Domain creditguardian-api-dev.draycir.dev
Singapore
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.212.64.8
Domain: creditguardian-api-dev.draycir.dev
Port: 443
URL: https://creditguardian-api-dev.draycir.devFirst seen 2026-01-12 08:22
Last seen 2026-02-01 23:26
Open for 20 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549f5bd6c5b8c77449c5fbd330a4786b2a98ee1b6d8Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/v1/companies/search GET /api/v1/credit-reports GET /api/v1/credit-reports/job/{jobId} GET /api/v1/credit-reports/ltd/{creditReportId} GET /api/v1/credit-reports/payment-status/{checkoutId} GET /api/v1/credit-reports/price GET /api/v1/risks/summary POST /api/v1/credit-reports/checkout POST /api/v1/credit-reports/ltd PUT /api/v1/credit-reports/{creditReportId}/readFound on 2026-02-01 23:26
-
-
Open service 20.212.64.8:443 · creditguardian-api-dev.draycir.dev
2026-01-22 12:00
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 12:01:25 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Request-Context: appId=cid-v1:751dfaaf-601e-48e2-b594-834e0d02914b Content-Security-Policy: default-src 'self';object-src 'none';media-src 'none';frame-src 'none';font-src 'none';connect-src 'none';frame-ancestors 'none' X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: Deny X-Download-Options: noopen Referrer-Policy: strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies: none
Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.212.64.8:443 · creditguardian-api-dev.draycir.dev
2026-01-12 08:22
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Mon, 12 Jan 2026 08:23:44 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Request-Context: appId=cid-v1:751dfaaf-601e-48e2-b594-834e0d02914b Content-Security-Policy: default-src 'self';object-src 'none';media-src 'none';frame-src 'none';font-src 'none';connect-src 'none';frame-ancestors 'none' X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: Deny X-Download-Options: noopen Referrer-Policy: strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies: none
Found 2026-01-12 by HttpPluginCreate report
-
Open service 20.212.64.8:80 · creditguardian-api-dev.draycir.dev
2026-01-12 08:22
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 12 Jan 2026 08:23:42 GMT Location: https://creditguardian-api-dev.draycir.dev/
Found 2026-01-12 by HttpPluginCreate report