LeakIX - Host 2.16.204.75

Host 2.16.204.75

Germany

Akamai International B.V.

Software information

AkamaiGHost

tcp/443 tcp/80

AkamaiNetStorage

tcp/443

AmazonS3

tcp/443

Apache Apache

tcp/443 tcp/80

ECD QA-11

tcp/443 tcp/80

Microsoft-IIS 10.0

tcp/443

awselb awselb 2.0

tcp/443

nginx nginx

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.20.143.74
Domain: api.stage.electrification.coursefinder.abb.com
Port: 443
URL: https://api.stage.electrification.coursefinder.abb.com

First seen 2025-11-18 06:28
Last seen 2026-01-14 15:23
Open for 57 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b59f45cf23d9172477e5b22321d5ebbc7eb84a75

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Cache
GET /api/Cache/getKeys
GET /api/CircuitBreaker
GET /api/CircuitBreaker/{id}
GET /api/Country
GET /api/Country/country-by-learning-path
GET /api/Country/country-by-pmdi-learning-path
GET /api/Country/country-name-by-iso-code/{isoCode}
GET /api/CustomLearningPath
GET /api/CustomLearningPath/online-courses/{id}
GET /api/CustomLearningPath/{id}
GET /api/DomainOfExpertise/get-electrical-standards-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-channels-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-products-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-profiles-by-domain-of-expertise-learning-path
GET /api/ElectricalStandard
GET /api/Image/image/{id}
GET /api/Image/thumb/{id}
GET /api/Language
GET /api/Language/languagebycountry
GET /api/Language/languagebydomainofexpertiselearningpath
GET /api/Language/languagebylearningpath
GET /api/Language/languagebypmdilearningpath
GET /api/LearningPath/learningpath-by-id
GET /api/OnlineCourse
GET /api/OnlineCourse/GetAllOnlineCourses
GET /api/OnlineCourse/any/{id}
GET /api/OnlineCourse/course-curation
GET /api/OnlineCourse/electrical-standard-by-learning-path
GET /api/OnlineCourse/online-course-by-country-and-language
GET /api/OnlineCourse/online-course-by-domain-of-expertise-learning-path-id
GET /api/OnlineCourse/online-course-by-learning-path-id
GET /api/OnlineCourse/online-course-by-pmdi-learning-path-id
GET /api/OnlineCourse/service-training-lab-courses
GET /api/OnlineCourse/skill-level-by-course-curation
GET /api/OnlineCourse/skill-level-domain-of-expertise-paths
GET /api/OnlineCourse/skill-level-pmdi-paths
GET /api/OnlineCourse/skill-level-scdi-paths
GET /api/OnlineCourse/topic-path-by-learning-path
GET /api/OnlineCourse/topic-path-by-pmdi-learning-path
GET /api/OnlineCourse/{id}
GET /api/Owner
GET /api/Owner/{code}
GET /api/PMDI/all_paths
GET /api/PartnerHub/companies
GET /api/PartnerHub/countries
GET /api/PartnerHub/languages
GET /api/PartnerHub/policies/{email}
GET /api/PartnerHub/roles
GET /api/PartnerHub/translations
GET /api/PartnerHub/user-info/{email}
GET /api/PartnerHub/user-sidebar
GET /api/Product
GET /api/Product/filters
GET /api/Roles
GET /api/SCDI/all_paths
GET /api/SCDI/application_solution_paths
GET /api/SCDI/channel_sales_paths
GET /api/SCDI/segment_business_dev_paths
GET /api/SCDI/service_paths
GET /api/ServiceTrainingFilters
GET /api/ServiceTrainingFilters/category
GET /api/SwitchGear
GET /api/SwitchGear/{id}
GET /api/Tutorial
GET /api/User
GET /api/User/image
GET /api/UserFavoriteCourse
GET /api/Version
POST /api/CircuitBreaker/delete
POST /api/CustomLearningPath/create
POST /api/CustomLearningPath/{id}/delete
POST /api/CustomLearningPath/{id}/delete-course/{courseId}
POST /api/CustomLearningPath/{id}/edit
POST /api/LearningPath
POST /api/LearningPath/domain-of-expertise
POST /api/LearningPath/pmdi
POST /api/Notification/receivers
POST /api/Notification/send-email
POST /api/OnlineCourse/online-course-by-path-items
POST /api/SwitchGear/delete
POST /api/Tracking
POST /api/User/return_user_detail
POST /api/User/store_user_token
POST /api/UserFavoriteCourse/{id}
POST /api/UserFavoriteCourse/{id}/delete

Found on 2026-01-14 15:23

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b59f45cf23d9172477e5b22321d5ebbc172bddb5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Cache
GET /api/Cache/getKeys
GET /api/CircuitBreaker
GET /api/CircuitBreaker/{id}
GET /api/Country
GET /api/Country/country-by-learning-path
GET /api/Country/country-by-pmdi-learning-path
GET /api/Country/country-name-by-iso-code/{isoCode}
GET /api/CustomLearningPath/online-courses/{id}
GET /api/CustomLearningPath/{id}
GET /api/DomainOfExpertise/get-electrical-standards-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-channels-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-products-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-profiles-by-domain-of-expertise-learning-path
GET /api/ElectricalStandard
GET /api/Image/image/{id}
GET /api/Image/thumb/{id}
GET /api/Language
GET /api/Language/languagebycountry
GET /api/Language/languagebydomainofexpertiselearningpath
GET /api/Language/languagebylearningpath
GET /api/Language/languagebypmdilearningpath
GET /api/LearningPath/learningpath-by-id
GET /api/OnlineCourse
GET /api/OnlineCourse/GetAllOnlineCourses
GET /api/OnlineCourse/any/{id}
GET /api/OnlineCourse/course-curation
GET /api/OnlineCourse/electrical-standard-by-learning-path
GET /api/OnlineCourse/online-course-by-country-and-language
GET /api/OnlineCourse/online-course-by-domain-of-expertise-learning-path-id
GET /api/OnlineCourse/online-course-by-learning-path-id
GET /api/OnlineCourse/online-course-by-pmdi-learning-path-id
GET /api/OnlineCourse/service-training-lab-courses
GET /api/OnlineCourse/skill-level-by-course-curation
GET /api/OnlineCourse/skill-level-domain-of-expertise-paths
GET /api/OnlineCourse/skill-level-pmdi-paths
GET /api/OnlineCourse/skill-level-scdi-paths
GET /api/OnlineCourse/topic-path-by-learning-path
GET /api/OnlineCourse/topic-path-by-pmdi-learning-path
GET /api/OnlineCourse/{id}
GET /api/Owner
GET /api/Owner/{code}
GET /api/PMDI/all_paths
GET /api/PartnerHub/companies
GET /api/PartnerHub/countries
GET /api/PartnerHub/languages
GET /api/PartnerHub/policies/{email}
GET /api/PartnerHub/roles
GET /api/PartnerHub/translations
GET /api/PartnerHub/user-info/{email}
GET /api/PartnerHub/user-sidebar
GET /api/Product
GET /api/Product/filters
GET /api/Roles
GET /api/SCDI/all_paths
GET /api/SCDI/application_solution_paths
GET /api/SCDI/channel_sales_paths
GET /api/SCDI/segment_business_dev_paths
GET /api/SCDI/service_paths
GET /api/ServiceTrainingFilters
GET /api/ServiceTrainingFilters/category
GET /api/SwitchGear
GET /api/SwitchGear/{id}
GET /api/Tutorial
GET /api/User
GET /api/User/image
GET /api/Version
POST /api/CircuitBreaker/delete
POST /api/CustomLearningPath
POST /api/CustomLearningPath/create
POST /api/CustomLearningPath/delete
POST /api/CustomLearningPath/delete-course
POST /api/CustomLearningPath/edit
POST /api/LearningPath
POST /api/LearningPath/domain-of-expertise
POST /api/LearningPath/pmdi
POST /api/Notification/receivers
POST /api/Notification/send-email
POST /api/OnlineCourse/online-course-by-path-items
POST /api/SwitchGear/delete
POST /api/Tracking
POST /api/User/return_user_detail
POST /api/User/store_user_token
POST /api/UserFavoriteCourse/courses
POST /api/UserFavoriteCourse/{id}
POST /api/UserFavoriteCourse/{id}/delete

Found on 2025-12-01 02:14

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.20.142.74
Domain: api.dev.electrification.coursefinder.abb.com
Port: 443
URL: https://api.dev.electrification.coursefinder.abb.com

First seen 2025-11-18 06:28
Last seen 2026-01-14 15:23
Open for 57 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b59f45cf23d9172477e5b22321d5ebbc7eb84a75

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Cache
GET /api/Cache/getKeys
GET /api/CircuitBreaker
GET /api/CircuitBreaker/{id}
GET /api/Country
GET /api/Country/country-by-learning-path
GET /api/Country/country-by-pmdi-learning-path
GET /api/Country/country-name-by-iso-code/{isoCode}
GET /api/CustomLearningPath
GET /api/CustomLearningPath/online-courses/{id}
GET /api/CustomLearningPath/{id}
GET /api/DomainOfExpertise/get-electrical-standards-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-channels-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-products-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-profiles-by-domain-of-expertise-learning-path
GET /api/ElectricalStandard
GET /api/Image/image/{id}
GET /api/Image/thumb/{id}
GET /api/Language
GET /api/Language/languagebycountry
GET /api/Language/languagebydomainofexpertiselearningpath
GET /api/Language/languagebylearningpath
GET /api/Language/languagebypmdilearningpath
GET /api/LearningPath/learningpath-by-id
GET /api/OnlineCourse
GET /api/OnlineCourse/GetAllOnlineCourses
GET /api/OnlineCourse/any/{id}
GET /api/OnlineCourse/course-curation
GET /api/OnlineCourse/electrical-standard-by-learning-path
GET /api/OnlineCourse/online-course-by-country-and-language
GET /api/OnlineCourse/online-course-by-domain-of-expertise-learning-path-id
GET /api/OnlineCourse/online-course-by-learning-path-id
GET /api/OnlineCourse/online-course-by-pmdi-learning-path-id
GET /api/OnlineCourse/service-training-lab-courses
GET /api/OnlineCourse/skill-level-by-course-curation
GET /api/OnlineCourse/skill-level-domain-of-expertise-paths
GET /api/OnlineCourse/skill-level-pmdi-paths
GET /api/OnlineCourse/skill-level-scdi-paths
GET /api/OnlineCourse/topic-path-by-learning-path
GET /api/OnlineCourse/topic-path-by-pmdi-learning-path
GET /api/OnlineCourse/{id}
GET /api/Owner
GET /api/Owner/{code}
GET /api/PMDI/all_paths
GET /api/PartnerHub/companies
GET /api/PartnerHub/countries
GET /api/PartnerHub/languages
GET /api/PartnerHub/policies/{email}
GET /api/PartnerHub/roles
GET /api/PartnerHub/translations
GET /api/PartnerHub/user-info/{email}
GET /api/PartnerHub/user-sidebar
GET /api/Product
GET /api/Product/filters
GET /api/Roles
GET /api/SCDI/all_paths
GET /api/SCDI/application_solution_paths
GET /api/SCDI/channel_sales_paths
GET /api/SCDI/segment_business_dev_paths
GET /api/SCDI/service_paths
GET /api/ServiceTrainingFilters
GET /api/ServiceTrainingFilters/category
GET /api/SwitchGear
GET /api/SwitchGear/{id}
GET /api/Tutorial
GET /api/User
GET /api/User/image
GET /api/UserFavoriteCourse
GET /api/Version
POST /api/CircuitBreaker/delete
POST /api/CustomLearningPath/create
POST /api/CustomLearningPath/{id}/delete
POST /api/CustomLearningPath/{id}/delete-course/{courseId}
POST /api/CustomLearningPath/{id}/edit
POST /api/LearningPath
POST /api/LearningPath/domain-of-expertise
POST /api/LearningPath/pmdi
POST /api/Notification/receivers
POST /api/Notification/send-email
POST /api/OnlineCourse/online-course-by-path-items
POST /api/SwitchGear/delete
POST /api/Tracking
POST /api/User/return_user_detail
POST /api/User/store_user_token
POST /api/UserFavoriteCourse/{id}
POST /api/UserFavoriteCourse/{id}/delete

Found on 2026-01-14 15:23

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b59f45cf23d9172477e5b22321d5ebbc172bddb5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Cache
GET /api/Cache/getKeys
GET /api/CircuitBreaker
GET /api/CircuitBreaker/{id}
GET /api/Country
GET /api/Country/country-by-learning-path
GET /api/Country/country-by-pmdi-learning-path
GET /api/Country/country-name-by-iso-code/{isoCode}
GET /api/CustomLearningPath/online-courses/{id}
GET /api/CustomLearningPath/{id}
GET /api/DomainOfExpertise/get-electrical-standards-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-channels-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-products-by-domain-of-expertise-learning-path
GET /api/DomainOfExpertise/get-target-profiles-by-domain-of-expertise-learning-path
GET /api/ElectricalStandard
GET /api/Image/image/{id}
GET /api/Image/thumb/{id}
GET /api/Language
GET /api/Language/languagebycountry
GET /api/Language/languagebydomainofexpertiselearningpath
GET /api/Language/languagebylearningpath
GET /api/Language/languagebypmdilearningpath
GET /api/LearningPath/learningpath-by-id
GET /api/OnlineCourse
GET /api/OnlineCourse/GetAllOnlineCourses
GET /api/OnlineCourse/any/{id}
GET /api/OnlineCourse/course-curation
GET /api/OnlineCourse/electrical-standard-by-learning-path
GET /api/OnlineCourse/online-course-by-country-and-language
GET /api/OnlineCourse/online-course-by-domain-of-expertise-learning-path-id
GET /api/OnlineCourse/online-course-by-learning-path-id
GET /api/OnlineCourse/online-course-by-pmdi-learning-path-id
GET /api/OnlineCourse/service-training-lab-courses
GET /api/OnlineCourse/skill-level-by-course-curation
GET /api/OnlineCourse/skill-level-domain-of-expertise-paths
GET /api/OnlineCourse/skill-level-pmdi-paths
GET /api/OnlineCourse/skill-level-scdi-paths
GET /api/OnlineCourse/topic-path-by-learning-path
GET /api/OnlineCourse/topic-path-by-pmdi-learning-path
GET /api/OnlineCourse/{id}
GET /api/Owner
GET /api/Owner/{code}
GET /api/PMDI/all_paths
GET /api/PartnerHub/companies
GET /api/PartnerHub/countries
GET /api/PartnerHub/languages
GET /api/PartnerHub/policies/{email}
GET /api/PartnerHub/roles
GET /api/PartnerHub/translations
GET /api/PartnerHub/user-info/{email}
GET /api/PartnerHub/user-sidebar
GET /api/Product
GET /api/Product/filters
GET /api/Roles
GET /api/SCDI/all_paths
GET /api/SCDI/application_solution_paths
GET /api/SCDI/channel_sales_paths
GET /api/SCDI/segment_business_dev_paths
GET /api/SCDI/service_paths
GET /api/ServiceTrainingFilters
GET /api/ServiceTrainingFilters/category
GET /api/SwitchGear
GET /api/SwitchGear/{id}
GET /api/Tutorial
GET /api/User
GET /api/User/image
GET /api/Version
POST /api/CircuitBreaker/delete
POST /api/CustomLearningPath
POST /api/CustomLearningPath/create
POST /api/CustomLearningPath/delete
POST /api/CustomLearningPath/delete-course
POST /api/CustomLearningPath/edit
POST /api/LearningPath
POST /api/LearningPath/domain-of-expertise
POST /api/LearningPath/pmdi
POST /api/Notification/receivers
POST /api/Notification/send-email
POST /api/OnlineCourse/online-course-by-path-items
POST /api/SwitchGear/delete
POST /api/Tracking
POST /api/User/return_user_detail
POST /api/User/store_user_token
POST /api/UserFavoriteCourse/courses
POST /api/UserFavoriteCourse/{id}
POST /api/UserFavoriteCourse/{id}/delete

Found on 2025-11-23 05:47

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.75
Domain: canales-api.acciona-energia.com
Port: 443
URL: https://canales-api.acciona-energia.com

First seen 2025-10-20 15:04
Last seen 2026-01-14 14:18
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-14 14:18
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.144
Domain: irisapi.acciona.com
Port: 443
URL: https://irisapi.acciona.com

First seen 2025-10-20 15:04
Last seen 2026-01-14 14:18
Open for 85 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549d97776bfcf580cc0a25920f775594094c53b029e

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/AuthorizedEmployeeAdvance/Delete/{id}
DELETE /api/EmployeeSettlementSheetType/Delete/{id}
DELETE /api/ResponsibleEmployee/Delete/{id}
DELETE /api/SettlementSheet/Delete/{id}
GET /api/App/CheckElementoImputacion
GET /api/App/GetAnticipo
GET /api/App/GetDefaultEmployeeInputationElement
GET /api/App/GetHLIRIS
GET /api/App/GetLoginIrisAzure
GET /api/App/GetPersonaIRIS
GET /api/App/api/GetTypeHL
GET /api/App/api/GetTypeHLByIPF
GET /api/AuthorizedEmployeeAdvance/FindByID/{id}
GET /api/AuthorizedEmployeeAdvance/GetAll
GET /api/EmployeeAdvance/GetAuthorizedEmployeeAdvance
GET /api/EmployeeAdvance/GetEmployeeAdvance
GET /api/EmployeeAdvance/GetPossibleDuplicatedAdvance
GET /api/EmployeeSettlementSheetType/FindByID/{id}
GET /api/EmployeeSettlementSheetType/FindByIPF
GET /api/EmployeeSettlementSheetType/GetAll
GET /api/EmployeeSettlementSheetType/GetByFilterExpression
GET /api/EmployeeSettlementSheetType/GetfEmployeeSettlementTypeByID
GET /api/ExpenseType/GetAll
GET /api/ExpenseType/GetBySettlemetSheetType
GET /api/IrisReport/GetCostUserByMontReport
GET /api/IrisReport/GetCostUserGroupTypeReport
GET /api/ResponsibleEmployee/FindByID/{id}
GET /api/ResponsibleEmployee/GetAll
GET /api/ResponsibleEmployee/GetByFilterExpression
GET /api/ResponsibleEmployee/GetResponsableEmployeeByIPF
GET /api/ResponsibleEmployee/GetResponsableEmployeeByMail
GET /api/ResponsibleEmployee/GetResponsableForSettlement
GET /api/ResponsibleEmployee/GetResponsibleByIPF
GET /api/SettlementSheet/FindByID/{id}
GET /api/SettlementSheet/GetAll
GET /api/SettlementSheet/GetByFilterExpression
GET /api/SettlementSheet/GetDefaultExpenseDetails
GET /api/SettlementSheet/GetUserSettlementSheets
GET /api/SettlementSheetOperative/CheckUploadedFile
GET /api/SettlementSheetOperative/GetAll
GET /api/SettlementSheetOperative/GetByFilterExpression
GET /api/SettlementSheetOperative/GetIrisSettlementSheetDetail
GET /api/SettlementSheetOperative/GetIrisSettlementSheetDetails
GET /api/SettlementSheetOperative/GetSettlementSheetSummaryPdf
GET /api/SettlementSheetOperative/GetSettlementSheetTicketsPdf
GET /api/SettlementSheetOperative/GetSettlementTicketPdf
GET /api/SettlementSheetResponsable/FindByID/{id}
GET /api/SettlementSheetResponsable/GetAll
GET /api/SettlementSheetResponsable/GetByFilterExpression
GET /api/SettlementSheetTrace/GetBySettlementSheetID
GET /api/SettlementSheetType/GetAll
GET /api/SettlementSheetType/GetByIPF
POST /api/App/DeleteHLIRIS
POST /api/App/SetHLIRIS
POST /api/AuthorizedEmployeeAdvance/Add
POST /api/EmployeeSettlementSheetType/Add
POST /api/Mail/RejectSettlementNoScanVisioFiles
POST /api/Mail/SendSettlementSheetToResponsable
POST /api/MailSettlementSheet/SendIrisEmailNotification
POST /api/ResponsibleEmployee/Add
POST /api/ScanVisio/DeleteScanVisioSettlementSheet
POST /api/ScanVisio/DeleteScanVisioSettlementSheets
POST /api/SettlementSheet/Add
POST /api/SettlementSheet/MoveToIrisApp
POST /api/SettlementSheet/MoveToPayment
POST /api/SettlementSheet/TransferToTitularUser
POST /api/SettlementSheetOperative/GenerateScanVisioFiles
POST /api/SettlementSheetOperative/MoveSettlementSheetToSAP
POST /api/SettlementSheetOperative/RevertSettlementSheetFromSAP
POST /api/SettlementSheetResponsable/ApproveSettlementSheet
POST /api/SettlementSheetResponsable/RejectSettlementNoScanVisioFiles
POST /api/SettlementSheetResponsable/RejectSettlementSheet
POST /api/SettlementSheetResponsable/SendSettlementSheetToResponsable
PUT /api/EmployeeSettlementSheetType/Edit/{key}
PUT /api/ResponsibleEmployee/Edit/{key}
PUT /api/SettlementSheet/Edit/{key}

Found on 2026-01-14 14:18

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2025-12-04 13:09

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60c89dc920bf200b39536a558cce2ab7f584b8e98f

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/AuthorizedEmployeeAdvance/Delete/{id}
DELETE /api/EmployeeSettlementSheetType/Delete/{id}
DELETE /api/ResponsibleEmployee/Delete/{id}
DELETE /api/SettlementSheet/Delete/{id}
GET /api/App/CheckElementoImputacion
GET /api/App/GetAnticipo
GET /api/App/GetDefaultEmployeeInputationElement
GET /api/App/GetHLIRIS
GET /api/App/GetLoginIrisAzure
GET /api/App/GetPersonaIRIS
GET /api/App/api/GetTypeHL
GET /api/App/api/GetTypeHLByIPF
GET /api/AuthorizedEmployeeAdvance/FindByID/{id}
GET /api/AuthorizedEmployeeAdvance/GetAll
GET /api/EmployeeAdvance/GetAuthorizedEmployeeAdvance
GET /api/EmployeeAdvance/GetEmployeeAdvance
GET /api/EmployeeAdvance/GetPossibleDuplicatedAdvance
GET /api/EmployeeSettlementSheetType/FindByID/{id}
GET /api/EmployeeSettlementSheetType/FindByIPF
GET /api/EmployeeSettlementSheetType/GetAll
GET /api/EmployeeSettlementSheetType/GetByFilterExpression
GET /api/EmployeeSettlementSheetType/GetfEmployeeSettlementTypeByID
GET /api/ExpenseType/GetAll
GET /api/ExpenseType/GetBySettlemetSheetType
GET /api/IrisReport/GetCostUserByMontReport
GET /api/IrisReport/GetCostUserGroupTypeReport
GET /api/ResponsibleEmployee/FindByID/{id}
GET /api/ResponsibleEmployee/GetAll
GET /api/ResponsibleEmployee/GetByFilterExpression
GET /api/ResponsibleEmployee/GetResponsableEmployeeByIPF
GET /api/ResponsibleEmployee/GetResponsableEmployeeByMail
GET /api/ResponsibleEmployee/GetResponsableForSettlement
GET /api/ResponsibleEmployee/GetResponsibleByIPF
GET /api/SettlementSheet/FindByID/{id}
GET /api/SettlementSheet/GetAll
GET /api/SettlementSheet/GetByFilterExpression
GET /api/SettlementSheet/GetDefaultExpenseDetails
GET /api/SettlementSheet/GetUserSettlementSheets
GET /api/SettlementSheetOperative/CheckUploadedFile
GET /api/SettlementSheetOperative/GetAll
GET /api/SettlementSheetOperative/GetByFilterExpression
GET /api/SettlementSheetOperative/GetIrisSettlementSheetDetail
GET /api/SettlementSheetOperative/GetIrisSettlementSheetDetails
GET /api/SettlementSheetOperative/GetSettlementSheetSummaryPdf
GET /api/SettlementSheetOperative/GetSettlementSheetTicketsPdf
GET /api/SettlementSheetOperative/GetSettlementTicketPdf
GET /api/SettlementSheetResponsable/FindByID/{id}
GET /api/SettlementSheetResponsable/GetAll
GET /api/SettlementSheetResponsable/GetByFilterExpression
GET /api/SettlementSheetTrace/GetBySettlementSheetID
GET /api/SettlementSheetType/GetAll
GET /api/SettlementSheetType/GetByIPF
POST /api/App/DeleteHLIRIS
POST /api/App/SetHLIRIS
POST /api/AuthorizedEmployeeAdvance/Add
POST /api/EmployeeSettlementSheetType/Add
POST /api/Mail/RejectSettlementNoScanVisioFiles
POST /api/Mail/SendSettlementSheetToResponsable
POST /api/MailSettlementSheet/SendIrisEmailNotification
POST /api/ResponsibleEmployee/Add
POST /api/ScanVisio/DeleteScanVisioSettlementSheet
POST /api/ScanVisio/DeleteScanVisioSettlementSheets
POST /api/SettlementSheet/Add
POST /api/SettlementSheet/MoveToIrisApp
POST /api/SettlementSheet/MoveToPayment
POST /api/SettlementSheet/TransferToTitularUser
POST /api/SettlementSheetOperative/GenerateScanVisioFiles
POST /api/SettlementSheetOperative/MoveSettlementSheetToSAP
POST /api/SettlementSheetOperative/RevertSettlementSheetFromSAP
POST /api/SettlementSheetResponsable/ApproveSettlementSheet
POST /api/SettlementSheetResponsable/RejectSettlementNoScanVisioFiles
POST /api/SettlementSheetResponsable/RejectSettlementSheet
POST /api/SettlementSheetResponsable/SendSettlementSheetToResponsable
PUT /api/EmployeeSettlementSheetType/Edit/{key}
PUT /api/ResponsibleEmployee/Edit/{key}
PUT /api/SettlementSheet/Edit/{key}

Found on 2025-12-01 17:27

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.75
Domain: vie-dev.groupm.tech
Port: 443
URL: https://vie-dev.groupm.tech

First seen 2025-10-16 11:37
Last seen 2026-01-10 03:40
Open for 85 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-10 03:40
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.75
Domain: epg-bff.api.persgroep.cloud
Port: 443
URL: https://epg-bff.api.persgroep.cloud

First seen 2025-10-27 16:49
Last seen 2026-01-09 21:51
Open for 74 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1a8bcc6e56a9a2a9d40d8672cc56e1066acb123b0097767b3
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths:
GET /rest/broadcasts
GET /rest/channels/{idOrSeoKey}
GET /rest/configuration
GET /rest/episode-broadcasts/{id}
GET /rest/movie-broadcasts/{id}
GET /rest/toppicks/{date}
```
  Found on 2026-01-09 21:51
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2025-12-24 21:39
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.75
Domain: api.library.abb.com
Port: 443
URL: https://api.library.abb.com

First seen 2025-10-21 12:32
Last seen 2026-01-09 05:26
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549d96f655a820d78532d169aea0b45128ce4418308
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v{version}/public/documents
GET /api/v{version}/public/documents/facets/categories
GET /api/v{version}/public/documents/facets/documentKinds
GET /api/v{version}/public/documents/facets/languages
GET /api/v{version}/public/tags
```
  Found on 2026-01-09 05:26
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.75
Domain: api.driveinsight.motion.abb.com
Port: 443
URL: https://api.driveinsight.motion.abb.com

First seen 2025-10-21 12:32
Last seen 2026-01-09 05:26
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 05:26
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.75
Domain: api.dev.driveinsight.motion.abb.com
Port: 443
URL: https://api.dev.driveinsight.motion.abb.com

First seen 2025-10-21 12:32
Last seen 2026-01-09 00:49
Open for 79 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0
```
Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
```
  Found on 2026-01-09 00:49
Create report

GraphQL introspection is enabled.

This could leak to data leak if not properly configured.

IP: 2.16.204.90
Domain: www.hclswag.com
Port: 443
URL: https://www.hclswag.com

First seen 2025-11-08 05:29
Last seen 2026-01-02 22:41
Open for 55 days

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37d96f14f55243bdde5a2735607dbce6459d15ab5

GraphQL introspection enabled at /graphql
Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, oneOf, skip (total: 4)

Detected: Magento

Found on 2026-01-02 22:41

674.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2d562a70c2fd428505555046b706aa7db43f29cce

GraphQL introspection enabled at /graphql/api
Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, oneOf, skip (total: 4)

Detected: Magento

Found on 2025-12-20 16:36

674.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2d562a70c2fd428505555046b706aa7dbea0f54c3

GraphQL introspection enabled at /graphql/api
Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-11 15:08

674.7 kBytes

Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa37d96f14f55243bdde5a2735607dbce64a8cf2186

GraphQL introspection enabled at /graphql
Types: 385 (by kind: ENUM: 28, INPUT_OBJECT: 91, INTERFACE: 20, OBJECT: 241, SCALAR: 5)
Operations:
- Query: Query | fields: availableStores, cart, categories, category, categoryList
- Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList
Directives: deprecated, include, oneOf, skip (total: 4)

Found on 2025-12-01 16:33

674.7 kBytes

Create report

Open service 2.16.204.75:80 · www.wydawnictworebel.pl

2026-01-12 23:20

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://www.wydawnictworebel.pl/
Expires: Mon, 12 Jan 2026 23:20:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 12 Jan 2026 23:20:54 GMT
Connection: close
X-N: S

Found 2 days ago by HttpPlugin