Host 20.43.175.104
Singapore
Software information
Microsoft-Azure-Application-Gateway v2
tcp/443
nginx
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.43.175.104
Domain: summeruat.principal.com.my
Port: 443
URL: https://summeruat.principal.com.myFirst seen 2025-10-28 15:15
Last seen 2026-02-01 22:31
Open for 96 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-01 22:31
-
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2026-01-23 09:10
HTTP/1.1 302 Moved Temporarily Date: Fri, 23 Jan 2026 09:10:21 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2026-01-09 18:51
HTTP/1.1 302 Moved Temporarily Date: Fri, 09 Jan 2026 18:51:30 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · secure07uat.principal.com.my
2026-01-09 08:46
HTTP/1.1 403 Forbidden Server: Microsoft-Azure-Application-Gateway/v2 Date: Fri, 09 Jan 2026 08:46:15 GMT Content-Type: text/html Content-Length: 179 Connection: close Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>Microsoft-Azure-Application-Gateway/v2</center> </body> </html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2026-01-02 04:24
HTTP/1.1 302 Moved Temporarily Date: Fri, 02 Jan 2026 04:24:47 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 20.43.175.104:443 · summeruat.principal.com.my
2025-12-22 15:17
HTTP/1.1 302 Moved Temporarily Date: Mon, 22 Dec 2025 15:17:22 GMT Content-Type: text/html Content-Length: 138 Connection: close Server: nginx Location: https://summeruat.principal.com.my/backoffice/login X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=15768000 Page title: 302 Found <html> <head><title>302 Found</title></head> <body> <center><h1>302 Found</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-22 by HttpPluginCreate report