Domain admin-api.sitestage.top
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-14 15:39
Last seen 2026-01-16 13:43
Open for 1 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-16 13:43
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-14 15:39
Last seen 2026-02-01 23:56
Open for 18 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-01 23:56
-
-
Open service 104.18.35.15:443 ยท admin-api.sitestage.top
2026-01-22 21:57
HTTP/1.1 404 Not Found Date: Thu, 22 Jan 2026 21:57:26 GMT Content-Type: text/plain Content-Length: 18 Connection: close Server: cloudflare Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: Content-Type, AccessToken, X-CSRF-Token, Authorization, Token, lang, tgSecretKey Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS Access-Control-Expose-Headers: Content-Length, Authorization, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, Set-Cookie, X-Requested-With Access-Control-Max-Age: 3600 cf-cache-status: DYNAMIC Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TcbIhoRu0gIW2iX2SGz2Eh98WKvVuV7NxTE9g5FKd3GXmWpMlPvcIRseKyOX6i8dX%2Bf36gP9v5p0jqTv4LvHE4BY4eqTMePb4nRJJpj2qvH9tVTDc4%2Bk"}]} CF-RAY: 9c224e94ed24d2f2-FRA alt-svc: h3=":443"; ma=86400 404 page not foundFound 2026-01-22 by HttpPluginCreate report