Host 165.22.0.225
United States
Software information
nginx 1.18.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-07 05:49
Last seen 2026-02-12 03:57
Open for 66 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-12 03:57
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-10 06:44
Last seen 2026-02-08 18:10
Open for 60 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-08 18:10
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-11 09:34
Last seen 2026-01-29 18:46
Open for 49 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-29 18:46
-
-
Open service 165.22.0.225:443 ยท prod.api.wishfarms.com
2026-01-23 09:27
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Fri, 23 Jan 2026 09:27:23 GMT Content-Type: text/html; charset=utf-8 Content-Length: 139 Connection: close Access-Control-Allow-Origin: * X-DNS-Prefetch-Control: off X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none' Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 165.22.0.225:5001
2026-01-22 14:36
HTTP/1.1 404 Not Found Access-Control-Allow-Origin: * X-DNS-Prefetch-Control: off X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Content-Length: 139 Date: Thu, 22 Jan 2026 14:36:25 GMT Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2026-01-22 by HttpPluginCreate report
-
Open service 165.22.0.225:443
2026-01-22 13:24
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Thu, 22 Jan 2026 13:24:20 GMT Content-Type: text/html; charset=utf-8 Content-Length: 139 Connection: close Access-Control-Allow-Origin: * X-DNS-Prefetch-Control: off X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none' Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2026-01-22 by HttpPluginCreate report