Domain api.firstcard.getgokart.ai
United States
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.119.0.39
Domain: api.firstcard.getgokart.ai
Port: 443
URL: https://api.firstcard.getgokart.aiFirst seen 2025-11-18 23:45
Last seen 2026-02-15 19:13
Open for 88 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-15 19:13
-
-
Open service 20.119.0.39:443 ยท api.firstcard.getgokart.ai
2026-01-22 19:27
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 19:28:28 GMT Server: Kestrel Set-Cookie: TiPMix=79.5956981016527; path=/; HttpOnly; Domain=api.firstcard.getgokart.ai; Max-Age=3600; Secure; SameSite=None Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=api.firstcard.getgokart.ai; Max-Age=3600; Secure; SameSite=None Request-Context: appId=cid-v1:47958d2a-1c71-4c15-98f9-6b75a6a66503
Found 2026-01-22 by HttpPluginCreate report