cloudflare
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
Public Swagger UI/API detected at path: /api-docs/swagger.json
Open service 172.67.75.33:443 ยท media.adityav.au
2026-01-23 05:31
HTTP/1.1 307 Temporary Redirect
Date: Fri, 23 Jan 2026 05:31:40 GMT
Transfer-Encoding: chunked
Connection: close
alt-svc: h3=":443"; ma=86400
location: /login
referrer-policy: strict-origin-when-cross-origin
Set-Cookie: _csrf=ahThlPcsT9w6X4Xui-N1qmsX; Path=/; HttpOnly; Secure; SameSite=Strict
Set-Cookie: XSRF-TOKEN=3ohGXWPF-A8EpgafES1DHZVlod9atXO8jibE; Path=/; Secure; SameSite=Strict
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 Caddy
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Speculation-Rules: "/cdn-cgi/speculation"
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=4,cfOrigin;dur=238
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zZ363ypbDpx4PDrlA33ubt51VGxU1NmHD90IfUk0SSlkJ%2FwZYyGTnS6H7QDlNevK4BAexfBkfe943oPPvgU42hLZdAJG2T6oXMRPSsTaLIw%3D"}]}
Server: cloudflare
CF-RAY: 9c24e7f62a2795be-BLR