Domain clapped.me
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 17:34
Last seen 2025-12-25 04:11
Open for 25 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb461c08073bad262b1bbe0d947b38ba5de8abcea7ePublic Swagger UI/API detected at path: /api/swagger.json - sample paths: DELETE /api-keys/{key_id} DELETE /invitations/{invitation_id} DELETE /users/{user_id} GET /admins GET /api-keys GET /invitations GET /libraries GET /servers GET /status GET /users POST /users/{user_id}/disable POST /users/{user_id}/enable POST /users/{user_id}/extend POST /users/{user_id}/reset-password PUT /users/{user_id}/update-expiryFound on 2025-12-25 04:11 -
Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb461c08073bad262b1bbe0d947b38ba5de09fece9fPublic Swagger UI/API detected at path: /api/swagger.json - sample paths: DELETE /api-keys/{key_id} DELETE /invitations/{invitation_id} DELETE /users/{user_id} GET /admins GET /api-keys GET /invitations GET /libraries GET /servers GET /status GET /users POST /users/{user_id}/disable POST /users/{user_id}/enable POST /users/{user_id}/extend PUT /users/{user_id}/update-expiryFound on 2025-12-01 20:57
-
-
Git configuration and history exposed
The following URL (usually
/.git/config) is publicly accessible and is leaking source code and repository configuration.First seen 2023-03-12 18:50-
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65229deaa075[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = https://github.com/hummusbird/website fetch = +refs/heads/*:refs/remotes/origin/* [branch "main"] remote = origin merge = refs/heads/main [branch "simple"] remote = origin merge = refs/heads/simple
Found on 2023-03-12 18:50320 Bytes
-