Domain v2c6f1.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-11 17:12-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2025-12-11 17:12
-
-
Open service 104.18.22.148:443 · v2c6f1.com
2026-01-22 21:00
HTTP/1.1 403 Forbidden Date: Thu, 22 Jan 2026 21:00:58 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Set-Cookie: __cf_bm=i0OsQXGVLBnxsHHWAHi5BHeYx7gfuY9rJqJy2tBsanE-1769115658-1.0.1.1-uSXjbjPiEG1qoel.V.7VMYKL1cwsexmTls5BxICNqA9aXw1Jxvppp30zVhi6Mr0n7aPgmvZpa4SoAipgtNJO00k7ES3mQEms_bzBaln4Gj8; path=/; expires=Thu, 22-Jan-26 21:30:58 GMT; domain=.v2c6f1.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 9c21fbdf981acfb0-SJC Page title: Erro <!DOCTYPE html><html lang="pt"><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1,viewport-fit=cover"><title>Erro</title><style>body{margin:0;background:#1a1919;color:#fff;display:flex;flex-direction:column;align-items:center;justify-content:center;height:100vh;font-family:system-ui,sans-serif;text-align:center}.i{background:#ff3b30;border-radius:50%;width:90px;height:90px;display:flex;align-items:center;justify-content:center;margin-bottom:20px}.i svg{width:55%;height:55%}.t{opacity:.8}</style><div class=i><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 90 90"><circle cx="45" cy="45" r="45" fill="#ff3b30"/><g fill="#fff" clip-path="url(#a)"><path d="m64 50-2-1v4H26V29l1-1h14l3-4H27q-5 0-5 5v27q0 5 5 6h14v2H31l-2 2 2 2h25l2-2-2-2H45v-2h15q5-1 5-6v-7z"/><path d="m39 34-1-1-2 1-1-2-2-2-1 2 2 3v1l-1 2v1h7zm8 15-4-4v-1l-2-3h-7l-3-1a1 1 0 0 0-1-2 1 1 0 0 0-1 2q0 3 4 4v1l-4 4 1 1 1-1 2-1q2 4 7 3l3-3 2 1 1 1zm3-11h10l-5-10zm6 0h-2v-2h2zm0-3h-2v-3h2z"/><path d="M55 22q-12 1-13 13c-1 12 6 12 13 12q11-1 12-12c1-11-6-13-12-13m6 17H50l-1-1v-1l5-10 1-1 1 1 5 10z"/></g><defs><clipPath id="a"><path fill="#fff" d="M22 22h45v46H22z"/></clipPath></defs></svg></div><div id=t class=t>Parâmetros inválidos</div><script>const m=["Parâmetros inválidos","Servidor temporariamente indisponível","Sessão expirada","Falha de rede","Página não encontrada","Erro desconhecido"];t.textContent=m[Math.random()*m.length|0];</script> <script>(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'9c21fbdf981acfb0',t:'MTc2OTExNTY1OC4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();</script>Found 2026-01-22 by HttpPluginCreate report