cloudflare
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
Public Swagger UI/API detected at path: /swagger/index.html
Open service 104.21.70.173:443 ยท me-evm.txlabs.io
2026-01-23 00:22
HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2026 00:22:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 63
Connection: close
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
vary: Origin
via: 1.1 Caddy
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HZ70o55JB5ei2Q%2B9Yd3ZB3hkoXSTtIYXqZh8tg7HCs0zkS7ZxtTMQMrmWWm%2FKkxyJ1Sbe8%2BCFZ4EQvn5Mv%2BemsJ7NHhngZTJwQoDyb2Tg%2Bk%3D"}]}
Server: cloudflare
CF-RAY: 9c2323793f670adc-AMS
{"message":"Cannot GET /","error":"Not Found","statusCode":404}