Domain operate-dev.xendee.com
United States
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-11 23:03
Last seen 2026-02-02 12:43
Open for 21 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-02 12:43
-
-
Open service 20.119.8.49:443 · operate-dev.xendee.com
2026-01-22 19:45
HTTP/1.1 302 Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 19:45:37 GMT Location: /index.html Request-Context: appId=cid-v1:89c6e7db-0c79-49ec-8d77-73bc09a428d5 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN
Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.119.8.49:443 · operate-dev.xendee.com
2026-01-11 23:03
HTTP/1.1 302 Found Content-Length: 0 Connection: close Date: Sun, 11 Jan 2026 23:04:33 GMT Location: /index.html Request-Context: appId=cid-v1:89c6e7db-0c79-49ec-8d77-73bc09a428d5 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN
Found 2026-01-11 by HttpPluginCreate report
-
Open service 20.119.8.49:80 · operate-dev.xendee.com
2026-01-11 23:03
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sun, 11 Jan 2026 23:04:34 GMT Location: https://operate-dev.xendee.com/
Found 2026-01-11 by HttpPluginCreate report