Kestrel
tcp/80
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
Public Swagger UI/API detected at path: /swagger/index.html
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
Public Swagger UI/API detected at path: /swagger/index.html
Open service 20.50.2.65:80 ยท sustainability.deheus-apps.com
2026-01-23 03:46
HTTP/1.1 302 Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 03:46:42 GMT Server: Kestrel Location: https://login.microsoftonline.com/1004261b-dfb7-4f37-830f-7438cb8a1b69/oauth2/v2.0/authorize?client_id=e0280f81-80e4-4438-8f3c-ec07c7740228&redirect_uri=http%3A%2F%2Fsustainability.deheus-apps.com%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=639047368025312671.MDM5NGM2MDYtNWE3Yi00MWI1LWI4ZGMtNDI1Y2NiNGJlNjBkN2FlMzdkZTUtYjY0My00NGQ2LTg2MzItYzU5OGNiNmNmYzIz&client_info=1&x-client-brkrver=IDWeb.3.5.0.0&state=CfDJ8Bwaf3VXKFJAgHbHu8HwSpzje_KvT3_g-oi_aWizRdmbEBrEeVkvnEc03OYf3LGxdsvswDQ_pgaOJvz7xSfd6hKWfBulmk25ouXM3d1Fm2XDBz8RjMgdJZAUEhN0pkVH8FVC5u3ROJLDYIN3rNLibUzzYMTe5XUQYPt_b6NugeccAiJdxwpnp_225Nr7FUyRSjt0VAIn7zYzJNwT1sAOO_pbE2chRHcNfpN7WdaNQbFcelKx4pP8Ci3hLh2bRByNoW2xSuG3h2cV-WR5_NG6m_05SN6foBoS2u-0dbMjg55hYj3HUEFozWXrHoDjlzDh_A&x-client-SKU=ID_NET9_0&x-client-ver=8.3.0.0 Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8Bwaf3VXKFJAgHbHu8HwSpwasS28yUgVuk3vmAvNkvdFFJqpTsL6aYqROoAhOt5xPAkQEeCa6-oQqA35t7Zu29x1yDVwdMGL_skV_nuSBkCVyfNUP__AXS_CBCJ-LOo-sZOycblJX93-JybZmu51hV8LkR7Urp8-0QWQUrUMr21vQUUZxUsPN7OzTrWMRttTQrgDhHqXUh19-4fidjV5lS99qwyIVJgO6wTFVNiNZMrObmlkPug66YzfSzQ6S6-iEbGsXCVjSSVThMLJ9jyKIs8=N; expires=Fri, 23 Jan 2026 04:01:42 GMT; path=/signin-oidc; secure; samesite=none; httponly Set-Cookie: .AspNetCore.Correlation.cXIJadHSH7ukL2QgIAhKOpy3KwkkXTMIk6d0CIQDejo=N; expires=Fri, 23 Jan 2026 04:01:42 GMT; path=/signin-oidc; secure; samesite=none; httponly