Domain datstartup.com
United States
Software information
CloudFront
tcp/80
nginx 1.18.0
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-01 05:15
Last seen 2026-01-09 08:26
Open for 69 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549bdf7b48b7fcaa913c31ce20c21da744f7008a931Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/Attachment/Files DELETE /api/Investor/PublicDelete/{id} DELETE /api/Startup/PublicDelete/{id} GET / GET /WeatherForecast GET /WeatherForecast/normalize GET /api/Claims GET /api/Claims/GetClaimByRole/{name} GET /api/Claims/GetClaimsUser GET /api/Claims/{id} GET /api/CommonOptions GET /api/CommonOptions/ByType/{type} GET /api/CommonOptions/{id} GET /api/Dashboard GET /api/Dashboard/Investor GET /api/DraftVC/{id} GET /api/Evento GET /api/Evento/Slug/{slug} GET /api/Evento/{id} GET /api/Investor GET /api/Investor/Slug/{slug} GET /api/Investor/Todo GET /api/Investor/{id} GET /api/Permissions GET /api/Permissions/{id} GET /api/Public/Todo GET /api/Roles GET /api/Roles/ByName/{name} GET /api/Roles/GetRolesUserByID/{id} GET /api/Roles/Select GET /api/Roles/{id} GET /api/Startup GET /api/Startup/Industries GET /api/Startup/Slug/{slug} GET /api/Startup/Todo GET /api/Startup/{id} GET /api/User GET /api/User/ConfirmEmail/{userId}/{code} GET /api/User/SetPassword/{id} GET /api/User/{id} GET /api/admin/Startup GET /api/admin/Startup/Industries GET /api/admin/Startup/Slug/{slug} GET /api/admin/Startup/StartupIntros GET /api/admin/Startup/Todo GET /api/admin/Startup/{id} GET /api/user/claims GET /api/userinfo GET /connect/authorize GET /connect/logout POST /api/Attachment POST /api/Claims/AddToRole POST /api/DraftVC POST /api/Evento/IncreaseAssistant/{id} POST /api/Graphql POST /api/Investor/Rate/{id} POST /api/Roles/AddRoleToUser/{id} POST /api/Roles/RemoveRoleToUser/{id} POST /api/Startup/Rate/{id} POST /api/Upload/Investors POST /api/Upload/Startups POST /api/User/AcceptInvestor/{userId}/{accept} POST /api/User/AcceptStartup/{userId}/{accept} POST /api/User/ChangePassword POST /api/User/ForgotPassword/{username} POST /api/User/GetIntro/{startupId} POST /api/User/Register POST /api/User/ResetPassword/{id} POST /api/User/ResetPasswordConfirmation/{userId} POST /api/User/SendTestEmail POST /api/User/SendVerificationEmail/{email} POST /api/User/TakeInvestor/{investorId} POST /api/User/TakeStartup/{startupId} POST /api/User/VerifyUserName/{email} POST /api/admin/Startup/Rate/{id} POST /connect/token PUT /api/Attachment/{id} PUT /api/User/SetDarkMode PUT /api/User/SetMaximizedWindows PUT /api/User/UpdatePhotoProfile PUT /api/User/UpdateProfileFound on 2026-01-09 08:26
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-15 12:24
Last seen 2026-01-09 09:39
Open for 54 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549bdf7b48bd22601d636cda95c347d2b4f8f87aaa5Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/Attachment/Files GET / GET /WeatherForecast GET /api/Claims GET /api/Claims/GetClaimByRole/{name} GET /api/Claims/GetClaimsUser GET /api/Claims/{id} GET /api/CommonOptions GET /api/CommonOptions/ByType/{type} GET /api/CommonOptions/{id} GET /api/Dashboard GET /api/Dashboard/Investor GET /api/Investor GET /api/Investor/Slug/{slug} GET /api/Investor/Todo GET /api/Investor/{id} GET /api/Permissions GET /api/Permissions/{id} GET /api/Roles GET /api/Roles/ByName/{name} GET /api/Roles/GetRolesUserByID/{id} GET /api/Roles/Select GET /api/Roles/{id} GET /api/Startup GET /api/Startup/Industries GET /api/Startup/Slug/{slug} GET /api/Startup/Todo GET /api/Startup/{id} GET /api/User GET /api/User/ConfirmEmail/{userId}/{code} GET /api/User/SetPassword/{id} GET /api/User/VerifyUserName/{phone} GET /api/User/{id} GET /api/admin/Startup GET /api/admin/Startup/Industries GET /api/admin/Startup/Slug/{slug} GET /api/admin/Startup/Todo GET /api/admin/Startup/{id} GET /api/user/claims GET /api/userinfo GET /connect/authorize GET /connect/logout POST /api/Attachment POST /api/Claims/AddToRole POST /api/Graphql POST /api/Roles/AddRoleToUser/{id} POST /api/Roles/RemoveRoleToUser/{id} POST /api/Startup/Rate/{id} POST /api/Upload/Investors POST /api/Upload/Startups POST /api/User/ChangePassword POST /api/User/ForgotPassword/{username} POST /api/User/ResetPassword/{id} POST /api/User/ResetPasswordConfirmation/{userId} POST /api/User/SendTestEmail POST /api/User/SendVerificationEmail/{email} POST /api/admin/Startup/Rate/{id} POST /connect/token PUT /api/Attachment/{id} PUT /api/User/SetDarkMode PUT /api/User/SetMaximizedWindows PUT /api/User/UpdatePhotoProfile PUT /api/User/UpdateProfileFound on 2026-01-09 09:39
-
-
Open service 18.173.154.38:80 · datstartup.com
2026-01-10 04:22
HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Sat, 10 Jan 2026 04:22:16 GMT Content-Type: text/html Content-Length: 167 Connection: close Location: https://datstartup.com/ X-Cache: Redirect from cloudfront Via: 1.1 129b4a1f09d5313624ec15fced944d6e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: RJVYWpzuYTAoab_N3XtumCL2zrUeFTTWNcH-jozJcAhwEetqf_ve7Q== Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>CloudFront</center> </body> </html>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.35:443 · datstartup.com
2026-01-10 04:22
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Date: Sat, 10 Jan 2026 04:22:17 GMT x-powered-by: Next.js Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 d45f06116647d4cd21c9ad69cb1b14fc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: ww54M4ur9RQhmcJnYa3HxefPsQPchh68q81XTeRNf0TkG4BFJiUuDw==
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.35:80 · datstartup.com
2026-01-10 04:22
HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Sat, 10 Jan 2026 04:22:16 GMT Content-Type: text/html Content-Length: 167 Connection: close Location: https://datstartup.com/ X-Cache: Redirect from cloudfront Via: 1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: QbgfqzyZdb32Q8xRgRvF8495b3MogQWzsaoTFXk6YXZJ07LzQ3jX-Q== Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>CloudFront</center> </body> </html>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.12:80 · datstartup.com
2026-01-10 04:22
HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Sat, 10 Jan 2026 04:22:16 GMT Content-Type: text/html Content-Length: 167 Connection: close Location: https://datstartup.com/ X-Cache: Redirect from cloudfront Via: 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: o7WR97vyKSRHMCA6qytsHq9EyI3iCPJb5dR4ywJ4GDsD4oq6T1SS-w== Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>CloudFront</center> </body> </html>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.100:443 · datstartup.com
2026-01-10 04:22
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Date: Sat, 10 Jan 2026 04:22:17 GMT x-powered-by: Next.js Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: TERGah6L6TQIDzMk1zskmX4hBqe_vIj3TzHdzGg2UX27deDPs0JPyw==
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.38:443 · datstartup.com
2026-01-10 04:22
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Date: Sat, 10 Jan 2026 04:22:17 GMT x-powered-by: Next.js Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: zn2ED5rRIDDlIhovlpxGaNi_ZS8ux6gjfM-rRMechLfCeCdauo192g==
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.12:443 · datstartup.com
2026-01-10 04:22
HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Date: Sat, 10 Jan 2026 04:22:16 GMT x-powered-by: Next.js Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: evp5dKsF2b3zCDjiTBiQhSSEC7nU6zNeH53nK-FfD5WpcMOkheapeQ==
Found 2026-01-10 by HttpPluginCreate report
-
Open service 18.173.154.100:80 · datstartup.com
2026-01-10 04:22
HTTP/1.1 301 Moved Permanently Server: CloudFront Date: Sat, 10 Jan 2026 04:22:15 GMT Content-Type: text/html Content-Length: 167 Connection: close Location: https://datstartup.com/ X-Cache: Redirect from cloudfront Via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: MUC50-P3 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: 20fH0IIJZyk_syyeb-0LQbV9wSQOnJseFW-AmDtZFmFbae5a2YMZEg== Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>CloudFront</center> </body> </html>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 34.228.233.170:443 · stg-api.datstartup.com
2026-01-09 09:39
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 09:39:12 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2026-01-09 by HttpPluginCreate report
-
Open service 52.23.60.53:443 · api.datstartup.com
2026-01-09 08:26
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 08:26:04 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2026-01-09 by HttpPluginCreate report
-
Open service 34.228.233.170:80 · stg-api.datstartup.com
2026-01-01 08:42
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Thu, 01 Jan 2026 08:42:59 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://stg-api.datstartup.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>
Found 2026-01-01 by HttpPluginCreate report
-
Open service 34.228.233.170:443 · stg-api.datstartup.com
2026-01-01 08:42
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 01 Jan 2026 08:42:59 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2026-01-01 by HttpPluginCreate report
-
Open service 52.23.60.53:443 · api.datstartup.com
2025-12-31 11:52
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 31 Dec 2025 11:52:31 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2025-12-31 by HttpPluginCreate report
-
Open service 52.23.60.53:80 · api.datstartup.com
2025-12-31 11:52
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Wed, 31 Dec 2025 11:52:31 GMT Content-Type: text/html Content-Length: 178 Connection: close Location: https://api.datstartup.com/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>
Found 2025-12-31 by HttpPluginCreate report
-
Open service 52.23.60.53:443 · api.datstartup.com
2025-12-30 08:52
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Tue, 30 Dec 2025 08:52:03 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2025-12-30 by HttpPluginCreate report
-
Open service 52.23.60.53:443 · api.datstartup.com
2025-12-22 08:32
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 22 Dec 2025 08:32:31 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2025-12-22 by HttpPluginCreate report
-
Open service 52.23.60.53:443 · api.datstartup.com
2025-12-20 08:30
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Sat, 20 Dec 2025 08:30:19 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Language: es Strict-Transport-Security: max-age=63072000; includeSubdomains; preload Referrer-Policy: no-referrer, strict-origin-when-cross-origin X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Welcome to DatStartup API
Found 2025-12-20 by HttpPluginCreate report