Domain api-academix.site
United States
Software information
Vercel
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-27 01:57
Last seen 2026-01-08 23:55
Open for 73 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-08 23:55
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-27 18:16
Last seen 2026-01-08 21:52
Open for 73 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-08 21:52
-
-
Open service 216.198.79.1:443 · api-academix.site
2026-01-08 23:55
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Thu, 08 Jan 2026 23:55:28 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::lkxqd-1767916526606-8be99a334838 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2026-01-08 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · www.api-academix.site
2026-01-08 21:52
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Thu, 08 Jan 2026 21:52:30 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::kpb2d-1767909150156-facac92eea41 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2026-01-08 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · www.api-academix.site
2026-01-02 14:39
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 14:39:55 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: sfo1::iad1::f72s2-1767364793395-550079d4b8bc X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api-academix.site
2026-01-02 01:36
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 01:36:08 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::wqt5f-1767317765250-70883aed0916 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · www.api-academix.site
2026-01-01 04:53
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Thu, 01 Jan 2026 04:53:09 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: sin1::iad1::bvcns-1767243188866-49a84ec300ab X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2026-01-01 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · www.api-academix.site
2026-01-01 04:53
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Thu, 01 Jan 2026 04:53:08 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::vrhqt-1767243188358-86da02d62576 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2026-01-01 by HttpPluginCreate report
-
Open service 64.29.17.1:80 · www.api-academix.site
2026-01-01 04:53
HTTP/1.0 308 Permanent Redirect Content-Type: text/plain Location: https://www.api-academix.site/ Refresh: 0;url=https://www.api-academix.site/ server: Vercel Redirecting...
Found 2026-01-01 by HttpPluginCreate report
-
Open service 216.198.79.1:80 · www.api-academix.site
2026-01-01 04:53
HTTP/1.0 308 Permanent Redirect Content-Type: text/plain Location: https://www.api-academix.site/ Refresh: 0;url=https://www.api-academix.site/ server: Vercel Redirecting...
Found 2026-01-01 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · www.api-academix.site
2025-12-27 23:07
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 27 Dec 2025 23:07:57 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: lhr1::iad1::g2g4l-1766876877013-817fd0d1e2bd X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2025-12-27 by HttpPluginCreate report
-
Open service 64.29.17.1:443 · www.api-academix.site
2025-12-27 23:07
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 27 Dec 2025 23:07:56 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::s4m6s-1766876876495-1f6f85f869e4 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2025-12-27 by HttpPluginCreate report
-
Open service 64.29.17.1:80 · www.api-academix.site
2025-12-27 23:07
HTTP/1.0 308 Permanent Redirect Content-Type: text/plain Location: https://www.api-academix.site/ Refresh: 0;url=https://www.api-academix.site/ server: Vercel Redirecting...
Found 2025-12-27 by HttpPluginCreate report
-
Open service 216.198.79.1:80 · www.api-academix.site
2025-12-27 23:07
HTTP/1.0 308 Permanent Redirect Content-Type: text/plain Location: https://www.api-academix.site/ Refresh: 0;url=https://www.api-academix.site/ server: Vercel Redirecting...
Found 2025-12-27 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api-academix.site
2025-12-23 02:42
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 23 Dec 2025 02:42:31 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: lhr1::iad1::qqpw9-1766457748633-c6a2398d6952 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2025-12-23 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · www.api-academix.site
2025-12-23 02:12
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 23 Dec 2025 02:12:46 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::8h8mq-1766455964147-e3594542ddbe X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2025-12-23 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · www.api-academix.site
2025-12-20 21:44
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 20 Dec 2025 21:44:53 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::fzkq7-1766267090822-5480c1b0a47e X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2025-12-20 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api-academix.site
2025-12-20 13:21
HTTP/1.1 404 Not Found Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0, must-revalidate Content-Length: 50 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: application/json; charset=utf-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 20 Dec 2025 13:21:18 GMT Etag: W/"32-iE0NscbIu552aDnH9cWXddBXEIE" Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: iad1::iad1::rqkpt-1766236876329-c9f965627983 X-Xss-Protection: 0 Connection: close {"success":false,"message":"Route - / Not Found"}Found 2025-12-20 by HttpPluginCreate report