Domain dev2-auth-menumanager.test.subway.com
Germany
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 23.213.161.217
Domain: dev2-auth-menumanager.test.subway.com
Port: 443
URL: https://dev2-auth-menumanager.test.subway.comFirst seen 2025-11-22 21:53
Last seen 2026-02-09 21:35
Open for 78 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b735095a3fda8f6f325e38869ab70874fa7f4Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET / GET /api/auth/generate GET /api/auth/identity GET /api/auth/logout GET /api/auth/spoof/{spoofedId} OPTIONS /api/auth OPTIONS /api/auth/spoof/{id} POST /api/auth/authenticate POST /api/auth/jwt POST /api/auth/partners-saml POST /api/auth/samlFound on 2026-02-09 21:35
-
-
Open service 23.213.161.217:443 · dev2-auth-menumanager.test.subway.com
2026-01-23 00:31
HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: Kestrel Request-Context: appId=cid-v1:5e918404-a506-45a6-a17a-2080bf2ba7e8 X-Powered-By: ASP.NET Date: Fri, 23 Jan 2026 00:31:04 GMT Content-Length: 67 Connection: close {"StatusCode":200,"APIResponseMessage":"MM Authorization Success!"}Found 2026-01-23 by HttpPluginCreate report
-
Open service 23.213.161.217:443 · dev2-auth-menumanager.test.subway.com
2026-01-10 02:02
HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: Kestrel Request-Context: appId=cid-v1:5e918404-a506-45a6-a17a-2080bf2ba7e8 X-Powered-By: ASP.NET Date: Sat, 10 Jan 2026 02:02:23 GMT Content-Length: 67 Connection: close {"StatusCode":200,"APIResponseMessage":"MM Authorization Success!"}Found 2026-01-10 by HttpPluginCreate report
-
Open service 23.213.161.217:443 · dev2-auth-menumanager.test.subway.com
2026-01-02 23:59
HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: Kestrel Request-Context: appId=cid-v1:5e918404-a506-45a6-a17a-2080bf2ba7e8 X-Powered-By: ASP.NET Date: Fri, 02 Jan 2026 23:59:34 GMT Content-Length: 67 Connection: close {"StatusCode":200,"APIResponseMessage":"MM Authorization Success!"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 23.213.161.217:443 · dev2-auth-menumanager.test.subway.com
2025-12-23 04:07
HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: Kestrel Request-Context: appId=cid-v1:5e918404-a506-45a6-a17a-2080bf2ba7e8 X-Powered-By: ASP.NET Date: Tue, 23 Dec 2025 04:07:33 GMT Content-Length: 67 Connection: close {"StatusCode":200,"APIResponseMessage":"MM Authorization Success!"}Found 2025-12-23 by HttpPluginCreate report