Domain www.xiaole.pw
Singapore
Software information
nginx
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-20 08:19
Last seen 2026-02-16 02:35
Open for 118 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-16 02:35
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-08 01:05
Last seen 2026-02-02 08:33
Open for 56 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-02 08:33
-
-
Open service 43.159.99.31:80 · www.xiaole.pw
2026-01-23 00:29
HTTP/1.1 301 Moved Permanently Server: nginx Content-Type: text/html Location: https://www.xiaole.pw/ Strict-Transport-Security: max-age=31536000 Content-Length: 162 Connection: close Date: Fri, 23 Jan 2026 00:29:57 GMT EO-LOG-UUID: 9018859306047135145 EO-Cache-Status: MISS NEL: {"success_fraction":0.1,"report_to":"eo-nel","max_age":604800} Report-To: {"endpoints":[{"url":"https://nel.teo-rum.com/eo-cgi/nel"}],"group":"eo-nel","max_age":604800} Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx</center> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 43.159.99.31:443 · www.xiaole.pw
2026-01-23 00:28
HTTP/1.1 200 OK Server: nginx Content-Type: text/html Vary: Accept-Encoding Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Language: zh-CN Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin set-cookie: XSRF-TOKEN=e607e7ee-9d8e-4dba-82de-ea40974c3423; Path=/; HTTPOnly Strict-Transport-Security: max-age=31536000 Cache-Control: must-revalidate, no-cache, no-store, max-age=0 Transfer-Encoding: chunked Connection: close Date: Fri, 23 Jan 2026 00:28:25 GMT EO-LOG-UUID: 4977508972849119273 EO-Cache-Status: MISS NEL: {"success_fraction":0.1,"report_to":"eo-nel","max_age":604800} Report-To: {"endpoints":[{"url":"https://nel.teo-rum.com/eo-cgi/nel"}],"group":"eo-nel","max_age":604800}Found 2026-01-23 by HttpPluginCreate report