Domain api.dfx.swiss
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-10 09:26
Last seen 2026-01-16 15:23
Open for 6 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-16 15:23
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-21 08:01
Last seen 2026-01-16 12:07
Open for 26 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-16 12:07
-
-
Open service 20.50.2.54:80 · api.dfx.swiss
2026-01-10 09:26
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sat, 10 Jan 2026 09:27:52 GMT Location: https://api.dfx.swiss/
Found 2026-01-10 by HttpPluginCreate report
-
Open service 20.50.2.54:443 · api.dfx.swiss
2026-01-10 09:26
HTTP/1.1 302 Found Content-Length: 29 Connection: close Content-Type: text/plain; charset=utf-8 Date: Sat, 10 Jan 2026 09:27:52 GMT Access-Control-Allow-Origin: * Access-Control-Expose-Headers: content-disposition Location: swagger Set-Cookie: ARRAffinity=1cff8880cc5b09e0d58e44a82b8ccc4198a847c713cb7d80a90e95d921c36dfd;Path=/;HttpOnly;Secure;Domain=api.dfx.swiss Set-Cookie: ARRAffinitySameSite=1cff8880cc5b09e0d58e44a82b8ccc4198a847c713cb7d80a90e95d921c36dfd;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.dfx.swiss Vary: Accept Strict-Transport-Security: max-age=15552000; includeSubDomains request-context: appId=cid-v1: Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer X-Content-Type-Options: nosniff X-DNS-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 Found. Redirecting to swagger
Found 2026-01-10 by HttpPluginCreate report