Domain auth.wocmd.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-18 12:24
Last seen 2026-02-02 09:45
Open for 106 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-02 09:45
-
-
Open service 104.18.185.26:443 ยท auth.wocmd.com
2026-01-23 05:54
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 05:55:00 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Server: cloudflare Server-Timing: cfCacheStatus;desc="DYNAMIC" Server-Timing: cfEdge;dur=8,cfOrigin;dur=707 Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=b0BgAwZXWaZ4PWd1SGn1JQGc2u5zuNI7MGUv%2Fr1TFf8NXF1xd%2F3qg7Dgd2nn77xYWx3BIszQbjtc6c85%2FmxpBZGJcE26gEHN%2BzdcSniV"}]} last-modified: Wed, 21 Jan 2026 09:40:29 GMT Set-Cookie: casdoor_session_id=87445bc1d79cd54f79e402a02c376f53; Path=/; Expires=Sun, 22 Feb 2026 05:54:52 GMT; Max-Age=2592000; HttpOnly x-served-by: auth.wocmd.com cf-cache-status: DYNAMIC vary: accept-encoding Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Strict-Transport-Security: max-age=15552000; preload X-Content-Type-Options: nosniff Speculation-Rules: "/cdn-cgi/speculation" CF-RAY: 9c250a223d6d90a8-YYZ alt-svc: h3=":443"; ma=86400 Page title: Casdoor <!doctype html><html lang="en"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Casdoor - An Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS"/><link rel="apple-touch-icon" href="https://cdn.casbin.org/img/favicon.png"/><link rel="manifest" href="https://cdn.casbin.org/site/casdoor/manifest.json"/><title>Casdoor</title><script defer="defer" src="/static/js/main.44a9cbc8.js" type="5b669634c66a444c93b795fe-text/javascript"></script><link href="/static/css/main.f35879a1.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script src="/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js" data-cf-settings="5b669634c66a444c93b795fe-|49" defer></script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015" integrity="sha512-ZpsOmlRQV6y907TI0dKBHq9Md29nnaEIPlkf84rnaERnq6zvWvPUqr2ft8M1aS28oN72PdrCzSjY4U6VaAw1EQ==" data-cf-beacon='{"version":"2024.11.0","token":"1814fcb4249d4597835c66837eb32832","r":1,"server_timing":{"name":{"cfCacheStatus":true,"cfEdge":true,"cfExtPri":true,"cfL4":true,"cfOrigin":true,"cfSpeedBrain":true},"location_startswith":null}}' crossorigin="anonymous"></script> </body></html>Found 2026-01-23 by HttpPluginCreate report