Kestrel
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
Public Swagger UI/API detected at path: /swagger/index.html
Open service 20.105.232.44:443 ยท khchatbot.khmr.gov.ua
2026-01-22 19:23
HTTP/1.1 200 OK
Content-Length: 459
Connection: close
Content-Type: text/html
Date: Thu, 22 Jan 2026 19:24:27 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1db9e855c10b64b"
Last-Modified: Wed, 26 Mar 2025 19:29:15 GMT
Request-Context: appId=cid-v1:12b34a17-61e0-4fff-83f4-3c1f89caa9e9
Page title: Vite + React
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/vite.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Vite + React</title>
<script type="module" crossorigin src="/assets/index-B8rDl1QQ.js"></script>
<link rel="stylesheet" crossorigin href="/assets/index-BY0ek5j5.css">
</head>
<body>
<div id="root"></div>
</body>
</html>