Host 52.10.49.139
United States
Software information
Apache 2.4.61
tcp/443
PHP 7.0.33
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 52.10.49.139
Domain: api.sandbox-ordermgmt.goodleap.com
Port: 443
URL: https://api.sandbox-ordermgmt.goodleap.comFirst seen 2025-10-31 13:16-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549733d818175d71e449522fb830404cba2fee8b7c6Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/DistributorFunding GET /api/v1/Loans/{loanId} GET /api/v1/Loans/{loanId}/orders GET /api/v1/Orders GET /api/v1/Orders/GetLoanOrderDetails/{loanId} GET /api/v1/Orders/GetOrderDetails/{orderId} GET /api/v1/Orders/reasons/counter GET /api/v1/Orders/reasons/deny GET /api/v1/Orders/{orderId} GET /api/v1/Partners/{partnerId} POST /api/v1/Orders/changePayee POST /api/v1/Orders/export POST /api/v1/Orders/{orderId}/Submit POST /api/v1/Orders/{orderId}/approve POST /api/v1/Orders/{orderId}/counter POST /api/v1/Orders/{orderId}/deny POST /api/v1/webhookFound on 2025-10-31 13:16
-
-
Open service 52.10.49.139:443 ยท api.sandbox-ordermgmt.goodleap.com
2025-12-22 08:41
HTTP/1.1 302 Found Date: Mon, 22 Dec 2025 08:41:50 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close Server: Apache/2.4.61 (Amazon) PHP/7.0.33 X-Powered-By: PHP/7.0.33 location: ./Visual-Gas/index.php
Found 2025-12-22 by HttpPluginCreate report