The reply originated from a backend server, the originating frontend server has been included in the report for reference.
It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.
Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa46669809b839189a32804a682dc898c02
Received reply after a Log4j payload from this host Ping was received because of X-Forwared-Host Reply took 834.338371ms Orignal request was to 23.222.64.106:443 This event's HTTP and SSL details are preserved from the orignal request. Orignal reply: 5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b203833342e3333383337316d730a4f7269676e616c20726571756573742077617320746f2032332e3232322e36342e3130363a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a
Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa44cbc5a88436efabcb56670eb742cf10a
Received reply after a Log4j payload from this host Ping was received because of X-Forwared-Host Reply took 6.238495ms Orignal request was to 23.222.64.106:443 This event's HTTP and SSL details are preserved from the orignal request. Orignal reply: 5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e3233383439356d730a4f7269676e616c20726571756573742077617320746f2032332e3232322e36342e3130363a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a
Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4bf14a4c338347a1b96ecbb4abab8cd06
Received reply after a Log4j payload from this host Ping was received because of X-Forwared-Host Reply took 430.382954ms Orignal request was to 23.222.64.106:443 This event's HTTP and SSL details are preserved from the orignal request. Orignal reply: 5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b203433302e3338323935346d730a4f7269676e616c20726571756573742077617320746f2032332e3232322e36342e3130363a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff431818dff1ab714ac2ab714ac2ab714ac2ab714ac2
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /v1/{portal}/{entity}/details/{course_id}
GET /v1/{portal}/{entity}/{type}/{region}
Open service 92.122.106.222:443 ยท energy.economictimes.indiatimes.com
2026-01-23 05:05
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Access-Control-Allow-Origin: * Last-Modified: Fri, 23 Jan 2026 05:02:53 GMT Content-Language: en Access-Control-Allow-Credentials: true X-Frame-Options: sameorigin Strict-Transport-Security: max-age=25920000; includeSubdomains X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Expires: Fri, 23 Jan 2026 05:05:23 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 05:05:23 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding x-frame-options: SAMEORIGIN