Domain chat.jmepham.com
Software information
cloudflare
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-14 20:39
Last seen 2026-02-11 20:39
Open for 120 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-11 20:39
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-14 20:39
Last seen 2026-02-11 20:39
Open for 120 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-11 20:39
-
-
Open service 172.67.146.175:443 · chat.jmepham.com
2026-01-23 11:13
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 11:13:24 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Server: cloudflare Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} X-XSS-Protection: 1 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Security-Policy: default-src 'self' ; connect-src *; font-src 'self' data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' 'sha256-aui5xYk3Lu1dQcnsPlNZI+qDTdfzdUv3fzsw80VLJgw=' ; style-src 'self' 'unsafe-inline' X-Instance-ID: 6b9c9d32-7717-4a58-bc49-3017b9af97ec Access-Control-Allow-Origin: * X-Powered-By: Express Vary: Accept-Encoding Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZzXBTAgpFeUERKVnYY1Vq4cu4Or%2B5mJ7R%2FOHFCmQnPUZKN%2F%2Big4SigVS8z6YwRriGaFAdPoOhrk7SrLx7%2B0CRfc4k74F2HNZnJHphNsW6jE%3D"}]} X-Served-By: chat.jmepham.com cf-cache-status: DYNAMIC CF-RAY: 9c26dc91aec35d94-FRA alt-svc: h3=":443"; ma=86400 Page title: Jon Family <!DOCTYPE html> <html> <head> <link rel="stylesheet" type="text/css" class="__meteor-css__" href="/e37e3a526aace32e4ea71108fc18652f860ce79f.css?meteor_css_resource=true"> <script id="scripts" type="text/javascript" src="/scripts_887a5339b2625a8970658c4f5f9bd94f1067ab7a.js"></script> <meta name="referrer" content="same-origin" /> <link rel="icon" sizes="16x16" type="image/png" href=/assets/favicon_16.png /> <link rel="icon" sizes="32x32" type="image/png" href=/assets/favicon_32.png /> <link rel="icon" sizes="any" type="image/svg+xml" href=/assets/favicon.svg /> <title>Jon Family</title><meta name="application-name" content="Jon Family"><meta name="apple-mobile-web-app-title" content="Jon Family"> <meta http-equiv="content-language" content=""><meta name="language" content=""> <meta name="robots" content="INDEX,FOLLOW"> <meta name="msvalidate.01" content=""> <meta name="google-site-verification" content=""> <meta property="fb:app_id" content=""> <base href="/"> </head> <body> <noscript style="color: white; text-align:center"> You need to enable JavaScript to run this app. </noscript> <div id="react-root"> <div class="page-loading" role="alert" aria-busy="true" aria-live="polite" aria-label="loading"> <div class="loading__animation"> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> </div> </div> </div> <style id='css-variables'> :root {}</style> <script type="text/javascript" src="/meteor_runtime_config.js?hash=f8ac241acc6c5a4f1071395466c4c86bf211a97e"></script> <script type="text/javascript" src="/3054b8907c5ff9acb854316cc540d0d364e126dc.js?meteor_js_resource=true"></script> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 104.21.65.153:80 · chat.jmepham.com
2026-01-23 05:42
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 05:42:56 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Server: cloudflare Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} X-XSS-Protection: 1 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Security-Policy: default-src 'self' ; connect-src *; font-src 'self' data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' 'sha256-aui5xYk3Lu1dQcnsPlNZI+qDTdfzdUv3fzsw80VLJgw=' ; style-src 'self' 'unsafe-inline' X-Instance-ID: 6b9c9d32-7717-4a58-bc49-3017b9af97ec Access-Control-Allow-Origin: * X-Powered-By: Express Vary: Accept-Encoding Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=pdv5dWrIqH6t5k%2F0uGS3r4CapMX6MkD9Gogzyq8wDMpvwmYVqSbXZzFQ7yxb76n95Y2FihS0C1ScbVpxRNbRzIEh26kEqa64Tx%2FgLJfNopo%3D"}]} X-Served-By: chat.jmepham.com cf-cache-status: DYNAMIC CF-RAY: 9c24f87b4cd78c73-EWR alt-svc: h3=":443"; ma=86400 Page title: Jon Family <!DOCTYPE html> <html> <head> <link rel="stylesheet" type="text/css" class="__meteor-css__" href="/e37e3a526aace32e4ea71108fc18652f860ce79f.css?meteor_css_resource=true"> <script id="scripts" type="text/javascript" src="/scripts_887a5339b2625a8970658c4f5f9bd94f1067ab7a.js"></script> <meta name="referrer" content="same-origin" /> <link rel="icon" sizes="16x16" type="image/png" href=/assets/favicon_16.png /> <link rel="icon" sizes="32x32" type="image/png" href=/assets/favicon_32.png /> <link rel="icon" sizes="any" type="image/svg+xml" href=/assets/favicon.svg /> <title>Jon Family</title><meta name="application-name" content="Jon Family"><meta name="apple-mobile-web-app-title" content="Jon Family"> <meta http-equiv="content-language" content=""><meta name="language" content=""> <meta name="robots" content="INDEX,FOLLOW"> <meta name="msvalidate.01" content=""> <meta name="google-site-verification" content=""> <meta property="fb:app_id" content=""> <base href="/"> </head> <body> <noscript style="color: white; text-align:center"> You need to enable JavaScript to run this app. </noscript> <div id="react-root"> <div class="page-loading" role="alert" aria-busy="true" aria-live="polite" aria-label="loading"> <div class="loading__animation"> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> </div> </div> </div> <style id='css-variables'> :root {}</style> <script type="text/javascript" src="/meteor_runtime_config.js?hash=f8ac241acc6c5a4f1071395466c4c86bf211a97e"></script> <script type="text/javascript" src="/3054b8907c5ff9acb854316cc540d0d364e126dc.js?meteor_js_resource=true"></script> </body> </html>Found 2026-01-23 by HttpPluginCreate report