LeakIX - Host api-staging.corpfinhub.co.uk

Domain api-staging.corpfinhub.co.uk

United Kingdom

MICROSOFT-CORP-MSN-AS-BLOCK

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.90.134.32
Domain: api-staging.corpfinhub.co.uk
Port: 443
URL: https://api-staging.corpfinhub.co.uk

First seen 2026-01-12 02:23
Last seen 2026-02-16 12:10
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-16 12:10
Create report

Open service 20.90.134.32:443 · api-staging.corpfinhub.co.uk

2026-01-22 19:46

HTTP/1.1 301 Moved Permanently
Content-Length: 203
Connection: close
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Jan 2026 19:46:55 GMT
Location: /swagger
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="/swagger">/swagger</a>. If not, click the link.

Found 2026-01-22 by HttpPlugin

Create report

Open service 20.90.134.32:80 · api-staging.corpfinhub.co.uk

2026-01-12 02:23

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Mon, 12 Jan 2026 02:24:55 GMT
Location: https://api-staging.corpfinhub.co.uk/

Found 2026-01-12 by HttpPlugin

Create report

Open service 20.90.134.32:443 · api-staging.corpfinhub.co.uk

2026-01-12 02:23

HTTP/1.1 301 Moved Permanently
Content-Length: 203
Connection: close
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Jan 2026 02:24:56 GMT
Location: /swagger
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000

Page title: Redirecting...

<!doctype html>
<html lang=en>
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to the target URL: <a href="/swagger">/swagger</a>. If not, click the link.

Found 2026-01-12 by HttpPlugin

Create report

api-staging.corpfinhub.co.uk

Fingerprint:

e9821d26d0ad46a4c3517ce9a2e4319915674683d1b2faeb0c9f6694afb6e39d

CN:

api-staging.corpfinhub.co.uk

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2026-01-12 00:00

Not after:

2026-04-14 23:59

api-staging.corpfinhub.co.uk

Fingerprint:

a5067dd3c32ec988316d7c12973668c4ad09710f2e90105d23efeb7d2f890627

CN:

api-staging.corpfinhub.co.uk

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-08-23 00:00

Not after:

2026-02-23 23:59

Domain summary

api-staging.corpfinhub.co.uk 3

1 recorded

IP summary

20.90.134.32 2

1 recorded

Domain api-staging.corpfinhub.co.uk

United Kingdom

Swagger API description is publicly available

Create report

Create report

Create report

api-staging.corpfinhub.co.uk

api-staging.corpfinhub.co.uk

Domain summary

IP summary