Domain showcase.deheus-apps.com
The Netherlands
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-20 09:52
Last seen 2026-01-16 10:34
Open for 57 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-16 10:34
-
-
Open service 20.105.224.34:443 ยท showcase.deheus-apps.com
2026-01-23 08:51
HTTP/1.1 302 Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 08:52:10 GMT Server: Kestrel Location: https://login.microsoftonline.com/1004261b-dfb7-4f37-830f-7438cb8a1b69/oauth2/v2.0/authorize?client_id=15292c74-acb4-4bc7-a3d0-fcc3d1887549&redirect_uri=https%3A%2F%2Fshowcase.deheus-apps.com%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=639047551306696901.N2I3NDUzOTktNTQyYS00NDAzLWJhMzUtYWRkMWRkMjY5ODlkMGM1MTM2MGQtNGE3YS00NTMwLWI3MGQtNTkwMTNlYmQzMWYx&state=CfDJ8Nww0R5IjVlFg77NUEkqxoSkvTl0zGDJdFE2Qm8KmPVUJjh0iqhyuls8yi5TALAheSL2d5S8tBLUjOE0tNFMFjojIZ3ypcK97iqBhRCZ6Kek-oZF4kAiLYJzj6BTXAqsR5ejGLXW9Z1RrHFabLj_br6OR4nhpuhGYRPUWhoms9ko5U0PNehPU_Wcs7Sdl51ihDYHoWvQoktMznvhWjvXM_k5I97gT6apaW-DEk6Jw5cTLxuSQRyuo7EVhVT8N4uxvHieLQN354qSeDtnetNI4zkKxMrzjzVRDmWmbNwmzpNj8NuwnqcYTBjhLsE5iFJ9tw&x-client-SKU=ID_NET9_0&x-client-ver=8.9.0.0 Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Nww0R5IjVlFg77NUEkqxoTk2XvPFkZo64V4qBOEaIpSZYjVDibH_H2RG9n9bb1TyUb5pYm2O0d1lKrH_UKe5AeFKJXnjI30UGAj1Z4dneYpisHhNN7PvzpKp0q6z1cjxFtm2ZaqSPlYeVYR8edOXvEQT01QtdcLN6uKlI2XtwKL7wG0Chf4jGNTvos71a7KIsycY7f48COmwStJw8MseqAEBWJAOWHHmI4ixp15ww20mPovYYsHXbxAzVJ0MIlUyar8Wk8uTgaaouboiBCAWtY=N; expires=Fri, 23 Jan 2026 09:07:10 GMT; path=/signin-oidc; secure; samesite=none; httponly Set-Cookie: .AspNetCore.Correlation.k5BH7Wz4cXuY4y_7nBtEX0HkfiGwEo6ArrOOcViJEqY=N; expires=Fri, 23 Jan 2026 09:07:10 GMT; path=/signin-oidc; secure; samesite=none; httponly Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:1aa2dfd0-e5ae-4eac-8873-850756e1d79b
Found 2026-01-23 by HttpPluginCreate report