How to expose internal cloud run service

I’ve setup WARP, cloudflared tunnel into the vpc, created the application with my user as allowed to access the app. However, when trying to dig or to curl the application main url (in the form of XXX.a.run.app), I’m getting the 404 from the GCP. When trying to curl the same url from the server on which cloudflared is setup, I’m getting the application.

What am I missing? Can WARP somehow catch the url and redirect the traffic through the tunnel via the vpc?