LeakIX - Host 13.95.82.181

Host 13.95.82.181

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Microsoft-IIS 10.0

tcp/443 tcp/80

cloudflare

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-faq-service.immo-connect.be
Port: 443
URL: https://staging-faq-service.immo-connect.be

First seen 2026-01-03 06:56
Last seen 2026-02-09 23:18
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035494124fb4b92ed9aaad2a89740d2a89740d2a89740
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /Status/Status
GET /api/Faq/Get
POST /api/Faq/ClearCache
```
  Found on 2026-02-09 23:18
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-file.immo-connect.be
Port: 443
URL: https://staging-file.immo-connect.be

First seen 2026-01-02 06:29
Last seen 2026-02-09 18:34
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e305982f10ac2a0fbea1e4f30b665007a5ea7ddb

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v1/AccessControl/Delete/{id}
DELETE /api/v1/Document/Delete/{id}
DELETE /api/v1/Document/DeleteByReference
DELETE /api/v1/MetaData/Delete/{id}
GET /
GET /Document
GET /api/v1/AccessControl/Get/{id}
GET /api/v1/Document/Get/{id}
GET /api/v1/Document/GetByReference
GET /api/v1/Document/GetIdsByShareToken
GET /api/v1/Document/GetShareLink/{id}
GET /api/v1/Document/GetShareLinkByReference
GET /api/v1/DocumentType/List
GET /api/v1/MetaData/Get/{id}
GET /api/v1/Pdf/ValidatePdf
PATCH /api/v1/Document/PatchDocumentTypeById/api/v1/Document/{id}/documenttype
PATCH /api/v1/Document/PatchDocumentTypeByReference/api/v1/Document/{reference}/documenttype
POST /api/v1/AccessControl/Create
POST /api/v1/AccessControl/Search
POST /api/v1/Document/CreateFromExisting
POST /api/v1/Document/CreateZip
POST /api/v1/Document/Search
POST /api/v1/MetaData/Create
POST /api/v1/MetaData/Search
POST /api/v1/Pdf/AddWatermark
POST /api/v1/Pdf/ConvertToImagePdf
POST /api/v1/Pdf/Merge
POST /api/v1/Pdf/PasswordProtectPdf
POST /api/v1/Pdf/ReprocessPdf
POST /api/v1/Tag/AttachToDocument
POST /api/v1/Tag/DettachFromDocument
POST /api/v1/Tag/Save
POST /api/v1/Tag/Search
POST /api/v1/Tag/SearchTagsByDocumentFilter
PUT /api/v1/AccessControl/Update
PUT /api/v1/MetaData/Update

Found on 2026-02-09 18:34

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.marinobus.sitrap.it
Port: 443
URL: https://externalapi.marinobus.sitrap.it

First seen 2026-01-02 09:51
Last seen 2026-02-09 18:32
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbdd70450c0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
GET /health
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-09 18:32

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-23 10:19

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: admin.spelatreasure.se
Port: 443
URL: https://admin.spelatreasure.se

First seen 2026-01-10 22:30
Last seen 2026-02-09 18:21
Open for 29 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e53568f97968cdba6e765b1d34afa55630c899a6

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /AzureAD/Account/SignIn/{scheme}
GET /AzureAD/Account/SignOut/{scheme}
GET /api/event/huntproperty/{huntPropertyId}
GET /api/event/{id}/score
GET /api/public/appversion
GET /api/public/event/get/{code}
GET /api/public/event/{code}/helpscreens
GET /api/public/event/{code}/score
GET /api/public/event/{huntEventId}/qr-code
GET /api/public/events
GET /api/public/huntproperty/{huntPropertyId}/android
GET /api/public/huntproperty/{huntPropertyId}/android/versionid
GET /api/public/huntproperty/{huntPropertyId}/ios
GET /api/public/huntproperty/{huntPropertyId}/ios/versionid
GET /api/public/huntproperty/{huntPropertyId}/pc
GET /api/public/huntproperty/{huntPropertyId}/pc/versionid
GET /api/system/ping
POST /api/public/typeform/webhook
PUT /api/public/event/{code}/score/{uuid}

Found on 2026-02-09 18:21

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-api.clee.be
Port: 443
URL: https://staging-api.clee.be

First seen 2026-01-03 07:03
Last seen 2026-02-09 18:14
Open for 37 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354913f1ab7573f4de9e635a645ba76e7247b15abb08

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /Users/{id}
DELETE /properties/RemoveRealSmartLink
DELETE /properties/removeTransfer
GET /Errors
GET /Users/filter
GET /Users/me
GET /api/Owner/getShortlistsProperty/{realEstateObjectId}
GET /api/Owner/shortlist
GET /api/Shortlist/getShortlistsByRealEstateObjectId/{realEstateObjectId}
GET /api/Whitelistings/whitelisting
GET /api/Widget/getWidgetProperty
GET /attachments/base64/{documentId}
GET /attachments/{documentId}
GET /broker/candidacies
GET /brokers/{organizationNumber}
GET /candidacies/actions
GET /candidacies/getResult/{id}
GET /candidacies/me
GET /candidacies/statuses
GET /candidacies/{candidacyId}/profiles/latest
GET /candidacies/{id}
GET /candidacies/{id}/actions
GET /candidaciesForRealEstateObjectId
GET /candidaciesForRealEstateObjectIdPaged
GET /content/qa
GET /content/webtexts
GET /organizations
GET /profiles/filter
GET /profiles/latest
GET /profiles/latest/token
GET /properties/candidacyInvitations
GET /properties/filter
GET /properties/getFullLog
GET /properties/{realEstateObjectId}
GET /realsmart/candidacies
GET /realsmart/candidacies/{id}
GET /tokens/{token}/profile
GET /unreadCandidacies
GET /unreadCandidaciesCount
POST /actions/email
POST /api/Owner/SavePreference
POST /api/Owner/SubmitPreference
POST /api/Owner/login
POST /api/Shortlist/createShortlist
POST /api/Whitelistings/saveWhitelisting
POST /api/Widget/GetProfileScore
POST /api/Widget/GetProfileScoreForAnonymousProperty
POST /api/Widget/saveRealEstateObject
POST /candidacies
POST /candidacies/downloadPdf
POST /candidacies/downloadPdfsAsZip
POST /candidacies/{candidacyId}/profiles/attachments
POST /createCandidacyInternalComment
POST /profiles
POST /profiles/latest/attachments
POST /profiles/shareLatestProfile
POST /properties/CreateRealSmartLink
POST /properties/UpdateStatus
POST /properties/create
POST /properties/inviteCandidacy
POST /properties/transfer
POST /setCandidacyRead
PUT /api/Shortlist/cancelShortlist/{shortlistUniqueId}
PUT /api/Shortlist/extendShortlist
PUT /candidacies/archive
PUT /candidacies/rejectAllForRealEstateObjectId
PUT /candidacies/updateBrokerComment
PUT /candidacies/{candidacyId}/profiles
PUT /properties/update

Found on 2026-02-09 18:14

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: bimservice.api.norkart.no
Port: 443
URL: https://bimservice.api.norkart.no

First seen 2026-01-03 10:51
Last seen 2026-02-09 18:12
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354955b2866bd6ba03c392d83334851754b624f62f8d
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /Bim/{bimId}
GET /Bim/download/{bimId}
GET /Bim/metadata/{bimId}
GET /ServiceHealth
POST /Bim/upload
POST /Bim/{externalId}/upload
```
  Found on 2026-02-09 18:12
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.ichnusa.sitrap.it
Port: 443
URL: https://externalapi.ichnusa.sitrap.it

First seen 2025-12-02 07:50
Last seen 2026-02-09 17:08
Open for 69 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbdd70450c0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
GET /health
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-09 17:08

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-23 11:40

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350902ee0e051c1b1f765390e9fa4dd870c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2025-12-10 11:08

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.interss.sitrap.it
Port: 443
URL: https://externalapi.interss.sitrap.it

First seen 2025-12-29 02:41
Last seen 2026-02-09 16:01
Open for 42 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbdd70450c0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
GET /health
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-09 16:01

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-23 15:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-documentmanager-api.orisnv.be
Port: 80
URL: http://staging-documentmanager-api.orisnv.be

First seen 2026-01-03 01:24
Last seen 2026-02-09 15:41
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549d4bc8e7ec650c26295db5326353fa1b9feeb40b6
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Groups/List
GET /api/Publication/GetAccessRights
GET /api/Publication/GetRevisionDocumentShareLink
GET /api/Publication/GetRevisions
POST /api/Publication/List
```
  Found on 2026-02-09 15:41
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: management.pc-professional.de
Port: 443
URL: https://management.pc-professional.de

First seen 2025-11-24 08:27
Last seen 2026-02-09 15:27
Open for 77 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60d8043003af831a9dbf00ff7cdf50d630e5e8943b

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/management/Customer/{customernumber}
DELETE /api/management/Guidances/resources/delete
DELETE /api/management/Slides/delete
DELETE /api/management/Slides/delete/{moduleId}/{versionId}/{slideId}
GET /api/Auth/customer
GET /api/Auth/enet
GET /api/Auth/ping
GET /api/Auth/ping2
GET /api/Auth/pingFsm
GET /api/Auth/settings
GET /api/Auth/teacher
GET /api/Management/licences/{client}
GET /api/Management/refreshTokens
GET /api/Management/teacher/{teacherId}
GET /api/Management/vimeo
GET /api/Questions/topics/{qmv}
GET /api/Questions/vctopics/{qmv}
GET /api/lm/Interface/modules/{customer}
GET /api/management/Book
GET /api/management/Customer
GET /api/management/Guidances/{moduleId}/{versionId}
GET /api/management/Jobs
GET /api/management/Jobs/{command}
GET /api/management/Lessons
GET /api/management/LiveLesson/id/{id}
GET /api/management/LiveLesson/{customer}
GET /api/management/Modules
GET /api/management/Notes/{module}
GET /api/management/Notes/{module}/{version}/{slide}
GET /api/management/Properties/{moduleId}/{versionId}/{slideId}
GET /api/management/PushTheButton
GET /api/management/Resources/video/usage/{vimeoId}
GET /api/management/Resources/{moduleid}/{versionid}
GET /api/management/Resources/{type}
GET /api/management/Slides/details/{moduleid}/{versionid}/{id}
GET /api/management/Slides/questions/{qmv}/{question}
GET /api/management/Slides/references/{moduleid}/{versionid}/{slideid}
GET /api/management/Slides/structure/{moduleid}/{versionid}
GET /api/management/Slides/video/{moduleid}/{versionid}
GET /api/management/Slides/{moduleid}/{versionid}
GET /api/management/Slides/{moduleid}/{versionid}/{type}
GET /api/management/Statistics/activecustomers
GET /api/management/Statistics/lessons
GET /api/management/Statistics/lessons/{customer}
GET /api/management/Teachers/fsm/{customer}
GET /api/management/Teachers/{customer}
GET /api/management/Users
GET /api/management/Users/{userid}
GET /api/management/Versions/{moduleId}
GET /api/management/Videos/list
GET /api/management/Videos/used/{vimeoId}
PATCH /api/management/Resources/video/{slideId}
POST /api/Auth
POST /api/Auth/refresh
POST /api/Management/convert/{moduleId}/{versionId}
POST /api/Management/copy
POST /api/Management/copyresources
POST /api/Management/deleteresources
POST /api/Management/range
POST /api/Questions/add
POST /api/lm/Interface/restrict
POST /api/management/CustomerModules
POST /api/management/CustomerModules/structure
POST /api/management/CustomerModules/teachertexts
POST /api/management/Guidances
POST /api/management/Guidances/assign/{moduleid}/{versionid}/{guidanceid}
POST /api/management/Guidances/attachment/{moduleId}/{versionId}/{guidanceId}
POST /api/management/Guidances/resources/copy
POST /api/management/Hotspot/recalc/{moduleId}/{versionId}/{slideId}
POST /api/management/Jobs/{id}/error
POST /api/management/Jobs/{id}/success
POST /api/management/Keyword
POST /api/management/Lessons/close
POST /api/management/Lessons/fix
POST /api/management/Modules/{id}
POST /api/management/Notes
POST /api/management/Properties/panorama/{moduleId}/{versionId}/{slideId}
POST /api/management/Properties/{slideId}
POST /api/management/PushTheButton/student
POST /api/management/Resources
POST /api/management/Resources/video/{moduleId}/{versionId}/{slideId}
POST /api/management/Resources/{moduleid}/{versionid}/{slideid}
POST /api/management/Slides
POST /api/management/Slides/add
POST /api/management/Slides/textboard
POST /api/management/Slides/updateOrder
POST /api/management/Statistics/slidelist
POST /api/management/Users/password
POST /api/management/Versions
POST /api/management/Versions/procedures/{moduleid}/{versionid}
POST /api/management/Versions/{moduleid}/{id}
POST /api/management/Videos/cleanup

Found on 2026-02-09 15:27

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60d8043003af831a9dbf00ff7cdf50d6305fbaa7b9

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/management/Customer/{customernumber}
DELETE /api/management/Guidances/resources/delete
DELETE /api/management/Slides/delete
DELETE /api/management/Slides/delete/{moduleId}/{versionId}/{slideId}
GET /api/Auth/customer
GET /api/Auth/enet
GET /api/Auth/ping
GET /api/Auth/ping2
GET /api/Auth/pingFsm
GET /api/Auth/settings
GET /api/Auth/teacher
GET /api/Management/licences/{client}
GET /api/Management/refreshTokens
GET /api/Management/teacher/{teacherId}
GET /api/Management/vimeo
GET /api/Questions/topics/{qmv}
GET /api/Questions/vctopics/{qmv}
GET /api/lm/Interface/modules/{customer}
GET /api/management/Book
GET /api/management/Customer
GET /api/management/Guidances/{moduleId}/{versionId}
GET /api/management/Jobs
GET /api/management/Jobs/{command}
GET /api/management/Lessons
GET /api/management/LiveLesson/id/{id}
GET /api/management/LiveLesson/{customer}
GET /api/management/Modules
GET /api/management/Notes/{module}
GET /api/management/Notes/{module}/{version}/{slide}
GET /api/management/Properties/{moduleId}/{versionId}/{slideId}
GET /api/management/PushTheButton
GET /api/management/Resources/video/usage/{vimeoId}
GET /api/management/Resources/{moduleid}/{versionid}
GET /api/management/Resources/{type}
GET /api/management/Slides/details/{moduleid}/{versionid}/{id}
GET /api/management/Slides/questions/{qmv}/{question}
GET /api/management/Slides/references/{moduleid}/{versionid}/{slideid}
GET /api/management/Slides/structure/{moduleid}/{versionid}
GET /api/management/Slides/video/{moduleid}/{versionid}
GET /api/management/Slides/{moduleid}/{versionid}
GET /api/management/Slides/{moduleid}/{versionid}/{type}
GET /api/management/Statistics/activecustomers
GET /api/management/Statistics/lessons
GET /api/management/Statistics/lessons/{customer}
GET /api/management/Teachers/fsm/{customer}
GET /api/management/Teachers/{customer}
GET /api/management/Users
GET /api/management/Users/{userid}
GET /api/management/Versions/{moduleId}
GET /api/management/Videos/list
GET /api/management/Videos/used/{vimeoId}
PATCH /api/management/Resources/video/{slideId}
POST /api/Auth
POST /api/Auth/refresh
POST /api/Management/convert/{moduleId}/{versionId}
POST /api/Management/copy
POST /api/Management/copyresources
POST /api/Management/deleteresources
POST /api/Management/range
POST /api/lm/Interface/restrict
POST /api/management/CustomerModules
POST /api/management/CustomerModules/structure
POST /api/management/CustomerModules/teachertexts
POST /api/management/Guidances
POST /api/management/Guidances/assign/{moduleid}/{versionid}/{guidanceid}
POST /api/management/Guidances/attachment/{moduleId}/{versionId}/{guidanceId}
POST /api/management/Guidances/resources/copy
POST /api/management/Hotspot/recalc/{moduleId}/{versionId}/{slideId}
POST /api/management/Jobs/{id}/error
POST /api/management/Jobs/{id}/success
POST /api/management/Keyword
POST /api/management/Lessons/close
POST /api/management/Lessons/fix
POST /api/management/Modules/{id}
POST /api/management/Notes
POST /api/management/Properties/panorama/{moduleId}/{versionId}/{slideId}
POST /api/management/Properties/{slideId}
POST /api/management/PushTheButton/student
POST /api/management/Resources
POST /api/management/Resources/video/{moduleId}/{versionId}/{slideId}
POST /api/management/Resources/{moduleid}/{versionid}/{slideid}
POST /api/management/Slides
POST /api/management/Slides/add
POST /api/management/Slides/textboard
POST /api/management/Slides/updateOrder
POST /api/management/Users/password
POST /api/management/Versions
POST /api/management/Versions/procedures/{moduleid}/{versionid}
POST /api/management/Versions/{moduleid}/{id}
POST /api/management/Videos/cleanup

Found on 2026-01-16 04:04

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.bus4fly.sitrap.it
Port: 443
URL: https://externalapi.bus4fly.sitrap.it

First seen 2026-01-05 16:17
Last seen 2026-02-09 15:15
Open for 34 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbdd70450c0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
GET /health
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-09 15:15

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-23 09:09

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-documentstore.orisnv.be
Port: 443
URL: https://staging-documentstore.orisnv.be

First seen 2026-01-06 08:03
Last seen 2026-02-09 14:35
Open for 34 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e305982f10ac2a0fbea1e4f30b665007a5ea7ddb

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v1/AccessControl/Delete/{id}
DELETE /api/v1/Document/Delete/{id}
DELETE /api/v1/Document/DeleteByReference
DELETE /api/v1/MetaData/Delete/{id}
GET /
GET /Document
GET /api/v1/AccessControl/Get/{id}
GET /api/v1/Document/Get/{id}
GET /api/v1/Document/GetByReference
GET /api/v1/Document/GetIdsByShareToken
GET /api/v1/Document/GetShareLink/{id}
GET /api/v1/Document/GetShareLinkByReference
GET /api/v1/DocumentType/List
GET /api/v1/MetaData/Get/{id}
GET /api/v1/Pdf/ValidatePdf
PATCH /api/v1/Document/PatchDocumentTypeById/api/v1/Document/{id}/documenttype
PATCH /api/v1/Document/PatchDocumentTypeByReference/api/v1/Document/{reference}/documenttype
POST /api/v1/AccessControl/Create
POST /api/v1/AccessControl/Search
POST /api/v1/Document/CreateFromExisting
POST /api/v1/Document/CreateZip
POST /api/v1/Document/Search
POST /api/v1/MetaData/Create
POST /api/v1/MetaData/Search
POST /api/v1/Pdf/AddWatermark
POST /api/v1/Pdf/ConvertToImagePdf
POST /api/v1/Pdf/Merge
POST /api/v1/Pdf/PasswordProtectPdf
POST /api/v1/Pdf/ReprocessPdf
POST /api/v1/Tag/AttachToDocument
POST /api/v1/Tag/DettachFromDocument
POST /api/v1/Tag/Save
POST /api/v1/Tag/Search
POST /api/v1/Tag/SearchTagsByDocumentFilter
PUT /api/v1/AccessControl/Update
PUT /api/v1/MetaData/Update

Found on 2026-02-09 14:35

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60b4a472ea4abdb4d4137b861e33c07c7cf2b9672a

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/v1/AccessControl/Delete/{id}
DELETE /api/v1/Document/Delete/{id}
DELETE /api/v1/Document/DeleteByReference
DELETE /api/v1/MetaData/Delete/{id}
GET /
GET /Document
GET /api/v1/AccessControl/Get/{id}
GET /api/v1/Document/Get/{id}
GET /api/v1/Document/GetByReference
GET /api/v1/Document/GetIdsByShareToken
GET /api/v1/Document/GetShareLink/{id}
GET /api/v1/Document/GetShareLinkByReference
GET /api/v1/DocumentType/List
GET /api/v1/MetaData/Get/{id}
GET /api/v1/Pdf/ValidatePdf
PATCH /api/v1/Document/PatchDocumentTypeById/api/v1/Document/{id}/documenttype
PATCH /api/v1/Document/PatchDocumentTypeByReference/api/v1/Document/{reference}/documenttype
POST /api/v1/AccessControl/Create
POST /api/v1/AccessControl/Search
POST /api/v1/Document/CreateFromExisting
POST /api/v1/Document/CreateZip
POST /api/v1/Document/Search
POST /api/v1/MetaData/Create
POST /api/v1/MetaData/Search
POST /api/v1/Pdf/AddWatermark
POST /api/v1/Pdf/ConvertToImagePdf
POST /api/v1/Pdf/Merge
POST /api/v1/Pdf/PasswordProtectPdf
POST /api/v1/Pdf/ReprocessPdf
POST /api/v1/Tag/AttachToDocument
POST /api/v1/Tag/DettachFromDocument
POST /api/v1/Tag/Save
POST /api/v1/Tag/Search
POST /api/v1/Tag/SearchTagsByDocumentFilter
PUT /api/v1/AccessControl/Update
PUT /api/v1/MetaData/Update

Found on 2026-01-15 20:39

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.barzi.sitrap.it
Port: 443
URL: https://externalapi.barzi.sitrap.it

First seen 2026-01-02 09:50
Last seen 2026-02-09 14:06
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbdd70450c0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
GET /health
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-09 14:06

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-01 21:17

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-api.fonds323.be
Port: 80
URL: http://staging-api.fonds323.be

First seen 2026-01-05 12:17
Last seen 2026-02-09 09:39
Open for 34 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493ab725d887bf17a9eef42026614801c895c3f681

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Course/enrollment/{enrollmentId}
GET /api/Certificate/Generate
GET /api/ChildCareRefund/FindChildCareRefunds
GET /api/Content/GetAllCollaborators
GET /api/Content/GetAllDownloads
GET /api/Content/GetAllFaqItems
GET /api/Content/GetAvailableSpotlightItem
GET /api/Content/GetCaos
GET /api/Content/GetCollaborators
GET /api/Content/GetConsultants
GET /api/Content/GetFaqItems
GET /api/Content/GetNewsItemById
GET /api/Content/GetNotificationBanner
GET /api/Content/GetProjectItemById
GET /api/Content/GetServicesItemByKey
GET /api/Content/GetWebcastItemById
GET /api/Content/GetWebtextById
GET /api/Content/GetWebtextByKey
GET /api/Content/GetWebtextItems
GET /api/Course/FindCourses
GET /api/Course/FindLanguagePlannedCourses
GET /api/Course/GetCalendar
GET /api/Course/GetCourseBudgetRefundProcessedDetails
GET /api/Course/GetCourseBudgetRefundRequestedDetails
GET /api/Course/GetExtendedDetailById
GET /api/Course/GetFilteredEducationProviders
GET /api/Course/find
GET /api/Organization/GetOrganisationByKboNumber
GET /api/Outplacement/GetAllOutplacementTypes
GET /api/Outplacement/GetOutplacementTypeResultById
GET /api/Person/Get
GET /api/Person/GetCRMPersonWithRelations
GET /api/Person/GetEmployees
GET /api/Person/GetFavoriteCourses
GET /api/Person/IsSf323EducationJustified
GET /api/Recognition/Find
GET /api/Recognition/Get
GET /api/Resource/categories
GET /api/Resource/learningtypes
GET /api/Resource/regions
GET /api/TrainingFees/Find
GET /api/TrainingFees/GenerateTrainingfees
GET /api/User
GET /api/User/FindPersonalRecognitions
POST /api/ChildCareRefund/StoreChildCareRefund
POST /api/Competence/FindCompanyDevelopmentPlans
POST /api/Competence/FindCompetenceEntries
POST /api/Competence/FindPersonalDevelopmentPlans
POST /api/Contact/SendContactCompactRequest
POST /api/Contact/SendContactRequest
POST /api/Content/FindProjectItems
POST /api/Content/GetDownloads
POST /api/Content/GetNewsItems
POST /api/Content/GetServices
POST /api/Content/GetWebcastItems
POST /api/Course/CreateCourseBudgetRefundRequest
POST /api/Course/SaveEnrollment
POST /api/Course/SaveLanguageEnrollment
POST /api/Document/Upload
POST /api/Outplacement/SaveOutplacementType
POST /api/Outplacement/SendOutplacementRequest
POST /api/Person/SetFavoriteCourse
POST /api/Recognition/List
POST /api/Search/Search

Found on 2026-02-09 09:39

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d608e46db3d5206431a8f1ac6ff167daf3965f9e682

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/Course/enrollment/{enrollmentId}
GET /api/Certificate/Generate
GET /api/ChildCareRefund/FindChildCareRefunds
GET /api/Content/GetAllCollaborators
GET /api/Content/GetAllDownloads
GET /api/Content/GetAllFaqItems
GET /api/Content/GetAvailableSpotlightItem
GET /api/Content/GetCaos
GET /api/Content/GetCollaborators
GET /api/Content/GetConsultants
GET /api/Content/GetFaqItems
GET /api/Content/GetNewsItemById
GET /api/Content/GetNotificationBanner
GET /api/Content/GetProjectItemById
GET /api/Content/GetServicesItemByKey
GET /api/Content/GetWebcastItemById
GET /api/Content/GetWebtextById
GET /api/Content/GetWebtextByKey
GET /api/Content/GetWebtextItems
GET /api/Course/FindCourses
GET /api/Course/FindLanguagePlannedCourses
GET /api/Course/GetCalendar
GET /api/Course/GetCourseBudgetRefundProcessedDetails
GET /api/Course/GetCourseBudgetRefundRequestedDetails
GET /api/Course/GetExtendedDetailById
GET /api/Course/GetFilteredEducationProviders
GET /api/Course/find
GET /api/Organization/GetOrganisationByKboNumber
GET /api/Outplacement/GetAllOutplacementTypes
GET /api/Outplacement/GetOutplacementTypeResultById
GET /api/Person/Get
GET /api/Person/GetCRMPersonWithRelations
GET /api/Person/GetEmployees
GET /api/Person/GetFavoriteCourses
GET /api/Person/IsSf323EducationJustified
GET /api/Recognition/Find
GET /api/Recognition/Get
GET /api/Resource/categories
GET /api/Resource/learningtypes
GET /api/Resource/regions
GET /api/TrainingFees/Find
GET /api/TrainingFees/GenerateTrainingfees
GET /api/User
GET /api/User/FindPersonalRecognitions
POST /api/ChildCareRefund/StoreChildCareRefund
POST /api/Competence/FindCompanyDevelopmentPlans
POST /api/Competence/FindCompetenceEntries
POST /api/Competence/FindPersonalDevelopmentPlans
POST /api/Contact/SendContactCompactRequest
POST /api/Contact/SendContactRequest
POST /api/Content/FindProjectItems
POST /api/Content/GetDownloads
POST /api/Content/GetNewsItems
POST /api/Content/GetServices
POST /api/Content/GetWebcastItems
POST /api/Course/CreateCourseBudgetRefundRequest
POST /api/Course/SaveEnrollment
POST /api/Course/SaveLanguageEnrollment
POST /api/Document/Upload
POST /api/Outplacement/SaveOutplacementType
POST /api/Outplacement/SendOutplacementRequest
POST /api/Person/SetFavoriteCourse
POST /api/Recognition/List
POST /api/Search/Search

Found on 2026-01-09 16:18

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: eventbroker-api-staging.immo-connect.be
Port: 80
URL: http://eventbroker-api-staging.immo-connect.be

First seen 2026-01-03 01:25
Last seen 2026-02-09 09:09
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549c6e5731ff80e7a22cdebf1d74a65ce5ca3ae0921
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v1/RegistrationEntry
GET /api/v1/Registration
GET /api/v1/RegistrationById
POST /api/v1/EventDefinition
POST /api/v1/TestCallback
```
  Found on 2026-02-09 09:09
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-mijnlidmaatschap-api.cib.be
Port: 443
URL: https://staging-mijnlidmaatschap-api.cib.be

First seen 2026-01-05 15:10
Last seen 2026-02-02 12:56
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549beeb5f1ebc82bc73af7cba53bcb9a2cdbcb9a2cd
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Collaborator/Get
GET /api/Crm/Get/{key}
GET /api/Webtexts/key/{key}
POST /api/Crm/Save
```
  Found on 2026-02-02 12:56
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: insight-uat.spendmanagement.com
Port: 443
URL: https://insight-uat.spendmanagement.com

First seen 2026-01-05 09:16
Last seen 2026-02-02 05:35
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 05:35
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: eventbroker-api-staging.immo-connect.be
Port: 443
URL: https://eventbroker-api-staging.immo-connect.be

First seen 2026-01-03 01:25
Last seen 2026-02-02 05:31
Open for 30 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549c6e5731ff80e7a22cdebf1d74a65ce5ca3ae0921
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/v1/RegistrationEntry
GET /api/v1/Registration
GET /api/v1/RegistrationById
POST /api/v1/EventDefinition
POST /api/v1/TestCallback
```
  Found on 2026-02-02 05:31
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.sais.sitrap.it
Port: 443
URL: https://externalapi.sais.sitrap.it

First seen 2025-12-06 10:47
Last seen 2026-02-02 03:45
Open for 57 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-02 03:45

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350902ee0e051c1b1f765390e9fa4dd870c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2025-12-06 10:47

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: api.bygginnsikt.no
Port: 443
URL: https://api.bygginnsikt.no

First seen 2026-01-05 15:15
Last seen 2026-02-02 02:53
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035495222fe57715aa7aabf2e5f82a14d54f3a9e7f94f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /message/delete/{messageId}
GET /Customer/HasEhf
GET /Customer/Information
GET /DeletedObjects/{projectId}
GET /Payments/prices
GET /Payments/status
GET /Project/list
GET /Project/{projectId}
GET /Project/{projectId}/metadata
GET /ServiceHealth
GET /SharedLink/activation/{projectId}
GET /SharedLink/{sharedLinkId}
GET /message/active
GET /project/{projectId}/shapes
GET /project/{projectId}/viewpoints
POST /Customer/Register
POST /Project/bim
POST /Project/emptyproject
POST /SharedLink/{projectId}
POST /message
POST /project/{projectId}/notification
PUT /Project/{projectId}/bim
PUT /message/activate/{messageId}
PUT /message/deactivate/{messageId}
PUT /message/update/{messageId}
PUT /project/{projectId}/location
PUT /project/{projectId}/point
PUT /project/{projectId}/shapes/{cesiumId}
PUT /project/{projectId}/viewpoints/{viewpointId}

Found on 2026-02-02 02:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: cib-api-staging.immo-connect.be
Port: 80
URL: http://cib-api-staging.immo-connect.be

First seen 2026-01-05 03:24
Last seen 2026-02-02 02:43
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 02:43
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: cib-api-staging.immo-connect.be
Port: 443
URL: https://cib-api-staging.immo-connect.be

First seen 2026-01-05 03:24
Last seen 2026-02-02 00:10
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 00:10
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: insights-uat.spendmanagement.com
Port: 443
URL: https://insights-uat.spendmanagement.com

First seen 2026-01-05 09:14
Last seen 2026-02-02 00:06
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-02 00:06
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-api.fonds323.be
Port: 443
URL: https://staging-api.fonds323.be

First seen 2026-01-05 12:17
Last seen 2026-02-02 00:02
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493ab725d887bf17a9eef42026614801c895c3f681

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Course/enrollment/{enrollmentId}
GET /api/Certificate/Generate
GET /api/ChildCareRefund/FindChildCareRefunds
GET /api/Content/GetAllCollaborators
GET /api/Content/GetAllDownloads
GET /api/Content/GetAllFaqItems
GET /api/Content/GetAvailableSpotlightItem
GET /api/Content/GetCaos
GET /api/Content/GetCollaborators
GET /api/Content/GetConsultants
GET /api/Content/GetFaqItems
GET /api/Content/GetNewsItemById
GET /api/Content/GetNotificationBanner
GET /api/Content/GetProjectItemById
GET /api/Content/GetServicesItemByKey
GET /api/Content/GetWebcastItemById
GET /api/Content/GetWebtextById
GET /api/Content/GetWebtextByKey
GET /api/Content/GetWebtextItems
GET /api/Course/FindCourses
GET /api/Course/FindLanguagePlannedCourses
GET /api/Course/GetCalendar
GET /api/Course/GetCourseBudgetRefundProcessedDetails
GET /api/Course/GetCourseBudgetRefundRequestedDetails
GET /api/Course/GetExtendedDetailById
GET /api/Course/GetFilteredEducationProviders
GET /api/Course/find
GET /api/Organization/GetOrganisationByKboNumber
GET /api/Outplacement/GetAllOutplacementTypes
GET /api/Outplacement/GetOutplacementTypeResultById
GET /api/Person/Get
GET /api/Person/GetCRMPersonWithRelations
GET /api/Person/GetEmployees
GET /api/Person/GetFavoriteCourses
GET /api/Person/IsSf323EducationJustified
GET /api/Recognition/Find
GET /api/Recognition/Get
GET /api/Resource/categories
GET /api/Resource/learningtypes
GET /api/Resource/regions
GET /api/TrainingFees/Find
GET /api/TrainingFees/GenerateTrainingfees
GET /api/User
GET /api/User/FindPersonalRecognitions
POST /api/ChildCareRefund/StoreChildCareRefund
POST /api/Competence/FindCompanyDevelopmentPlans
POST /api/Competence/FindCompetenceEntries
POST /api/Competence/FindPersonalDevelopmentPlans
POST /api/Contact/SendContactCompactRequest
POST /api/Contact/SendContactRequest
POST /api/Content/FindProjectItems
POST /api/Content/GetDownloads
POST /api/Content/GetNewsItems
POST /api/Content/GetServices
POST /api/Content/GetWebcastItems
POST /api/Course/CreateCourseBudgetRefundRequest
POST /api/Course/SaveEnrollment
POST /api/Course/SaveLanguageEnrollment
POST /api/Document/Upload
POST /api/Outplacement/SaveOutplacementType
POST /api/Outplacement/SendOutplacementRequest
POST /api/Person/SetFavoriteCourse
POST /api/Recognition/List
POST /api/Search/Search

Found on 2026-02-02 00:02

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.frecciaroma.sitrap.it
Port: 443
URL: https://externalapi.frecciaroma.sitrap.it

First seen 2026-01-05 17:35
Last seen 2026-02-01 23:56
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-02-01 23:56

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: wims-test.woerwag.com
Port: 443
URL: https://wims-test.woerwag.com

First seen 2025-10-22 16:35
Last seen 2026-02-01 22:16
Open for 102 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-01 22:16
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.libertylines.sitrap.it
Port: 443
URL: https://externalapi.libertylines.sitrap.it

First seen 2026-01-02 09:52
Last seen 2026-01-30 00:04
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-30 00:04

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: api.ebyggesokproff.no
Port: 443
URL: https://api.ebyggesokproff.no

First seen 2026-01-03 12:54
Last seen 2026-01-23 13:17
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354994517a57571419546cec2695c0507d04b7af5b52
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /ServiceHealth
GET /api/Byggesak
GET /api/Firma
GET /api/FirmaList
GET /api/Prosjekt
GET /api/Soknad
GET /api/Vedlegg
```
  Found on 2026-01-23 13:17
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: api-alaks.myview.cloud
Port: 443
URL: https://api-alaks.myview.cloud

First seen 2026-01-13 14:55
Last seen 2026-01-23 08:14
Open for 9 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-23 08:14

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549874ba1dbbc34d15d6fe314f526dfc0e40da561fc

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Article
GET /api/Article/Stock/{articleId}/{storageId}
GET /api/Article/articlegroup
GET /api/Article/articletype
GET /api/Article/articleunittype
GET /api/Article/storage
GET /api/Article/{articleId}
GET /api/Asset
GET /api/Asset/by_extrafield/{ExtraField}
GET /api/Asset/findByObjectNo/{objectNo}
GET /api/Asset/{assetId}
GET /api/Asset/{assetId}/WorkOrder
GET /api/Asset/{identifier}/CounterReading
GET /api/Asset/{objectNo}/KPI
GET /api/Company/CustomerSupplier
GET /api/Company/CustomerSupplier/{id}
GET /api/Company/customer
GET /api/Company/customer/{customerId}
GET /api/Company/supplier
GET /api/CounterReading/{id}
GET /api/Department
GET /api/Employee
GET /api/GenericMessage
GET /api/GenericMessage/messagegroups
GET /api/GenericMessage/{id}
GET /api/Invoice/status/{invoiceStatus}
GET /api/Invoice/status/{invoiceStatus}/{createdDate}
GET /api/Invoice/{invoiceNo}
GET /api/ProcessLog
GET /api/ProcessLog/{id}
GET /api/Profession
GET /api/Project
GET /api/Project/projecttypes
GET /api/Project/{projectId}
GET /api/PurchaseOrder/Status/{status}
GET /api/PurchaseOrder/order/{orderNo}
GET /api/StorageOrder
GET /api/StorageOrder/{storageOrderNo}
GET /api/ValueList/StorageValue/{valueListId}
GET /api/ValueList/{status}
GET /api/WorkOrder
GET /api/WorkOrder/activities
GET /api/WorkOrder/faulttype
GET /api/WorkOrder/findByNr/{workOrderNr}
GET /api/WorkOrder/{workOrderId}
GET /api/WorkOrder/{workOrderNr}/Articles
GET /api/WorkOrder/{workOrderNr}/Executing
GET /api/WorkOrder/{workOrderNr}/Hours
GET /api/Workflow
PATCH /api/Company/supplier/{supplierId}
PATCH /api/WorkOrder/{workOrderNr}/Article/{workOrderPartId}
POST /api/Article/{articleId}/Transaction
POST /api/CounterReading
POST /api/Image/message/{messageId}
POST /api/Image/workOrder/{workOrderId}
POST /api/PurchaseOrder/OrderLine/ {orderno}
POST /api/PurchaseOrder/{supplierId}
POST /api/StorageOrder/{storageOrderNo}/Line
POST /api/ValueList/ValueList/{storageId}
POST /api/WorkOrder/{workOrderNr}/Article
POST /connect/token
PUT /api/Asset/{assetId}/geolocation
PUT /api/Invoice/{invoiceNo}/status
PUT /api/PurchaseOrder/{orderNo}/status
PUT /api/WorkOrder/{workOrderId}/complete

Found on 2026-01-13 14:55

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: api.dexentire.se
Port: 443
URL: https://api.dexentire.se

First seen 2025-10-15 11:10
Last seen 2026-01-23 05:31
Open for 99 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354904e7d8fd1938fb2b45348b7315d8a66c522ba486
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Orders/OrderInfo
GET /api/Products
GET /api/Products/{prodNo}/StockBalance
GET /api/Stocks
POST /api/EdiWheel
POST /api/Orders
```
  Found on 2026-01-23 05:31
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-11-02 09:34
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: tenantservice.lindbakcloud.com
Port: 443
URL: https://tenantservice.lindbakcloud.com

First seen 2025-11-02 11:27
Last seen 2026-01-23 01:52
Open for 81 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354958d7cd3458d7cd3458d7cd3458d7cd3458d7cd34
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /api/external/integration/export/temporaryendpoints
```
  Found on 2026-01-23 01:52
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: api-thefinestfactory.myview.cloud
Port: 443
URL: https://api-thefinestfactory.myview.cloud

First seen 2026-01-11 17:19
Last seen 2026-01-23 01:16
Open for 11 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-23 01:16

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549874ba1dbbc34d15d6fe314f526dfc0e40da561fc

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Article
GET /api/Article/Stock/{articleId}/{storageId}
GET /api/Article/articlegroup
GET /api/Article/articletype
GET /api/Article/articleunittype
GET /api/Article/storage
GET /api/Article/{articleId}
GET /api/Asset
GET /api/Asset/by_extrafield/{ExtraField}
GET /api/Asset/findByObjectNo/{objectNo}
GET /api/Asset/{assetId}
GET /api/Asset/{assetId}/WorkOrder
GET /api/Asset/{identifier}/CounterReading
GET /api/Asset/{objectNo}/KPI
GET /api/Company/CustomerSupplier
GET /api/Company/CustomerSupplier/{id}
GET /api/Company/customer
GET /api/Company/customer/{customerId}
GET /api/Company/supplier
GET /api/CounterReading/{id}
GET /api/Department
GET /api/Employee
GET /api/GenericMessage
GET /api/GenericMessage/messagegroups
GET /api/GenericMessage/{id}
GET /api/Invoice/status/{invoiceStatus}
GET /api/Invoice/status/{invoiceStatus}/{createdDate}
GET /api/Invoice/{invoiceNo}
GET /api/ProcessLog
GET /api/ProcessLog/{id}
GET /api/Profession
GET /api/Project
GET /api/Project/projecttypes
GET /api/Project/{projectId}
GET /api/PurchaseOrder/Status/{status}
GET /api/PurchaseOrder/order/{orderNo}
GET /api/StorageOrder
GET /api/StorageOrder/{storageOrderNo}
GET /api/ValueList/StorageValue/{valueListId}
GET /api/ValueList/{status}
GET /api/WorkOrder
GET /api/WorkOrder/activities
GET /api/WorkOrder/faulttype
GET /api/WorkOrder/findByNr/{workOrderNr}
GET /api/WorkOrder/{workOrderId}
GET /api/WorkOrder/{workOrderNr}/Articles
GET /api/WorkOrder/{workOrderNr}/Executing
GET /api/WorkOrder/{workOrderNr}/Hours
GET /api/Workflow
PATCH /api/Company/supplier/{supplierId}
PATCH /api/WorkOrder/{workOrderNr}/Article/{workOrderPartId}
POST /api/Article/{articleId}/Transaction
POST /api/CounterReading
POST /api/Image/message/{messageId}
POST /api/Image/workOrder/{workOrderId}
POST /api/PurchaseOrder/OrderLine/ {orderno}
POST /api/PurchaseOrder/{supplierId}
POST /api/StorageOrder/{storageOrderNo}/Line
POST /api/ValueList/ValueList/{storageId}
POST /api/WorkOrder/{workOrderNr}/Article
POST /connect/token
PUT /api/Asset/{assetId}/geolocation
PUT /api/Invoice/{invoiceNo}/status
PUT /api/PurchaseOrder/{orderNo}/status
PUT /api/WorkOrder/{workOrderId}/complete

Found on 2026-01-11 17:19

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: staging-documentmanager-api.orisnv.be
Port: 443
URL: https://staging-documentmanager-api.orisnv.be

First seen 2026-01-03 01:24
Last seen 2026-01-22 21:28
Open for 19 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549d4bc8e7ec650c26295db5326353fa1b9feeb40b6
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Groups/List
GET /api/Publication/GetAccessRights
GET /api/Publication/GetRevisionDocumentShareLink
GET /api/Publication/GetRevisions
POST /api/Publication/List
```
  Found on 2026-01-22 21:28
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.blunavy.sitrap.it
Port: 443
URL: https://externalapi.blunavy.sitrap.it

First seen 2026-01-05 06:41
Last seen 2026-01-16 16:59
Open for 11 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-16 16:59

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: bimservice.api.nkprod.no
Port: 443
URL: https://bimservice.api.nkprod.no

First seen 2026-01-03 10:48
Last seen 2026-01-16 14:45
Open for 13 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354955b2866bd6ba03c392d83334851754b624f62f8d
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /Bim/{bimId}
GET /Bim/download/{bimId}
GET /Bim/metadata/{bimId}
GET /ServiceHealth
POST /Bim/upload
POST /Bim/{externalId}/upload
```
  Found on 2026-01-16 14:45
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: externalapi.dicarlobus.sitrap.it
Port: 443
URL: https://externalapi.dicarlobus.sitrap.it

First seen 2026-01-05 16:32
Last seen 2026-01-16 13:44
Open for 10 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b8958e4191856096a9f898fc735eacbd1966f781

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /generic/allMyBookings
GET /generic/booking/{bookingId}
GET /generic/cards/{cardCode}
GET /generic/farecategories
GET /generic/gtfs
GET /generic/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/reservation/{reservationId}
GET /generic/routes
GET /generic/status
GET /generic/v1.0/allMyBookings
GET /generic/v1.0/booking/{bookingId}
GET /generic/v1.0/cards/{cardCode}
GET /generic/v1.0/farecategories
GET /generic/v1.0/gtfs
GET /generic/v1.0/gtfs-trips-vehicles/{year}/{month}/{day}
GET /generic/v1.0/reservation/{reservationId}
GET /generic/v1.0/routes
GET /generic/v1.0/status
GET /generic/v1.0/vehicles
GET /generic/v1.0/wallet-funds
GET /generic/vehicles
GET /generic/wallet-funds
POST /generic/applyCoupon
POST /generic/baggages
POST /generic/booking
POST /generic/reservation
POST /generic/search
POST /generic/v1.0/applyCoupon
POST /generic/v1.0/baggages
POST /generic/v1.0/booking
POST /generic/v1.0/reservation
POST /generic/v1.0/search

Found on 2026-01-16 13:44

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.95.82.181
Domain: api-leroymelbu.myview.cloud
Port: 443
URL: https://api-leroymelbu.myview.cloud

First seen 2025-12-21 01:16
Last seen 2026-01-16 12:35
Open for 26 days

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-16 12:35

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549874ba1db3be560f3aac599aa80436cb17e5cebf9

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Article
GET /api/Article/articlegroup
GET /api/Article/articletype
GET /api/Article/articleunittype
GET /api/Article/storage
GET /api/Article/{articleId}
GET /api/Asset
GET /api/Asset/by_extrafield/{ExtraField}
GET /api/Asset/findByObjectNo/{objectNo}
GET /api/Asset/{assetId}
GET /api/Asset/{assetId}/WorkOrder
GET /api/Asset/{identifier}/CounterReading
GET /api/Asset/{objectNo}/KPI
GET /api/Company/customer
GET /api/Company/customer/{customerId}
GET /api/Company/supplier
GET /api/CounterReading/{id}
GET /api/Department
GET /api/Employee
GET /api/GenericMessage
GET /api/GenericMessage/{id}
GET /api/Invoice/status/{invoiceStatus}
GET /api/Invoice/{invoiceNo}
GET /api/ProcessLog
GET /api/ProcessLog/{id}
GET /api/Profession
GET /api/Project
GET /api/Project/projecttypes
GET /api/Project/{projectId}
GET /api/StorageOrder
GET /api/StorageOrder/{storageOrderNo}
GET /api/WorkOrder
GET /api/WorkOrder/faulttype
GET /api/WorkOrder/findByNr/{workOrderNr}
GET /api/WorkOrder/{workOrderId}
GET /api/WorkOrder/{workOrderNr}/Articles
GET /api/WorkOrder/{workOrderNr}/Executing
GET /api/WorkOrder/{workOrderNr}/Hours
PATCH /api/Company/supplier/{supplierId}
PATCH /api/WorkOrder/{workOrderNr}/Article/{workOrderPartId}
POST /api/Article/{articleId}/Transaction
POST /api/CounterReading
POST /api/Image/message/{messageId}
POST /api/StorageOrder/{storageOrderNo}/Line
POST /api/WorkOrder/{workOrderNr}/Article
POST /connect/token
PUT /api/Asset/{assetId}/geolocation
PUT /api/Invoice/{invoiceNo}/status
PUT /api/WorkOrder/{workOrderId}/complete

Found on 2026-01-09 08:31

Create report

Open service 13.95.82.181:80 · mercedes-benz.louwman.nl

2026-02-07 08:18

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sat, 07 Feb 2026 08:18:53 GMT
Location: https://mercedes-benz.louwman.nl/

Found 2026-02-07 by HttpPlugin