Host 2.16.183.90
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.16.183.90
Domain: py-yellowstone-api.colasiss.com
Port: 443
URL: https://py-yellowstone-api.colasiss.comFirst seen 2025-11-05 10:05
Last seen 2026-01-14 13:29
Open for 70 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549e6ff1fc0b4ac4044af684abcde8d98362c6fbf86Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/Activities GET /api/Invoices GET /api/Locations GET /api/Locations/{id} GET /api/Locations/{id}/Activities POST /api/DeliveryNotes POST /api/Invoices/GetInvoicePDFFromJDE POST /api/Users POST /api/Users/CheckInvitationValidity POST /api/Users/CheckUserExistenceFound on 2026-01-14 13:29
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.16.183.90
Domain: py-yellowstone-apiissuer.colasiss.com
Port: 443
URL: https://py-yellowstone-apiissuer.colasiss.comFirst seen 2025-11-05 10:05
Last seen 2026-01-14 13:29
Open for 70 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498586fec58586fec58586fec58586fec58586fec5Public Swagger UI/API detected at path: /swagger/index.html - sample paths: POST /api/Signing/{clientId}Found on 2026-01-14 13:29
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-05 23:34
Last seen 2026-01-10 20:12
Open for 65 days-
Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf7eab7a38ebfd38ce4d12c187729cc59e393ce3709Public Swagger UI/API detected at path: /swagger-ui.html - sample paths: GET /api/account GET /api/assess-authentication-strategy/{username} GET /api/authenticate GET /api/health GET /api/hmac GET /api/identity-sse GET /api/permissions GET /api/stream-sse GET /api/user-settings GET /api/user/identity/download-report GET /api/version GET /bypass/maintenance GET /maintenance/mode GET /maintenance/notify GET /rejectRequest GET /swagger-resources GET /swagger-resources/configuration/security GET /swagger-resources/configuration/ui POST /api/logout POST /api/switch-organisation/{organisationId} POST /api/user/identity POST /api/zdesktokenFound on 2026-01-10 20:12
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.16.183.90
Domain: dev-boss-mds.csp-digital.com
Port: 443
URL: https://dev-boss-mds.csp-digital.comFirst seen 2025-10-20 14:19
Last seen 2025-12-12 08:43
Open for 52 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035491fa4bae160cf5eb9410a8e7781eccad71c79fce1Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /LocationsSynchronization/LocationStructureRelations/{id} GET /Diagnostics/Check GET /Diagnostics/Ping GET /Diagnostics/Version GET /LocationsSynchronization/LocationFlats GET /LocationsSynchronization/LocationFlats/ProvisionedProperties GET /LocationsSynchronization/LocationStructureRelations GET /LocationsSynchronization/LocationStructureRelations/ProvisionedProperties GET /LocationsSynchronization/PingPlug GET /LocationsSynchronization/PlugLogsDirectoryPath GET /LocationsSynchronization/ProvisionedEntityTypes GET /LocationsSynchronization/ProvisioningBehaviour GET /LocationsSynchronization/WebServiceContractVersion GET /LocationsSynchronization/WebServiceEnvironment GET /LocationsSynchronization/WebServiceVersion GET /StructuresSynchronization/DIRs GET /StructuresSynchronization/DIRs/ProvisionedProperties GET /StructuresSynchronization/ERTs GET /StructuresSynchronization/ERTs/ProvisionedProperties GET /StructuresSynchronization/PingPlug GET /StructuresSynchronization/PlugLogsDirectoryPath GET /StructuresSynchronization/ProvisionedStructureTypes GET /StructuresSynchronization/ProvisioningBehaviour GET /StructuresSynchronization/SJs GET /StructuresSynchronization/SJs/ProvisionedProperties GET /StructuresSynchronization/StructureTags GET /StructuresSynchronization/StructureTags/ProvisionedProperties GET /StructuresSynchronization/UEs GET /StructuresSynchronization/UEs/ProvisionedProperties GET /StructuresSynchronization/WebServiceContractVersion GET /StructuresSynchronization/WebServiceEnvironment GET /StructuresSynchronization/WebServiceVersion POST /LocationsSynchronization/BeginSynchronization POST /LocationsSynchronization/EndSynchronization POST /StructuresSynchronization/BeginSynchronization POST /StructuresSynchronization/EndSynchronization PUT /LocationsSynchronization/LocationFlats/{id} PUT /LocationsSynchronization/LocationStructureRelations/{identifier} PUT /StructuresSynchronization/DIRs/{id} PUT /StructuresSynchronization/ERTs/{id} PUT /StructuresSynchronization/SJs/{id} PUT /StructuresSynchronization/StructureTags/{id} PUT /StructuresSynchronization/UEs/{id}Found on 2025-12-12 08:43
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.16.183.90
Domain: dev-kydoc-mds.csp-digital.com
Port: 443
URL: https://dev-kydoc-mds.csp-digital.comFirst seen 2025-10-20 14:19
Last seen 2025-12-12 08:43
Open for 52 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549461f8521cd8f676f4f91261f1a05e2dc612a26c3Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /Diagnostics/Check GET /Diagnostics/Ping GET /Diagnostics/Version GET /EmployeesSynchronization/EnhancedGlobalEmployees GET /EmployeesSynchronization/EnhancedGlobalEmployees/ProvisionedProperties GET /EmployeesSynchronization/PingPlug GET /EmployeesSynchronization/PlugLogsDirectoryPath GET /EmployeesSynchronization/ProvisionedEntityTypes GET /EmployeesSynchronization/ProvisioningBehaviour GET /EmployeesSynchronization/WebServiceContractVersion GET /EmployeesSynchronization/WebServiceEnvironment GET /EmployeesSynchronization/WebServiceVersion POST /EmployeesSynchronization/BeginSynchronization POST /EmployeesSynchronization/EndSynchronization PUT /EmployeesSynchronization/EnhancedGlobalEmployees/{id}Found on 2025-12-12 08:43
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.16.183.90
Domain: pambff.winstaronline.casino
Port: 443
URL: https://pambff.winstaronline.casinoFirst seen 2025-10-22 14:13
Last seen 2025-11-22 21:52
Open for 31 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549500f2af2979f131953f62962c7f3acbda42a6110Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/configurations GET /api/v1/players-questionnaires-answers/{encryptedPlayerQuestionnaireAnswerId}/questionnaire GET /api/v1/players/{playerId} GET /api/v1/players/{playerId}/auth-challenges GET /api/v1/players/{playerId}/banners GET /api/v1/players/{playerId}/general-properties GET /api/v1/players/{playerId}/geolocation GET /api/v1/players/{playerId}/limits GET /api/v1/players/{playerId}/limits/history GET /api/v1/players/{playerId}/messages GET /api/v1/players/{playerId}/notifications/wins GET /api/v1/players/{playerId}/questionnaires GET /api/v1/players/{playerId}/real-time-notifications/settings GET /api/v1/players/{playerId}/restrictions GET /api/v1/players/{playerId}/unfinished-games GET /api/v1/players/{playerId}/wallet PATCH /api/v1/players-questionnaires-answers/{encryptedPlayerQuestionnaireAnswerId} POST /api/v1/logs POST /api/v1/players/biometric/options/auth POST /api/v1/players/password:recovery POST /api/v1/players/password:recovery-send-totp POST /api/v1/players/password:recovery-validate-totp POST /api/v1/players/sessions:auth-by-biometric POST /api/v1/players/sessions:auth-by-credentials POST /api/v1/players/sessions:auth-by-external-token POST /api/v1/players/sessions:auth-by-token POST /api/v1/players/username:recovery POST /api/v1/players/{playerId}/auth-challenges:activate POST /api/v1/players/{playerId}/auth-challenges:submit POST /api/v1/players/{playerId}/biometric/credentials POST /api/v1/players/{playerId}/biometric/options/registration POST /api/v1/players/{playerId}/complete-migration POST /api/v1/players/{playerId}/email:send-verification POST /api/v1/players/{playerId}/geolocation:process POST /api/v1/players/{playerId}/limits:confirm POST /api/v1/players/{playerId}/notifications:acknowledge POST /api/v1/players/{playerId}/questionnaires/{questionnaireInstanceId}/answer POST /api/v1/players/{playerId}/sessions:revoke POST /api/v1/players/{playerId}:accept-terms-and-conditions POST /api/v1/players/{playerId}:reinstatement PUT /api/v1/players/{playerId}/email PUT /api/v1/players/{playerId}/passwordFound on 2025-11-22 21:52 -
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2025-11-06 16:51
-