Kestrel
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60669808a164fd6eb564fd6eb564fd6eb564fd6eb5
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: GET /health GET /robots.txt
Open service 20.40.202.29:443 · assistant-operator-azuredevops.nexus.radixeng.com
2026-01-22 20:06
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 20:06:48 GMT Server: Kestrel Location: index.html
Open service 20.40.202.29:80 · assistant-operator-azuredevops.nexus.radixeng.com
2026-01-12 23:31
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 12 Jan 2026 23:32:14 GMT Location: https://assistant-operator-azuredevops.nexus.radixeng.com/
Open service 20.40.202.29:443 · assistant-operator-azuredevops.nexus.radixeng.com
2026-01-12 23:31
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 12 Jan 2026 23:32:15 GMT Server: Kestrel Location: index.html