Domain credithound-api-dev.draycir.dev
Singapore
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.212.64.8
Domain: credithound-api-dev.draycir.dev
Port: 443
URL: https://credithound-api-dev.draycir.devFirst seen 2026-01-13 05:12
Last seen 2026-02-02 12:49
Open for 20 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-02 12:49
-
-
Open service 20.212.64.8:443 ยท credithound-api-dev.draycir.dev
2026-01-22 19:37
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 19:38:25 GMT Via: HTTP/1.1 asia (a:1;f:1;d:asia) Request-Context: appId=cid-v1:b93c2c5c-7dee-4108-9c03-3873fa28a411 Request-Context: appId=cid-v1:1f934921-cf64-4de8-bd2b-7988d5a7a652 Content-Security-Policy: default-src 'self';object-src 'none';media-src 'none';frame-src 'none';font-src 'none';connect-src 'none';frame-ancestors 'none' X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Download-Options: noopen Referrer-Policy: strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies: none
Found 2026-01-22 by HttpPluginCreate report