Host 35.164.227.112
United States
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-02 17:26
Last seen 2026-01-28 01:22
Open for 56 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-28 01:22
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-02 17:26
Last seen 2026-01-16 02:29
Open for 44 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-16 02:29
-
-
Open service 35.164.227.112:443 ยท api.loanpal.com
2026-01-23 00:18
HTTP/1.1 403 Forbidden x-amzn-RequestId: 4414577b-0f87-406a-8283-3fadbc5e3308 Content-Length: 25 Date: Fri, 23 Jan 2026 00:19:28 GMT Connection: close <AccessDeniedException/>
Found 2026-01-23 by HttpPluginCreate report