paths:
GET /clients
GET /clients/{id}
GET /employees
GET /employees/getLocationId/{oid}
GET /employees/{id}
GET /environmentConfig
GET /locations
GET /locations/{id}
GET /microsoftGraph/syncAzureActiveDirectory
GET /notifications
GET /smartwatchApi/Device/Login/{deviceUniqueNumber}
GET /smartwatchApi/Target/V2/Start
GET /smartwatchApi/getNewWalkSettings/{walkId}
GET /smartwatches
GET /smartwatches/available
GET /smartwatches/{id}
GET /walks
GET /walks/active
GET /walks/{walkId}
POST /smartwatchApi/Panic
POST /smartwatchApi/Pulse
POST /smartwatchApi/Target/Logs
POST /smartwatchApi/wristAlarm
PUT /notifications/{notificationId}
PUT /walks/finish
```
  Found on 2026-02-01 19:40
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: noexisto.volteapi.co
Port: 443
URL: https://noexisto.volteapi.co

First seen 2026-01-06 09:42
Last seen 2026-01-23 11:57
Open for 17 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-23 11:57
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: billing.demo.workai.cloud
Port: 443
URL: https://billing.demo.workai.cloud

First seen 2025-10-25 00:09
Last seen 2026-01-23 08:31
Open for 90 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549939d29424bd6f5581ddd325ab1bdc380ab994697

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /BySubscription(uuid={uuid})
GET /GeneratePdf(invoiceNumber={invoiceNumber})
GET /api/About/Version
GET /v1/Coupons({key})
GET /v1/Coupons/{key}
GET /v1/Invoices
GET /v1/Invoices/$count
GET /v1/Invoices/BySubscription(uuid={uuid})
GET /v1/Invoices/Elastic.Billing.API.BySubscription(uuid={uuid})
GET /v1/Invoices/Elastic.Billing.API.GeneratePdf(invoiceNumber={invoiceNumber})
GET /v1/Invoices/GeneratePdf(invoiceNumber={invoiceNumber})
GET /v1/Offers
GET /v1/Offers/$count
GET /v1/Organizations({key})
GET /v1/Organizations/{key}
GET /v1/Subscriptions
GET /v1/Subscriptions/$count
POST /v1/Organizations
POST /v1/Subscriptions({key})/AddLicenses
POST /v1/Subscriptions({key})/Cancel
POST /v1/Subscriptions({key})/Elastic.Billing.API.AddLicenses
POST /v1/Subscriptions({key})/Elastic.Billing.API.Cancel
POST /v1/Subscriptions/{key}/AddLicenses
POST /v1/Subscriptions/{key}/Cancel
POST /v1/Subscriptions/{key}/Elastic.Billing.API.AddLicenses
POST /v1/Subscriptions/{key}/Elastic.Billing.API.Cancel

Found on 2026-01-23 08:31

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: hdnsign.test.services.dias.nl
Port: 443
URL: https://hdnsign.test.services.dias.nl

First seen 2025-10-17 09:47
Last seen 2026-01-23 05:20
Open for 97 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-23 05:20
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: notifications.demo.workai.cloud
Port: 443
URL: https://notifications.demo.workai.cloud

First seen 2025-10-25 00:08
Last seen 2026-01-23 04:35
Open for 90 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350341583926fda45a5dbaa1c90c2841541

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /api/About/Version
GET /v1/Channels
GET /v1/{org}/Notifications/ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.Unreaded
GET /v1/{org}/Notifications/Unreaded
GET /v1/{org}/OrganizationChannels
PATCH /v1/NotificationTypeChannel
POST /v1/ApplicationRegistrations
POST /v1/Events
POST /v1/UserDeviceRegistration/Register
POST /v1/UserDeviceRegistration/Remove
POST /v1/WebPush/Subscribe
POST /v1/{organizationId}/external-email/send
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications({key})/MarkAsClicked
POST /v1/{org}/Notifications({key})/MarkAsRead
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsClicked
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsRead
POST /v1/{org}/Notifications/MarkAllAsClicked
POST /v1/{org}/Notifications/MarkAllAsRead
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications/{key}/MarkAsClicked
POST /v1/{org}/Notifications/{key}/MarkAsRead
POST /v1/{org}/OrganizationChannels/Disable/{channelId}
POST /v1/{org}/OrganizationChannels/Enable/{channelId}

Found on 2026-01-23 04:35

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d91597504c31bccebf4f9d0bf0847761071fce

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/Channels
GET /v1/{org}/Notifications/ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.ByChannel(channelName={channelName})
GET /v1/{org}/OrganizationChannels
PATCH /v1/NotificationTypeChannel
POST /v1/ApplicationRegistrations
POST /v1/Events
POST /v1/UserDeviceRegistration/Register
POST /v1/UserDeviceRegistration/Remove
POST /v1/WebPush/Subscribe
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications({key})/MarkAsClicked
POST /v1/{org}/Notifications({key})/MarkAsRead
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsClicked
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsRead
POST /v1/{org}/Notifications/MarkAllAsClicked
POST /v1/{org}/Notifications/MarkAllAsRead
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications/{key}/MarkAsClicked
POST /v1/{org}/Notifications/{key}/MarkAsRead
POST /v1/{org}/OrganizationChannels/Disable/{channelId}
POST /v1/{org}/OrganizationChannels/Enable/{channelId}

Found on 2025-12-26 15:08

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: sandbox-customer-api.evidentlife.se
Port: 443
URL: https://sandbox-customer-api.evidentlife.se

First seen 2026-01-10 23:05
Last seen 2026-01-23 01:14
Open for 12 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497cba34f29a4eccedbfb2083b25dd1d091632e27f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/customers/{customerId}/cases
GET /api/v1/customers/{customerId}/cases/{id}
GET /api/v1/customers/{customerId}/insurancepolicies
GET /api/v1/customers/{customerId}/insurancepolicies/{id}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations/confirmation
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/certificate
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/invoices
GET /api/v1/customers/{customerId}/invoices/{id}
GET /api/v1/customers/{customerId}/invoices/{id}/file
GET /api/v1/customers/{customerId}/offers
GET /api/v1/customers/{customerId}/offers/{id}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/personaldetails
GET /api/v1/customertestdata/list-approved-customer-ids
GET /api/v1/validation/bankaccount
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/claims
PUT /api/v1/customers/{customerId}/personaldetails/paymentdetails
PUT /api/v1/customers/{customerId}/personaldetails/update-national-personaldetails
PUT /api/v1/customers/{customerId}/testdata/clear-risk-assessment

Found on 2026-01-23 01:14

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497cba34f29a4eccedbfb2083b25dd1d096aff4464

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/customers/{customerId}/cases
GET /api/v1/customers/{customerId}/cases/{id}
GET /api/v1/customers/{customerId}/insurancepolicies
GET /api/v1/customers/{customerId}/insurancepolicies/{id}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations/confirmation
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/certificate
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/insurancepolicies/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/invoices
GET /api/v1/customers/{customerId}/invoices/{id}
GET /api/v1/customers/{customerId}/invoices/{id}/file
GET /api/v1/customers/{customerId}/offers
GET /api/v1/customers/{customerId}/offers/{id}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}
GET /api/v1/customers/{customerId}/offers/{id}/files/{fileId}/file
GET /api/v1/customers/{customerId}/personaldetails
GET /api/v1/customertestdata/list-approved-customer-ids
GET /api/v1/validation/bankaccount
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/cancellations
POST /api/v1/customers/{customerId}/insurancepolicies/{id}/claims
PUT /api/v1/customers/{customerId}/personaldetails/paymentdetails
PUT /api/v1/customers/{customerId}/testdata/clear-risk-assessment

Found on 2026-01-15 19:33

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: ostfoldfk.isypo-api.net
Port: 443
URL: https://ostfoldfk.isypo-api.net

First seen 2026-01-11 02:57
Last seen 2026-01-22 23:13
Open for 11 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549afcc8a85ca52c4b1b5c6e0d338f1154eb862cc4c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/GetAddendumTypes
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-01-22 23:13

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: buskerudfk.isypo-api.net
Port: 443
URL: https://buskerudfk.isypo-api.net

First seen 2026-01-11 02:24
Last seen 2026-01-22 23:13
Open for 11 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549afcc8a85ca52c4b1b5c6e0d338f1154eb862cc4c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/GetAddendumTypes
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-01-22 23:13

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: auth-api-test.mfingrosso.it
Port: 443
URL: https://auth-api-test.mfingrosso.it

First seen 2026-01-13 00:40
Last seen 2026-01-16 16:11
Open for 3 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d60bf756b04c69c44efb8b72cd1864139ee3e883

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Identity/users/{clientId}/feature/{feature}
DELETE /api/KeyClaims/claimValues/{keyClaimValueId}
DELETE /api/Users/{username}
GET /api/Adws
GET /api/Adws/fillpage
GET /api/Adws/search
GET /api/ApiScopes
GET /api/ApiScopes/{scopeId}
GET /api/ApiScopes/{scopeId}/Clients
GET /api/Clients
GET /api/Clients/{clientId}
GET /api/Clients/{clientId}/Scopes
GET /api/Clients/{id}/excel
GET /api/Features
GET /api/Features/{featureId}
GET /api/Features/{featureId}/Clients
GET /api/KeyClaims
GET /api/KeyClaims/{keyClaimId}
GET /api/Roles
GET /api/Roles/{roleId}
GET /api/Roles/{roleId}/Clients
GET /api/Roles/{roleId}/Features
GET /api/Users
GET /api/Users/search
PATCH /api/Users/{userName}/ToggleLockout
POST /api/Adws/import/{samAccountName}
POST /api/Clients/{clientId}/Scopes/{scope}
POST /api/Clients/{clientId}/enable
POST /api/Features/excel
POST /api/Identity/excel
POST /api/Identity/users
POST /api/Identity/users/{clientId}/2fa
POST /api/Identity/users/{clientId}/completeDraft
POST /api/Identity/usersFeature
POST /api/KeyClaims/{keyClaimId}/claimValues
POST /api/Roles/excel
POST /api/Roles/{roleId}/Features/{featureId}
PUT /api/Adws/changepwd
PUT /api/Adws/groupupdate
PUT /api/Identity/users/{clientId}

Found on 2026-01-16 16:11

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: auth-api.test.fastbookspa.it
Port: 443
URL: https://auth-api.test.fastbookspa.it

First seen 2026-01-10 21:11
Last seen 2026-01-16 15:07
Open for 5 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d60bf756b04c69c44efb8b72cd1864139ee3e883

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Identity/users/{clientId}/feature/{feature}
DELETE /api/KeyClaims/claimValues/{keyClaimValueId}
DELETE /api/Users/{username}
GET /api/Adws
GET /api/Adws/fillpage
GET /api/Adws/search
GET /api/ApiScopes
GET /api/ApiScopes/{scopeId}
GET /api/ApiScopes/{scopeId}/Clients
GET /api/Clients
GET /api/Clients/{clientId}
GET /api/Clients/{clientId}/Scopes
GET /api/Clients/{id}/excel
GET /api/Features
GET /api/Features/{featureId}
GET /api/Features/{featureId}/Clients
GET /api/KeyClaims
GET /api/KeyClaims/{keyClaimId}
GET /api/Roles
GET /api/Roles/{roleId}
GET /api/Roles/{roleId}/Clients
GET /api/Roles/{roleId}/Features
GET /api/Users
GET /api/Users/search
PATCH /api/Users/{userName}/ToggleLockout
POST /api/Adws/import/{samAccountName}
POST /api/Clients/{clientId}/Scopes/{scope}
POST /api/Clients/{clientId}/enable
POST /api/Features/excel
POST /api/Identity/excel
POST /api/Identity/users
POST /api/Identity/users/{clientId}/2fa
POST /api/Identity/users/{clientId}/completeDraft
POST /api/Identity/usersFeature
POST /api/KeyClaims/{keyClaimId}/claimValues
POST /api/Roles/excel
POST /api/Roles/{roleId}/Features/{featureId}
PUT /api/Adws/changepwd
PUT /api/Adws/groupupdate
PUT /api/Identity/users/{clientId}

Found on 2026-01-16 15:07

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: akershusfk.isypo-api.net
Port: 443
URL: https://akershusfk.isypo-api.net

First seen 2026-01-11 02:58
Last seen 2026-01-16 14:59
Open for 5 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549afcc8a85ca52c4b1b5c6e0d338f1154eb862cc4c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/GetAddendumTypes
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-01-16 14:59

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: essentialeight-en.cybersecurityassessmenttool.com
Port: 443
URL: https://essentialeight-en.cybersecurityassessmenttool.com

First seen 2025-12-08 07:42
Last seen 2026-01-16 09:48
Open for 39 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-16 09:48
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: calendars.demo.workai.cloud
Port: 443
URL: https://calendars.demo.workai.cloud

First seen 2025-10-23 00:03
Last seen 2026-01-16 09:41
Open for 85 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549cafa191211da241da1cbdfe6dabd40762a1375f5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Event/{id}/EventTerm/{eventTermId}/EventTermParticipant/{eventTermParticipantId}
GET /Account/LoggedOut
GET /Account/Logout
GET /Account/ProcessLogout
GET /api/Category
GET /api/Category/{id}
GET /api/Event
GET /api/Event/{id}
GET /api/Event/{id}/EventAssignment
GET /api/Event/{id}/EventAssignment/{eventAssignmentId}
GET /api/Event/{id}/EventTerm
GET /api/Event/{id}/EventTerm/{eventTermId}
GET /api/Event/{id}/EventTerm/{eventTermId}/EventTermParticipant
GET /api/Event/{id}/EventTerm/{eventTermId}/EventTermParticipantUnassigned
GET /api/Event/{id}/UnassignedGroup
GET /api/Event/{id}/UnassignedUser
GET /api/Group
GET /api/Group/{groupId}
GET /api/MyEvent/All
GET /api/MyEvent/Calendar
GET /api/MyEvent/Calendar/Day
GET /api/MyEvent/Calendar/Month
GET /api/MyEvent/Lecturer
GET /api/MyEvent/Registered
GET /api/MyEvent/{eventId}/EventTerm/{eventTermId}/OtherTerms
GET /api/MyEvent/{id}/Details
GET /api/MyEvent/{id}/PrimaryParticipants
GET /api/Settings
GET /api/User
GET /api/User/{userId}
GET /api/administration/user/{userId}/Role
GET /error/{code}
PATCH /api/MyEvent/{id}/EventTermParticipant/{eventTermParticipantId}
POST /api/CasbinMaintenance/casbin-initialization
POST /api/Event/{id}/EventAssignments
POST /api/Maintenance/RegisterNotifications
POST /api/MyEvent/{id}/PrimaryParticipants/Excel
POST /api/MyEvent/{id}/Register
POST /api/MyEvent/{id}/Unregister
POST /api/Provision
POST /api/Provision/PublishAndRebuildCopiedContent
POST /api/tenants/create
POST /api/tenants/disable/{tenantName}
POST /api/tenants/edit
POST /api/tenants/enable/{tenantName}
POST /api/tenants/remove/{tenantName}
POST /api/tenants/setup

Found on 2026-01-16 09:41

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: licensing.demo.workai.cloud
Port: 443
URL: https://licensing.demo.workai.cloud

First seen 2025-10-25 00:08
Last seen 2026-01-16 04:00
Open for 83 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-16 04:00

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d915974caf5f24a1dd09633dbc454e314276d5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/Licenses
GET /v1/Licenses({key})
GET /v1/Licenses/$count
GET /v1/Licenses/{key}
GET /v1/Products
GET /v1/Products({key})
GET /v1/Products/$count
GET /v1/Products/CheckIfPromotionalSet(offerId={offerId})
GET /v1/Products/Elastic.Licensing.API.CheckIfPromotionalSet(offerId={offerId})
GET /v1/Products/Elastic.Licensing.API.GetProductSubDomain(offerId={offerId})
GET /v1/Products/GetProductSubDomain(offerId={offerId})
GET /v1/Products/{key}
GET /v1/Subscriptions
GET /v1/Subscriptions({key})
GET /v1/Subscriptions/$count
GET /v1/Subscriptions/Elastic.Licensing.API.GetOrganizationsWithProducts
GET /v1/Subscriptions/GetOrganizationsWithProducts
GET /v1/Subscriptions/{key}
POST /v1/Subscriptions/Assign
POST /v1/Subscriptions/AssignGroups
POST /v1/Subscriptions/Elastic.Licensing.API.Assign
POST /v1/Subscriptions/Elastic.Licensing.API.AssignGroups
POST /v1/Subscriptions/Elastic.Licensing.API.IsOfferAlreadyInUseByOrganization
POST /v1/Subscriptions/Elastic.Licensing.API.Modify
POST /v1/Subscriptions/Elastic.Licensing.API.ModifyGroups
POST /v1/Subscriptions/Elastic.Licensing.API.Unassign
POST /v1/Subscriptions/Elastic.Licensing.API.UnassignGroups
POST /v1/Subscriptions/IsOfferAlreadyInUseByOrganization
POST /v1/Subscriptions/Modify
POST /v1/Subscriptions/ModifyGroups
POST /v1/Subscriptions/Unassign
POST /v1/Subscriptions/UnassignGroups

Found on 2025-12-26 16:12

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: test-partner-product-api.evidentlife.se
Port: 443
URL: https://test-partner-product-api.evidentlife.se

First seen 2025-12-12 01:17
Last seen 2026-01-16 03:47
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549b9cef1564068cf5056b9c12e6358a4fac7e757a6
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/needsguide
GET /api/v1/offers/{country}/{year}/{month}/{id}/policy
GET /api/v1/products
GET /api/v1/products/{id}
GET /api/v1/products/{id}/lookup-bankaccount
GET /api/v1/products/{id}/premium
GET /api/v1/validation/bankaccount
POST /api/v1/products/{id}/application
PUT /api/v1/offers/{country}/{year}/{month}/{id}
PUT /api/v1/offers/{country}/{year}/{month}/{id}/accept-by-signing
```
  Found on 2026-01-16 03:47
Create report

Open service 13.69.68.16:80 · oxacotennis.be

2026-02-08 01:02

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sun, 08 Feb 2026 01:03:17 GMT
Location: https://oxacotennis.be/

Found 2026-02-08 by HttpPlugin