Domain tesla77.eu.org
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-06 03:59
Last seen 2026-02-09 18:10
Open for 65 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-09 18:10
-
-
Open service 104.21.87.196:443 ยท tesla77.eu.org
2026-01-23 10:40
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 10:40:25 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close access-control-allow-origin: * Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KsrBemS%2F7Wn9MqF4nYCwX8hv2cvQlJgygetKVtlpHvwNK%2BXOPTz%2FAHfdMe351m4iDc3hEtRTTCMU2OXhDYY%2BNmsz0Ts8yVjI5%2Bxs3A%3D%3D"}]} content-security-policy: default-src 'self' ; connect-src *; font-src 'self' data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' 'sha256-aui5xYk3Lu1dQcnsPlNZI+qDTdfzdUv3fzsw80VLJgw=' ; style-src 'self' 'unsafe-inline' Server: cloudflare vary: Accept-Encoding x-content-type-options: nosniff x-frame-options: sameorigin x-instance-id: 8ddf5635-0386-4950-888a-f1681dcfd04c x-powered-by: Express x-xss-protection: 1 cf-cache-status: DYNAMIC Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} CF-RAY: 9c26ac388e185f58-SIN alt-svc: h3=":443"; ma=86400 Page title: wf <!DOCTYPE html> <html> <head> <link rel="stylesheet" type="text/css" class="__meteor-css__" href="/e37e3a526aace32e4ea71108fc18652f860ce79f.css?meteor_css_resource=true"> <script id="scripts" type="text/javascript" src="/scripts_887a5339b2625a8970658c4f5f9bd94f1067ab7a.js"></script> <meta name="referrer" content="same-origin" /> <link rel="icon" sizes="16x16" type="image/png" href=/assets/favicon_16.png /> <link rel="icon" sizes="32x32" type="image/png" href=/assets/favicon_32.png /> <link rel="icon" sizes="any" type="image/svg+xml" href=/assets/favicon.svg /> <title>wf</title><meta name="application-name" content="wf"><meta name="apple-mobile-web-app-title" content="wf"> <meta http-equiv="content-language" content=""><meta name="language" content=""> <meta name="robots" content="INDEX,FOLLOW"> <meta name="msvalidate.01" content=""> <meta name="google-site-verification" content=""> <meta property="fb:app_id" content=""> <base href="/"> </head> <body> <noscript style="color: white; text-align:center"> You need to enable JavaScript to run this app. </noscript> <div id="react-root"> <div class="page-loading" role="alert" aria-busy="true" aria-live="polite" aria-label="loading"> <div class="loading__animation"> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> </div> </div> </div> <style id='css-variables'> :root {}</style> <script type="text/javascript" src="/meteor_runtime_config.js?hash=920951b0f2618deeb1e51d5321bb48d6266b117e"></script> <script type="text/javascript" src="/3054b8907c5ff9acb854316cc540d0d364e126dc.js?meteor_js_resource=true"></script> </body> </html>Found 2026-01-23 by HttpPluginCreate report