Host 18.141.40.12
Singapore
Software information
Microsoft-IIS 10.0
tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-03 02:18
Last seen 2026-02-10 00:41
Open for 98 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e949ad484818be00fa84a5956373dd1a6b426c0Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/account/get-settingmaster-value/{settingParameter} GET /api/category GET /api/category/get-category-by-vendor/{vendorId} GET /api/customerprofile/get-customerprofile-forpossearch GET /api/publicrequest/Test GET /api/sales/get-sales-data/{invoiceNo} GET /api/terminal GET /api/terminal/{terminalid} GET /api/userpaymentoptions/get-userpaymentoptions/{posprofileId} GET /api/vendor GET /api/vendor/{vendorid} POST /api/account/check-account POST /api/account/check-card-balance POST /api/account/check-spend-limit POST /api/account/get-allergens POST /api/account/get-banneditems POST /api/account/get-restricted-days POST /api/changepassword POST /api/customerprofile/get-profilephoto-photosync POST /api/logout POST /api/order/latest-order POST /api/order/order-detail-by-orderid POST /api/order/order-report POST /api/order/update-orderstatus POST /api/poslayer/get-poslayeritem POST /api/poslayer/get-poslayermaster POST /api/product POST /api/product/get-item-details POST /api/sales/SalesInsert POST /api/sales/cancelsale POST /api/sales/get-running-invoice-number POST /api/sales/get-sale-details POST /api/sales/get-sale-summary POST /api/sales/get-sale-summary-byterminal POST /api/sales/get-sales-byprofileid POST /api/sales/issaleslimitexceed POST /api/terminal/get-terminalprintermapping POST /api/terminal/update-terminalstatusFound on 2026-02-10 00:41
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-03 02:18
Last seen 2026-02-01 02:30
Open for 90 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035497e949ad484818be00fa84a5956373dd1a6b426c0Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/account/get-settingmaster-value/{settingParameter} GET /api/category GET /api/category/get-category-by-vendor/{vendorId} GET /api/customerprofile/get-customerprofile-forpossearch GET /api/publicrequest/Test GET /api/sales/get-sales-data/{invoiceNo} GET /api/terminal GET /api/terminal/{terminalid} GET /api/userpaymentoptions/get-userpaymentoptions/{posprofileId} GET /api/vendor GET /api/vendor/{vendorid} POST /api/account/check-account POST /api/account/check-card-balance POST /api/account/check-spend-limit POST /api/account/get-allergens POST /api/account/get-banneditems POST /api/account/get-restricted-days POST /api/changepassword POST /api/customerprofile/get-profilephoto-photosync POST /api/logout POST /api/order/latest-order POST /api/order/order-detail-by-orderid POST /api/order/order-report POST /api/order/update-orderstatus POST /api/poslayer/get-poslayeritem POST /api/poslayer/get-poslayermaster POST /api/product POST /api/product/get-item-details POST /api/sales/SalesInsert POST /api/sales/cancelsale POST /api/sales/get-running-invoice-number POST /api/sales/get-sale-details POST /api/sales/get-sale-summary POST /api/sales/get-sale-summary-byterminal POST /api/sales/get-sales-byprofileid POST /api/sales/issaleslimitexceed POST /api/terminal/get-terminalprintermapping POST /api/terminal/update-terminalstatusFound on 2026-02-01 02:30
-
-
Open service 18.141.40.12:80 ยท api-campuscard.isb.ac.th
2026-01-22 23:21
HTTP/1.1 307 Temporary Redirect Transfer-Encoding: chunked Location: https://api-campuscard.isb.ac.th/ Server: Microsoft-IIS/10.0 Date: Thu, 22 Jan 2026 23:22:01 GMT Connection: close
Found 2026-01-22 by HttpPluginCreate report