Domain dev-api.grore.com.au
United States
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-09 22:53
Last seen 2026-01-09 12:27
Open for 30 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-09 12:27
-
-
Open service 64.29.17.1:443 · dev-api.grore.com.au
2026-01-09 12:27
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 12:27:04 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Content-Type-Options: nosniff X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::kg6p5-1767961624051-a4dc2a265404 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · dev-api.grore.com.au
2026-01-02 15:31
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Fri, 02 Jan 2026 15:31:21 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Content-Type-Options: nosniff X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::vzbjw-1767367879929-7bf2c9352c57 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · dev-api.grore.com.au
2025-12-22 15:19
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Mon, 22 Dec 2025 15:19:30 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Content-Type-Options: nosniff X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: sin1::iad1::2hpng-1766416768402-bd232e84a9c4 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2025-12-22 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · dev-api.grore.com.au
2025-12-20 18:28
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: * Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 139 Content-Security-Policy: default-src 'none' Content-Type: text/html; charset=utf-8 Date: Sat, 20 Dec 2025 18:28:57 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 Vary: Origin X-Content-Type-Options: nosniff X-Powered-By: Express X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::8g96x-1766255336196-b110f2edcf82 Connection: close Page title: Error <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>Error</title> </head> <body> <pre>Cannot GET /</pre> </body> </html>
Found 2025-12-20 by HttpPluginCreate report