Kestrel
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b94f5e91cd3d1e84cdfc71f841363abe37eeb94f
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /SpeechToTextJobs/GetDailyStatsBySource
GET /SpeechToTextJobs/GetHistoryJob
GET /SpeechToTextJobs/GetLastJobDoneByPriority
GET /SpeechToTextJobs/GetSpeechToTextJobByKey/{jobKey}
GET /SpeechToTextJobs/GetSpeechToTextJobs
GET /SpeechToTextJobs/GetStatTasksDoneByPriority
GET /SpeechToTextJobs/GetStatTasksSubmittedByPriority
GET /SpeechToTextJobs/GetStatsByDatetime
GET /SpeechToTextJobs/GetStatsByStatus
GET /SpeechToTextJobs/GetSubmittedJobsByNumber
GET /SpeechToTextJobs/GetTotal
GET /SpeechToTextJobs/TotalQueueTime
GET /SpeechToTextJobs/{id}
GET /Transcription/xml
Open service 20.105.224.46:443 · stt-api-prd.rts.ch
2026-01-22 21:54
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 21:55:21 GMT Server: Kestrel x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000 Request-Context: appId=cid-v1:02e2dbd4-ebee-4cba-890d-f8c5680d1cef
Open service 20.105.224.46:443 · stt-api-prd.rts.ch
2026-01-05 14:36
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Mon, 05 Jan 2026 14:36:36 GMT Server: Kestrel x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000 Request-Context: appId=