Domain graph.demo.workai.cloud
The Netherlands
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-22 00:11
Last seen 2026-02-09 18:17
Open for 79 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b73509b9c7a87891c30cfc00c33911884ccb5Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET / GET /.well-known/oauth-authorization-server GET /api/config GET /api/limits GET /api/products GET /open-api/{service}/swagger.json GET /proxy-openapi/swagger.jsonFound on 2026-02-09 18:17
-
-
Open service 13.69.68.16:443 ยท graph.demo.workai.cloud
2026-01-23 07:14
HTTP/1.1 200 OK Connection: close Content-Type: application/json; charset=utf-8 Date: Fri, 23 Jan 2026 07:14:56 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=cd65eecb78f3b5d85f93f8c6ab30a80a8ba28d68531769e86e4d284cc7411840;Path=/;HttpOnly;Secure;Domain=graph.demo.workai.cloud Set-Cookie: ARRAffinitySameSite=cd65eecb78f3b5d85f93f8c6ab30a80a8ba28d68531769e86e4d284cc7411840;Path=/;HttpOnly;SameSite=None;Secure;Domain=graph.demo.workai.cloud Transfer-Encoding: chunked "healthy"
Found 2026-01-23 by HttpPluginCreate report