I can't say I've ever struggled to make this determination, but I don't make a habit of trying random ports, endpoints, car doors, or brute-force guessing URLs.

But it was very tempting when i saw that my national exam results were sent to us in a mail as nationalexam.com/results/2024/my-roll-number. Why would i not try different values in the last part.

Try it once to see if it works, you'll probably be fine.

Find out that it works, and then proceed to look up various other people? Whether you're fine depends entirely on whether or not you genuinely believe that you're supposed to be accessing that stuff.