cloudflare
tcp/443
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354912b32655236970edb6dfdfb8757c712554d2d5f3
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/admin/users
GET /api/admin/users/{id}
GET /api/configs
GET /api/configs/{id}
GET /api/configs/{id}/services
GET /api/labels/service
GET /api/me
GET /api/networks
GET /api/networks/{id}
GET /api/networks/{id}/services
GET /api/nodes
GET /api/nodes/ts
GET /api/nodes/{id}
GET /api/nodes/{id}/tasks
GET /api/placement
GET /api/plugin/log
GET /api/plugin/network
GET /api/plugin/volume
GET /api/public/repositories
GET /api/repository/ports
GET /api/repository/tags
GET /api/secrets
GET /api/secrets/{id}
GET /api/secrets/{id}/services
GET /api/services
GET /api/services/ts/cpu
GET /api/services/ts/memory
GET /api/services/{id}
GET /api/services/{id}/compose
GET /api/services/{id}/logs
GET /api/services/{id}/networks
GET /api/services/{id}/tasks
GET /api/stacks
GET /api/stacks/{name}/compose
GET /api/stacks/{name}/configs
GET /api/stacks/{name}/file
GET /api/stacks/{name}/networks
GET /api/stacks/{name}/secrets
GET /api/stacks/{name}/services
GET /api/stacks/{name}/tasks
GET /api/stacks/{name}/volumes
GET /api/stats
GET /api/tasks
GET /api/tasks/{id}
GET /api/tasks/{name}/ts
GET /api/volumes
GET /api/volumes/{name}
GET /api/volumes/{name}/services
POST /api/nodes/{id}/dashboard
POST /api/services/{id}/dashboard
POST /api/services/{id}/redeploy
POST /api/services/{id}/rollback
POST /api/services/{id}/stop
POST /api/stacks/{name}
POST /api/stacks/{name}/deactivate
POST /api/stacks/{name}/redeploy
POST /api/stacks/{name}/rollback
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
Public Swagger UI/API detected at path: /swagger/index.html
Open service 172.67.155.67:443 ยท swarm.pice.one
2026-01-23 09:51
HTTP/1.1 200 OK
Date: Fri, 23 Jan 2026 09:51:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Server: cloudflare
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Server-Timing: cfEdge;dur=26,cfOrigin;dur=457
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xQPL5Rc9rhOqEiELhFrF%2FVnTUYzHl6oQi1%2FpKtJHN3bUjFooFFwjwmM%2Bs3q7kkfpa6tEzp84a2x1m4jv26XmXtYIxixrx6sV25dlbFzh"}]}
CF-RAY: 9c2664d5bd0cfea4-AMS
alt-svc: h3=":443"; ma=86400
Page title: swarmpit
<!DOCTYPE html>
<html lang="en">
<head>
<title>swarmpit</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=0" />
<meta name="description" content="Lightweight Docker Swarm management UI" />
<meta name="theme-color" content="#65519f" />
<link rel="apple-touch-icon" sizes="180x180" href="icon/apple-touch-icon.png?v=2" />
<link rel="icon" type="image/png" sizes="32x32" href="icon/favicon-32x32.png?v=2" />
<link rel="icon" type="image/png" sizes="16x16" href="icon/favicon-16x16.png?v=2" />
<link rel="mask-icon" href="icon/safari-pinned-tab.svg?v=2" color="#5bbad5" />
<link rel="manifest" href="manifest.json" />
<link rel="stylesheet" href="css/rc-slider.css" type="text/css" />
<link rel="stylesheet" href="css/codemirror.css" type="text/css" />
<link rel="stylesheet" href="css/codemirror-lint.css" type="text/css" />
<link href="css/main.css?r=551d63525f07dc444e36bc59493c02a9ae96cbce" rel="stylesheet" /></head>
<body>
<div id="layout">
</div>
<div id="message">
</div>
<div id="progress">
</div>
<script>
window.isUpdateAvailable = new Promise(function (resolve, reject) {
if ("serviceWorker" in navigator && ["localhost", "127"].indexOf(location.hostname) === -1) {
window.addEventListener("load", function () {
navigator.serviceWorker.register("sw.js").then(function (registration) {
console.log("ServiceWorker registration successful with scope: ", registration.scope);
registration.onupdatefound = function () {
var installingWorker = registration.installing;
installingWorker.onstatechange = function () {
switch (installingWorker.state) {
case "installed":
if (navigator.serviceWorker.controller) {
resolve(registration);
} else {
resolve(false);
}
break;
}
}
}
}).catch(function (err) {
console.log("ServiceWorker registration failed: ", err);
reject(err);
});
});
}
});
</script>
<script src="js/main.js?r=551d63525f07dc444e36bc59493c02a9ae96cbce"></script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015" integrity="sha512-ZpsOmlRQV6y907TI0dKBHq9Md29nnaEIPlkf84rnaERnq6zvWvPUqr2ft8M1aS28oN72PdrCzSjY4U6VaAw1EQ==" data-cf-beacon='{"version":"2024.11.0","token":"214dc49be9634afb914e8c277278ca32","r":1,"server_timing":{"name":{"cfCacheStatus":true,"cfEdge":true,"cfExtPri":true,"cfL4":true,"cfOrigin":true,"cfSpeedBrain":true},"location_startswith":null}}' crossorigin="anonymous"></script>
</body>
</html>