Domain blog.gotab.cn
Singapore
Software information
openresty
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-16 16:01
Last seen 2026-02-09 17:51
Open for 116 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-09 17:51
-
-
Open service 43.159.98.20:443 ยท blog.gotab.cn
2026-01-23 10:55
HTTP/1.1 200 OK Server: openresty Content-Type: text/html Vary: Accept-Encoding Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Language: zh-CN Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin set-cookie: XSRF-TOKEN=fd06545a-3bf5-447c-9450-561fbe397340; Path=/; HTTPOnly Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: must-revalidate, no-cache, no-store, max-age=0 Transfer-Encoding: chunked Connection: close Date: Fri, 23 Jan 2026 10:56:14 GMT EO-LOG-UUID: 7571642417479989687 EO-Cache-Status: MISS NEL: {"success_fraction":0.1,"report_to":"eo-nel","max_age":604800} Report-To: {"endpoints":[{"url":"https://nel.teo-rum.com/eo-cgi/nel"}],"group":"eo-nel","max_age":604800}Found 2026-01-23 by HttpPluginCreate report