Domain api.clicanddive.com
United States
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-05 14:16
Last seen 2026-01-09 18:20
Open for 35 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 18:20
-
-
Open service 64.29.17.1:443 · api.clicanddive.com
2026-01-09 18:20
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 63 Content-Type: application/json; charset=utf-8 Date: Fri, 09 Jan 2026 18:20:33 GMT Etag: W/"3f-hrQvgNWK7WjS+g1E6DN2+1crnPM" Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: fra1::cdg1::7fl9n-1767982832960-6613f81e2aa8 Connection: close {"status":"success","message":"ClicDive API server is running"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · api.clicanddive.com
2026-01-02 22:10
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 63 Content-Type: application/json; charset=utf-8 Date: Fri, 02 Jan 2026 22:10:03 GMT Etag: W/"3f-hrQvgNWK7WjS+g1E6DN2+1crnPM" Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: fra1::cdg1::6wr6c-1767391803315-3390a07b7247 Connection: close {"status":"success","message":"ClicDive API server is running"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · api.clicanddive.com
2025-12-23 03:47
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 63 Content-Type: application/json; charset=utf-8 Date: Tue, 23 Dec 2025 03:47:58 GMT Etag: W/"3f-hrQvgNWK7WjS+g1E6DN2+1crnPM" Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: iad1::cdg1::d7nvd-1766461674586-892f8b0e2792 Connection: close {"status":"success","message":"ClicDive API server is running"}Found 2025-12-23 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · api.clicanddive.com
2025-12-21 10:38
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 63 Content-Type: application/json; charset=utf-8 Date: Sun, 21 Dec 2025 10:38:36 GMT Etag: W/"3f-hrQvgNWK7WjS+g1E6DN2+1crnPM" Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: iad1::cdg1::qvsjf-1766313516145-3e456baa943c Connection: close {"status":"success","message":"ClicDive API server is running"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · api.clicanddive.com
2025-12-19 09:08
HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 63 Content-Type: application/json; charset=utf-8 Date: Fri, 19 Dec 2025 09:08:34 GMT Etag: W/"3f-hrQvgNWK7WjS+g1E6DN2+1crnPM" Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: sin1::cdg1::vf8rn-1766135313911-1a11151097e4 Connection: close {"status":"success","message":"ClicDive API server is running"}Found 2025-12-19 by HttpPluginCreate report