Domain tadatodo.com
United States
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-04 10:55
Last seen 2026-01-09 16:40
Open for 66 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff4333ea16c08d3248ebd804fc787f946d27b405848aPublic Swagger UI/API detected at path: /swagger.json - sample paths: DELETE /projects/{projectId}/cards/{cardId} DELETE /projects/{projectId}/cards/{cardId}/metadata/{key} DELETE /projects/{projectId}/columns/{columnId} DELETE /projects/{projectId}/rows/{rowId} GET /plugins/{pluginId}/data/{key} GET /plugins/{pluginId}/entities/{entityId}/data/{key} GET /projects/{projectId} GET /projects/{projectId}/rows GET /users/me PATCH /projects/{projectId}/cards/move PATCH /projects/{projectId}/cards/move-by-metadata PATCH /projects/{projectId}/columns/{columnId}/rename PATCH /projects/{projectId}/order-rows PATCH /projects/{projectId}/rename PATCH /projects/{projectId}/rows/{rowId}/order-columns PATCH /projects/{projectId}/rows/{rowId}/rename POST /organizations/{organizationId}/projects POST /plugins/{pluginId}/entities/{entityId}/exchange-code POST /projects/{projectId}/cards/{cardId}/alias POST /projects/{projectId}/cards/{cardId}/metadata POST /projects/{projectId}/columns/{columnId}/cards POST /projects/{projectId}/plugins/{pluginId} POST /projects/{projectId}/rows/{rowId}/columnsFound on 2026-01-09 16:40
-
-
Open service 216.198.79.1:443 · tadatodo.com
2026-01-09 16:40
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 3544745 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline Content-Length: 1497 Content-Security-Policy: script-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io https://*.google-analytics.com https://*.googleapis.com Content-Type: text/html; charset=utf-8 Date: Fri, 09 Jan 2026 16:40:41 GMT Etag: "53164531caafc2d7d1b7634225c20151" Last-Modified: Sat, 29 Nov 2025 16:01:36 GMT Permissions-Policy: geolocation=* Referrer-Policy: no-referrer-when-downgrade Server: Vercel Strict-Transport-Security: max-age=63072000 X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Robots-Tag: noindex X-Vercel-Cache: HIT X-Vercel-Id: fra1::qd9ln-1767976841568-407b68072e83 X-Xss-Protection: 1; mode=block Connection: close Page title: Tadatodo <!doctype html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="icon" href="/images/logo.svg" type="image/x-icon" /> <link rel="shortcut icon" href="/images/logo.svg" type="image/x-icon" /> <!-- meta start --> <title>Tadatodo</title> <meta name="description" content="Opinionated but extendable task management" /> <meta itemprop="name" content="Tadatodo" /> <meta itemprop="description" content="Opinionated but extendable task management" /> <meta itemprop="image" content="https://tadatodo.com/images/logo.svg" /> <meta property="og:url" content="https://tadatodo.com" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Tadatodo" /> <meta property="og:description" content="Opinionated but extendable task management." /> <meta property="og:image" content="https://asabanan.com/images/logo.svg" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Tadatodo" /> <meta name="twitter:description" content="Opinionated but extendable task management." /> <meta name="twitter:image" content="https://tadatodo.com/images/logo.svg" /> <!-- meta end --> <script type="module" crossorigin src="/assets/index.js"></script> <link rel="stylesheet" crossorigin href="/assets/index.css"> </head> <body> <div id="app"></div> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · tadatodo.com
2026-01-01 22:01
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 3072715 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline Content-Length: 1497 Content-Security-Policy: script-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io https://*.google-analytics.com https://*.googleapis.com Content-Type: text/html; charset=utf-8 Date: Thu, 01 Jan 2026 22:01:45 GMT Etag: "53164531caafc2d7d1b7634225c20151" Last-Modified: Thu, 27 Nov 2025 08:29:49 GMT Permissions-Policy: geolocation=* Referrer-Policy: no-referrer-when-downgrade Server: Vercel Strict-Transport-Security: max-age=63072000 X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Robots-Tag: noindex X-Vercel-Cache: HIT X-Vercel-Id: sin1::glmsf-1767304904997-60cc1a6b55ab X-Xss-Protection: 1; mode=block Connection: close Page title: Tadatodo <!doctype html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="icon" href="/images/logo.svg" type="image/x-icon" /> <link rel="shortcut icon" href="/images/logo.svg" type="image/x-icon" /> <!-- meta start --> <title>Tadatodo</title> <meta name="description" content="Opinionated but extendable task management" /> <meta itemprop="name" content="Tadatodo" /> <meta itemprop="description" content="Opinionated but extendable task management" /> <meta itemprop="image" content="https://tadatodo.com/images/logo.svg" /> <meta property="og:url" content="https://tadatodo.com" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Tadatodo" /> <meta property="og:description" content="Opinionated but extendable task management." /> <meta property="og:image" content="https://asabanan.com/images/logo.svg" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Tadatodo" /> <meta name="twitter:description" content="Opinionated but extendable task management." /> <meta name="twitter:image" content="https://tadatodo.com/images/logo.svg" /> <!-- meta end --> <script type="module" crossorigin src="/assets/index.js"></script> <link rel="stylesheet" crossorigin href="/assets/index.css"> </head> <body> <div id="app"></div> </body> </html>Found 2026-01-01 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · tadatodo.com
2025-12-30 06:32
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 2911151 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline Content-Length: 1497 Content-Security-Policy: script-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io https://*.google-analytics.com https://*.googleapis.com Content-Type: text/html; charset=utf-8 Date: Tue, 30 Dec 2025 06:32:21 GMT Etag: "53164531caafc2d7d1b7634225c20151" Last-Modified: Wed, 26 Nov 2025 13:53:09 GMT Permissions-Policy: geolocation=* Referrer-Policy: no-referrer-when-downgrade Server: Vercel Strict-Transport-Security: max-age=63072000 X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Robots-Tag: noindex X-Vercel-Cache: HIT X-Vercel-Id: iad1::p4sj9-1767076341702-6b6f32fed067 X-Xss-Protection: 1; mode=block Connection: close Page title: Tadatodo <!doctype html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="icon" href="/images/logo.svg" type="image/x-icon" /> <link rel="shortcut icon" href="/images/logo.svg" type="image/x-icon" /> <!-- meta start --> <title>Tadatodo</title> <meta name="description" content="Opinionated but extendable task management" /> <meta itemprop="name" content="Tadatodo" /> <meta itemprop="description" content="Opinionated but extendable task management" /> <meta itemprop="image" content="https://tadatodo.com/images/logo.svg" /> <meta property="og:url" content="https://tadatodo.com" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Tadatodo" /> <meta property="og:description" content="Opinionated but extendable task management." /> <meta property="og:image" content="https://asabanan.com/images/logo.svg" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Tadatodo" /> <meta name="twitter:description" content="Opinionated but extendable task management." /> <meta name="twitter:image" content="https://tadatodo.com/images/logo.svg" /> <!-- meta end --> <script type="module" crossorigin src="/assets/index.js"></script> <link rel="stylesheet" crossorigin href="/assets/index.css"> </head> <body> <div id="app"></div> </body> </html>Found 2025-12-30 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · tadatodo.com
2025-12-22 14:51
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1982999 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline Content-Length: 1497 Content-Security-Policy: script-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io https://*.google-analytics.com https://*.googleapis.com Content-Type: text/html; charset=utf-8 Date: Mon, 22 Dec 2025 14:51:35 GMT Etag: "53164531caafc2d7d1b7634225c20151" Last-Modified: Sat, 29 Nov 2025 16:01:36 GMT Permissions-Policy: geolocation=* Referrer-Policy: no-referrer-when-downgrade Server: Vercel Strict-Transport-Security: max-age=63072000 X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Robots-Tag: noindex X-Vercel-Cache: HIT X-Vercel-Id: fra1::njnw4-1766415095691-02bc01085306 X-Xss-Protection: 1; mode=block Connection: close Page title: Tadatodo <!doctype html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="icon" href="/images/logo.svg" type="image/x-icon" /> <link rel="shortcut icon" href="/images/logo.svg" type="image/x-icon" /> <!-- meta start --> <title>Tadatodo</title> <meta name="description" content="Opinionated but extendable task management" /> <meta itemprop="name" content="Tadatodo" /> <meta itemprop="description" content="Opinionated but extendable task management" /> <meta itemprop="image" content="https://tadatodo.com/images/logo.svg" /> <meta property="og:url" content="https://tadatodo.com" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Tadatodo" /> <meta property="og:description" content="Opinionated but extendable task management." /> <meta property="og:image" content="https://asabanan.com/images/logo.svg" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Tadatodo" /> <meta name="twitter:description" content="Opinionated but extendable task management." /> <meta name="twitter:image" content="https://tadatodo.com/images/logo.svg" /> <!-- meta end --> <script type="module" crossorigin src="/assets/index.js"></script> <link rel="stylesheet" crossorigin href="/assets/index.css"> </head> <body> <div id="app"></div> </body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · tadatodo.com
2025-12-20 12:54
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Age: 1803177 Cache-Control: public, max-age=0, must-revalidate Content-Disposition: inline Content-Length: 1497 Content-Security-Policy: script-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io https://*.google-analytics.com https://*.googleapis.com Content-Type: text/html; charset=utf-8 Date: Sat, 20 Dec 2025 12:54:33 GMT Etag: "53164531caafc2d7d1b7634225c20151" Last-Modified: Sat, 29 Nov 2025 16:01:36 GMT Permissions-Policy: geolocation=* Referrer-Policy: no-referrer-when-downgrade Server: Vercel Strict-Transport-Security: max-age=63072000 X-Content-Type-Options: nosniff X-Frame-Options: DENY X-Robots-Tag: noindex X-Vercel-Cache: HIT X-Vercel-Id: fra1::tjnf4-1766235273786-57492f590fa2 X-Xss-Protection: 1; mode=block Connection: close Page title: Tadatodo <!doctype html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <link rel="icon" href="/images/logo.svg" type="image/x-icon" /> <link rel="shortcut icon" href="/images/logo.svg" type="image/x-icon" /> <!-- meta start --> <title>Tadatodo</title> <meta name="description" content="Opinionated but extendable task management" /> <meta itemprop="name" content="Tadatodo" /> <meta itemprop="description" content="Opinionated but extendable task management" /> <meta itemprop="image" content="https://tadatodo.com/images/logo.svg" /> <meta property="og:url" content="https://tadatodo.com" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Tadatodo" /> <meta property="og:description" content="Opinionated but extendable task management." /> <meta property="og:image" content="https://asabanan.com/images/logo.svg" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="Tadatodo" /> <meta name="twitter:description" content="Opinionated but extendable task management." /> <meta name="twitter:image" content="https://tadatodo.com/images/logo.svg" /> <!-- meta end --> <script type="module" crossorigin src="/assets/index.js"></script> <link rel="stylesheet" crossorigin href="/assets/index.css"> </head> <body> <div id="app"></div> </body> </html>Found 2025-12-20 by HttpPluginCreate report