LeakIX - Host api-prod.ugcpoint.net

Domain api-prod.ugcpoint.net

Brazil

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.206.176.5
Domain: api-prod.ugcpoint.net
Port: 80
URL: http://api-prod.ugcpoint.net

First seen 2026-01-07 06:47
Last seen 2026-02-08 19:42
Open for 32 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354954c7fa353ae05d05eda131643d58d0903805166e

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SystemNotifications/{id}
DELETE /api/accounts/me
DELETE /api/accounts/user-profile-photos
DELETE /api/accounts/video-content/{videoId}
DELETE /api/brands/brand-profile-photos/{userId}
DELETE /api/brands/team/{memberUserId}
DELETE /api/chat/messages/{messageId}
DELETE /api/chat/{chatId}
DELETE /api/content/categories/unassign
DELETE /api/notifications/installations/{installationId}
DELETE /api/payments/coupons/{couponId}
GET /api/Analytics/brand-creator-contacts
GET /api/Analytics/chat/{chatId}/messages
GET /api/Analytics/daily-activity
GET /api/Analytics/dashboard-stats
GET /api/Analytics/reviews
GET /api/SystemNotifications
GET /api/SystemNotifications/all
GET /api/SystemNotifications/unread-count
GET /api/accounts/bulk-creators/template
GET /api/accounts/confirm-email
GET /api/accounts/creators
GET /api/accounts/creators/recent
GET /api/accounts/creators/{creatorId}
GET /api/accounts/favorites
GET /api/accounts/favorites/{creatorId}
GET /api/accounts/landing-stats
GET /api/accounts/onboarding
GET /api/accounts/password-recovery/options
GET /api/accounts/profile
GET /api/accounts/users
GET /api/admin/brands/all
GET /api/admin/creators/to-approve
GET /api/admin/users
GET /api/admin/users/deleted-audits
GET /api/admin/users/stats
GET /api/admin/users/{userId}
GET /api/admin/users/{userId}/onboarding
GET /api/ai/botchat
GET /api/ai/botchat/messages
GET /api/ai/content
GET /api/ai/credits
GET /api/ai/credits/{userId}
GET /api/brands
GET /api/brands/admin/{brandId}
GET /api/brands/check-verified-company
GET /api/brands/stats
GET /api/brands/{brandId}
GET /api/campaigns/admin/search
GET /api/campaigns/applications/mutual
GET /api/campaigns/applications/my
GET /api/campaigns/applications/notifications/brand/{brandId}
GET /api/campaigns/brand/{brandId}
GET /api/campaigns/collaborations/brand/{brandId}
GET /api/campaigns/collaborations/mutual
GET /api/campaigns/collaborations/my
GET /api/campaigns/collaborations/{collaborationId}
GET /api/campaigns/featured
GET /api/campaigns/public
GET /api/campaigns/search
GET /api/campaigns/stats/brand/{brandId}
GET /api/campaigns/stats/creator/my
GET /api/campaigns/{campaignId}
GET /api/campaigns/{campaignId}/applications
GET /api/campaigns/{campaignId}/is-updatable
GET /api/campaigns/{campaignId}/stats
GET /api/chat
GET /api/chat/templates
GET /api/chat/unread-count
GET /api/chat/with-creator/{creatorId}
GET /api/chat/{chatId}/messages
GET /api/content/categories/available
GET /api/materials
GET /api/materials/{materialId}
GET /api/payments/analytics/subscriptions
GET /api/payments/coupons
GET /api/payments/subscription-plans
GET /api/payments/subscription-plans/{planId}
GET /api/payments/subscriptions/all
GET /api/payments/subscriptions/brand/{brandId}
GET /api/payments/subscriptions/check-premium
GET /api/payments/subscriptions/my-plan
GET /api/payments/transactions
GET /api/payments/transactions/export
GET /api/payments/transactions/my
GET /api/payments/transactions/{transactionId}
GET /api/payments/transactions/{transactionId}/details
GET /api/share-links/{slug}
GET /api/system/feature-flags
GET /api/system/feature-flags/by-key/{key}
GET /api/system/feature-flags/{id}
GET /api/system/mobile-app-card
GET /api/system/prompts
GET /api/system/prompts/by-key/{key}
GET /api/system/prompts/{id}
GET /api/system/proposal-access
GET /api/system/ui-errors
GET /share/{slug}
PATCH /api/Feedback/opt-out
PATCH /api/accounts/inactivate
PATCH /api/accounts/user-profile
PATCH /api/accounts/video-content/{videoId}/featured
PATCH /api/admin/users/status
PATCH /api/brands/profile
PATCH /api/campaigns/applications/{applicationId}/review
PATCH /api/campaigns/applications/{applicationId}/withdraw
PATCH /api/campaigns/collaborations/{collaborationId}/rate
PATCH /api/campaigns/collaborations/{collaborationId}/status
PATCH /api/campaigns/{campaignId}/status/cancel
PATCH /api/campaigns/{campaignId}/status/complete
PATCH /api/campaigns/{campaignId}/status/draft
PATCH /api/campaigns/{campaignId}/status/published
POST /api/Analytics/track-daily-activity
POST /api/Feedback
POST /api/SystemNotifications/mark-read
POST /api/accounts/bulk-creators/create
POST /api/accounts/bulk-creators/validate
POST /api/accounts/bulk-email
POST /api/accounts/change-password
POST /api/accounts/creators/pending/notify
POST /api/accounts/forgot-password
POST /api/accounts/password-recovery/confirm-sms
POST /api/accounts/password-recovery/request-sms
POST /api/accounts/phone/confirm
POST /api/accounts/phone/request
POST /api/accounts/phone/validate
POST /api/accounts/register
POST /api/accounts/resend-email-confirmation
POST /api/accounts/reset-password
POST /api/accounts/video-content
POST /api/admin/users/force-change-password
POST /api/admin/users/resend-email-confirmation
POST /api/admin/users/{email}/impersonate
POST /api/ai/answer-qa
POST /api/ai/content/image-from-campaign-fields
POST /api/ai/content/image-from-prompt
POST /api/ai/enhance-text
POST /api/ai/improve-draft
POST /api/ai/suggest-reply
POST /api/ai/validate-bio
POST /api/auth/academy-sso
POST /api/auth/complete-social-registration
POST /api/auth/login
POST /api/auth/login/request-code
POST /api/auth/login/with-code
POST /api/auth/logout
POST /api/auth/refresh-token
POST /api/auth/social-login
POST /api/brands/team/invite
POST /api/brands/verify
POST /api/campaigns
POST /api/campaigns/applications
POST /api/campaigns/collaborations
POST /api/chat/read
POST /api/chat/start
POST /api/chat/{chatId}/archive
POST /api/chat/{chatId}/messages/attachment
POST /api/chat/{chatId}/messages/text
POST /api/content/categories/assign
POST /api/files/upload-temp
POST /api/materials/upload
POST /api/notifications/broadcast
POST /api/payments/credits/topup
POST /api/payments/plans
POST /api/payments/subscriptions
POST /api/payments/subscriptions/onboarding-trial
POST /api/payments/subscriptions/redeem-coupon
POST /api/payments/subscriptions/{subscriptionId}/cancel
POST /api/payments/subscriptions/{subscriptionId}/reactivate
POST /api/payments/subscriptions/{subscriptionId}/update
POST /api/payments/transactions/{transactionId}/refund
POST /api/payments/webhook/stripe
POST /api/share-links
POST /api/system/proposal-access/generate
POST /api/system/proposal-access/verify
POST /api/system/ui-error
PUT /api/accounts/preferences
PUT /api/chat/templates/{id}
PUT /api/content/categories/display-order
PUT /api/notifications/installations
PUT /api/payments/plans/{planId}

Found on 2026-02-08 19:42

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354954c7fa353ae05d05eda131643d58d090267137ef

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SystemNotifications/{id}
DELETE /api/accounts/me
DELETE /api/accounts/user-profile-photos
DELETE /api/accounts/video-content/{videoId}
DELETE /api/brands/brand-profile-photos/{userId}
DELETE /api/brands/team/{memberUserId}
DELETE /api/chat/messages/{messageId}
DELETE /api/chat/{chatId}
DELETE /api/content/categories/unassign
DELETE /api/notifications/installations/{installationId}
DELETE /api/payments/coupons/{couponId}
GET /api/Analytics/brand-creator-contacts
GET /api/Analytics/chat/{chatId}/messages
GET /api/Analytics/daily-activity
GET /api/Analytics/dashboard-stats
GET /api/Analytics/reviews
GET /api/SystemNotifications
GET /api/SystemNotifications/all
GET /api/SystemNotifications/unread-count
GET /api/accounts/bulk-creators/template
GET /api/accounts/confirm-email
GET /api/accounts/creators
GET /api/accounts/creators/recent
GET /api/accounts/creators/{creatorId}
GET /api/accounts/favorites
GET /api/accounts/favorites/{creatorId}
GET /api/accounts/landing-stats
GET /api/accounts/onboarding
GET /api/accounts/password-recovery/options
GET /api/accounts/profile
GET /api/accounts/users
GET /api/admin/creators/to-approve
GET /api/admin/users
GET /api/admin/users/deleted-audits
GET /api/admin/users/stats
GET /api/admin/users/{userId}
GET /api/admin/users/{userId}/onboarding
GET /api/ai/botchat
GET /api/ai/botchat/messages
GET /api/ai/content
GET /api/ai/credits
GET /api/ai/credits/{userId}
GET /api/brands
GET /api/brands/admin/{brandId}
GET /api/brands/check-verified-company
GET /api/brands/stats
GET /api/brands/{brandId}
GET /api/campaigns/admin/search
GET /api/campaigns/applications/mutual
GET /api/campaigns/applications/my
GET /api/campaigns/applications/notifications/brand/{brandId}
GET /api/campaigns/brand/{brandId}
GET /api/campaigns/collaborations/brand/{brandId}
GET /api/campaigns/collaborations/mutual
GET /api/campaigns/collaborations/my
GET /api/campaigns/collaborations/{collaborationId}
GET /api/campaigns/featured
GET /api/campaigns/public
GET /api/campaigns/search
GET /api/campaigns/stats/brand/{brandId}
GET /api/campaigns/stats/creator/my
GET /api/campaigns/{campaignId}
GET /api/campaigns/{campaignId}/applications
GET /api/campaigns/{campaignId}/is-updatable
GET /api/campaigns/{campaignId}/stats
GET /api/chat
GET /api/chat/templates
GET /api/chat/unread-count
GET /api/chat/with-creator/{creatorId}
GET /api/chat/{chatId}/messages
GET /api/content/categories/available
GET /api/materials
GET /api/materials/{materialId}
GET /api/payments/analytics/subscriptions
GET /api/payments/coupons
GET /api/payments/subscription-plans
GET /api/payments/subscription-plans/{planId}
GET /api/payments/subscriptions/all
GET /api/payments/subscriptions/brand/{brandId}
GET /api/payments/subscriptions/check-premium
GET /api/payments/subscriptions/my-plan
GET /api/payments/transactions
GET /api/payments/transactions/export
GET /api/payments/transactions/my
GET /api/payments/transactions/{transactionId}
GET /api/payments/transactions/{transactionId}/details
GET /api/share-links/{slug}
GET /api/system/feature-flags
GET /api/system/feature-flags/by-key/{key}
GET /api/system/feature-flags/{id}
GET /api/system/mobile-app-card
GET /api/system/prompts
GET /api/system/prompts/by-key/{key}
GET /api/system/prompts/{id}
GET /api/system/proposal-access
GET /api/system/ui-errors
GET /share/{slug}
PATCH /api/Feedback/opt-out
PATCH /api/accounts/inactivate
PATCH /api/accounts/user-profile
PATCH /api/accounts/video-content/{videoId}/featured
PATCH /api/admin/users/status
PATCH /api/brands/profile
PATCH /api/campaigns/applications/{applicationId}/review
PATCH /api/campaigns/applications/{applicationId}/withdraw
PATCH /api/campaigns/collaborations/{collaborationId}/rate
PATCH /api/campaigns/collaborations/{collaborationId}/status
PATCH /api/campaigns/{campaignId}/status/cancel
PATCH /api/campaigns/{campaignId}/status/complete
PATCH /api/campaigns/{campaignId}/status/draft
PATCH /api/campaigns/{campaignId}/status/published
POST /api/Analytics/track-daily-activity
POST /api/Feedback
POST /api/SystemNotifications/mark-read
POST /api/accounts/bulk-creators/create
POST /api/accounts/bulk-creators/validate
POST /api/accounts/bulk-email
POST /api/accounts/change-password
POST /api/accounts/creators/pending/notify
POST /api/accounts/forgot-password
POST /api/accounts/password-recovery/confirm-sms
POST /api/accounts/password-recovery/request-sms
POST /api/accounts/phone/confirm
POST /api/accounts/phone/request
POST /api/accounts/phone/validate
POST /api/accounts/register
POST /api/accounts/resend-email-confirmation
POST /api/accounts/reset-password
POST /api/accounts/video-content
POST /api/admin/users/force-change-password
POST /api/admin/users/resend-email-confirmation
POST /api/admin/users/{email}/impersonate
POST /api/ai/answer-qa
POST /api/ai/content/image-from-campaign-fields
POST /api/ai/content/image-from-prompt
POST /api/ai/enhance-text
POST /api/ai/improve-draft
POST /api/ai/suggest-reply
POST /api/ai/validate-bio
POST /api/auth/complete-social-registration
POST /api/auth/login
POST /api/auth/login/request-code
POST /api/auth/login/with-code
POST /api/auth/logout
POST /api/auth/refresh-token
POST /api/auth/social-login
POST /api/brands/team/invite
POST /api/brands/verify
POST /api/campaigns
POST /api/campaigns/applications
POST /api/campaigns/collaborations
POST /api/chat/read
POST /api/chat/start
POST /api/chat/{chatId}/archive
POST /api/chat/{chatId}/messages/attachment
POST /api/chat/{chatId}/messages/text
POST /api/content/categories/assign
POST /api/files/upload-temp
POST /api/materials/upload
POST /api/notifications/broadcast
POST /api/payments/credits/topup
POST /api/payments/plans
POST /api/payments/subscriptions
POST /api/payments/subscriptions/onboarding-trial
POST /api/payments/subscriptions/redeem-coupon
POST /api/payments/subscriptions/{subscriptionId}/cancel
POST /api/payments/subscriptions/{subscriptionId}/reactivate
POST /api/payments/subscriptions/{subscriptionId}/update
POST /api/payments/transactions/{transactionId}/refund
POST /api/payments/webhook/stripe
POST /api/share-links
POST /api/system/proposal-access/generate
POST /api/system/proposal-access/verify
POST /api/system/ui-error
PUT /api/accounts/preferences
PUT /api/chat/templates/{id}
PUT /api/content/categories/display-order
PUT /api/notifications/installations
PUT /api/payments/plans/{planId}

Found on 2026-01-22 19:26

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354954c7fa353ae05d05eda131643d58d0908134af98

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SystemNotifications/{id}
DELETE /api/accounts/me
DELETE /api/accounts/user-profile-photos
DELETE /api/accounts/video-content/{videoId}
DELETE /api/brands/brand-profile-photos/{userId}
DELETE /api/brands/team/{memberUserId}
DELETE /api/chat/messages/{messageId}
DELETE /api/chat/{chatId}
DELETE /api/content/categories/unassign
DELETE /api/notifications/installations/{installationId}
DELETE /api/payments/coupons/{couponId}
GET /api/Analytics/daily-activity
GET /api/Analytics/dashboard-stats
GET /api/Analytics/reviews
GET /api/SystemNotifications
GET /api/SystemNotifications/all
GET /api/SystemNotifications/unread-count
GET /api/accounts/bulk-creators/template
GET /api/accounts/confirm-email
GET /api/accounts/creators
GET /api/accounts/creators/recent
GET /api/accounts/creators/{creatorId}
GET /api/accounts/landing-stats
GET /api/accounts/onboarding
GET /api/accounts/password-recovery/options
GET /api/accounts/profile
GET /api/accounts/users
GET /api/admin/creators/to-approve
GET /api/admin/users
GET /api/admin/users/deleted-audits
GET /api/admin/users/stats
GET /api/admin/users/{userId}
GET /api/admin/users/{userId}/onboarding
GET /api/ai/botchat
GET /api/ai/botchat/messages
GET /api/ai/content
GET /api/ai/credits
GET /api/ai/credits/{userId}
GET /api/brands
GET /api/brands/admin/{brandId}
GET /api/brands/check-verified-company
GET /api/brands/stats
GET /api/brands/{brandId}
GET /api/campaigns/admin/search
GET /api/campaigns/applications/mutual
GET /api/campaigns/applications/my
GET /api/campaigns/applications/notifications/brand/{brandId}
GET /api/campaigns/brand/{brandId}
GET /api/campaigns/collaborations/brand/{brandId}
GET /api/campaigns/collaborations/mutual
GET /api/campaigns/collaborations/my
GET /api/campaigns/collaborations/{collaborationId}
GET /api/campaigns/featured
GET /api/campaigns/public
GET /api/campaigns/search
GET /api/campaigns/stats/brand/{brandId}
GET /api/campaigns/stats/creator/my
GET /api/campaigns/{campaignId}
GET /api/campaigns/{campaignId}/applications
GET /api/campaigns/{campaignId}/is-updatable
GET /api/campaigns/{campaignId}/stats
GET /api/chat
GET /api/chat/unread-count
GET /api/chat/with-creator/{creatorId}
GET /api/chat/{chatId}/messages
GET /api/content/categories/available
GET /api/materials
GET /api/materials/{materialId}
GET /api/payments/analytics/subscriptions
GET /api/payments/coupons
GET /api/payments/subscription-plans
GET /api/payments/subscription-plans/{planId}
GET /api/payments/subscriptions/all
GET /api/payments/subscriptions/brand/{brandId}
GET /api/payments/subscriptions/check-premium
GET /api/payments/subscriptions/my-plan
GET /api/payments/transactions
GET /api/payments/transactions/export
GET /api/payments/transactions/my
GET /api/payments/transactions/{transactionId}
GET /api/payments/transactions/{transactionId}/details
GET /api/share-links/{slug}
GET /api/system/feature-flags
GET /api/system/feature-flags/by-key/{key}
GET /api/system/feature-flags/{id}
GET /api/system/mobile-app-card
GET /api/system/prompts
GET /api/system/prompts/by-key/{key}
GET /api/system/prompts/{id}
GET /api/system/proposal-access
GET /api/system/ui-errors
GET /share/{slug}
PATCH /api/Feedback/opt-out
PATCH /api/accounts/inactivate
PATCH /api/accounts/user-profile
PATCH /api/accounts/video-content/{videoId}/featured
PATCH /api/admin/users/status
PATCH /api/brands/profile
PATCH /api/campaigns/applications/{applicationId}/review
PATCH /api/campaigns/applications/{applicationId}/withdraw
PATCH /api/campaigns/collaborations/{collaborationId}/rate
PATCH /api/campaigns/collaborations/{collaborationId}/status
PATCH /api/campaigns/{campaignId}/status/cancel
PATCH /api/campaigns/{campaignId}/status/complete
PATCH /api/campaigns/{campaignId}/status/draft
PATCH /api/campaigns/{campaignId}/status/published
POST /api/Analytics/track-daily-activity
POST /api/Feedback
POST /api/SystemNotifications/mark-read
POST /api/accounts/bulk-creators/create
POST /api/accounts/bulk-creators/validate
POST /api/accounts/bulk-email
POST /api/accounts/change-password
POST /api/accounts/creators/pending/notify
POST /api/accounts/forgot-password
POST /api/accounts/password-recovery/confirm-sms
POST /api/accounts/password-recovery/request-sms
POST /api/accounts/phone/confirm
POST /api/accounts/phone/request
POST /api/accounts/register
POST /api/accounts/resend-email-confirmation
POST /api/accounts/reset-password
POST /api/accounts/video-content
POST /api/admin/users/force-change-password
POST /api/admin/users/resend-email-confirmation
POST /api/admin/users/{email}/impersonate
POST /api/ai/content/image-from-campaign-fields
POST /api/ai/content/image-from-image
POST /api/ai/content/image-from-prompt
POST /api/ai/content/video-from-prompt-image
POST /api/auth/complete-social-registration
POST /api/auth/login
POST /api/auth/login/request-code
POST /api/auth/login/with-code
POST /api/auth/logout
POST /api/auth/refresh-token
POST /api/auth/social-login
POST /api/brands/team/invite
POST /api/brands/verify
POST /api/campaigns
POST /api/campaigns/applications
POST /api/campaigns/collaborations
POST /api/chat/read
POST /api/chat/start
POST /api/chat/{chatId}/archive
POST /api/chat/{chatId}/messages/attachment
POST /api/chat/{chatId}/messages/text
POST /api/content/categories/assign
POST /api/files/upload-temp
POST /api/materials/upload
POST /api/notifications/broadcast
POST /api/payments/credits/topup
POST /api/payments/plans
POST /api/payments/subscriptions
POST /api/payments/subscriptions/onboarding-trial
POST /api/payments/subscriptions/redeem-coupon
POST /api/payments/subscriptions/{subscriptionId}/cancel
POST /api/payments/subscriptions/{subscriptionId}/reactivate
POST /api/payments/subscriptions/{subscriptionId}/update
POST /api/payments/transactions/{transactionId}/refund
POST /api/payments/webhook/stripe
POST /api/share-links
POST /api/system/proposal-access/generate
POST /api/system/proposal-access/verify
POST /api/system/ui-error
PUT /api/accounts/preferences
PUT /api/content/categories/display-order
PUT /api/notifications/installations
PUT /api/payments/plans/{planId}

Found on 2026-01-17 13:44

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354954c7fa353ae05d05eda131643d58d0908e0d4ca3

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SystemNotifications/{id}
DELETE /api/accounts/me
DELETE /api/accounts/user-profile-photos
DELETE /api/accounts/video-content/{videoId}
DELETE /api/brands/brand-profile-photos/{userId}
DELETE /api/brands/team/{memberUserId}
DELETE /api/chat/messages/{messageId}
DELETE /api/chat/{chatId}
DELETE /api/content/categories/unassign
DELETE /api/notifications/installations/{installationId}
DELETE /api/payments/coupons/{couponId}
GET /api/Analytics/daily-activity
GET /api/Analytics/dashboard-stats
GET /api/Analytics/reviews
GET /api/SystemNotifications
GET /api/SystemNotifications/all
GET /api/SystemNotifications/unread-count
GET /api/accounts/bulk-creators/template
GET /api/accounts/confirm-email
GET /api/accounts/creators
GET /api/accounts/creators/recent
GET /api/accounts/creators/{creatorId}
GET /api/accounts/landing-stats
GET /api/accounts/onboarding
GET /api/accounts/password-recovery/options
GET /api/accounts/profile
GET /api/accounts/users
GET /api/admin/users
GET /api/admin/users/{userId}
GET /api/admin/users/{userId}/onboarding
GET /api/ai/botchat
GET /api/ai/botchat/messages
GET /api/ai/content
GET /api/ai/credits
GET /api/ai/credits/{userId}
GET /api/brands
GET /api/brands/admin/{brandId}
GET /api/brands/check-verified-company
GET /api/brands/{brandId}
GET /api/campaigns/applications/mutual
GET /api/campaigns/applications/my
GET /api/campaigns/applications/notifications/brand/{brandId}
GET /api/campaigns/brand/{brandId}
GET /api/campaigns/collaborations/brand/{brandId}
GET /api/campaigns/collaborations/mutual
GET /api/campaigns/collaborations/my
GET /api/campaigns/collaborations/{collaborationId}
GET /api/campaigns/featured
GET /api/campaigns/public
GET /api/campaigns/search
GET /api/campaigns/stats/brand/{brandId}
GET /api/campaigns/stats/creator/my
GET /api/campaigns/{campaignId}
GET /api/campaigns/{campaignId}/applications
GET /api/campaigns/{campaignId}/is-updatable
GET /api/campaigns/{campaignId}/stats
GET /api/chat
GET /api/chat/unread-count
GET /api/chat/with-creator/{creatorId}
GET /api/chat/{chatId}/messages
GET /api/content/categories/available
GET /api/materials
GET /api/materials/{materialId}
GET /api/payments/coupons
GET /api/payments/subscription-plans
GET /api/payments/subscription-plans/{planId}
GET /api/payments/subscriptions/brand/{brandId}
GET /api/payments/subscriptions/check-premium
GET /api/payments/subscriptions/my-plan
GET /api/payments/transactions
GET /api/payments/transactions/my
GET /api/payments/transactions/{transactionId}
GET /api/share-links/{slug}
GET /api/system/feature-flags
GET /api/system/feature-flags/by-key/{key}
GET /api/system/feature-flags/{id}
GET /api/system/mobile-app-card
GET /api/system/prompts
GET /api/system/prompts/by-key/{key}
GET /api/system/prompts/{id}
GET /api/system/proposal-access
GET /api/system/ui-errors
GET /share/{slug}
PATCH /api/Feedback/opt-out
PATCH /api/accounts/inactivate
PATCH /api/accounts/user-profile
PATCH /api/accounts/video-content/{videoId}/featured
PATCH /api/admin/users/status
PATCH /api/brands/profile
PATCH /api/campaigns/applications/{applicationId}/review
PATCH /api/campaigns/applications/{applicationId}/withdraw
PATCH /api/campaigns/collaborations/{collaborationId}/rate
PATCH /api/campaigns/collaborations/{collaborationId}/status
PATCH /api/campaigns/{campaignId}/status/cancel
PATCH /api/campaigns/{campaignId}/status/complete
PATCH /api/campaigns/{campaignId}/status/draft
PATCH /api/campaigns/{campaignId}/status/published
POST /api/Analytics/track-daily-activity
POST /api/Feedback
POST /api/SystemNotifications/mark-read
POST /api/accounts/bulk-creators/create
POST /api/accounts/bulk-creators/validate
POST /api/accounts/bulk-email
POST /api/accounts/change-password
POST /api/accounts/creators/pending/notify
POST /api/accounts/forgot-password
POST /api/accounts/password-recovery/confirm-sms
POST /api/accounts/password-recovery/request-sms
POST /api/accounts/phone/confirm
POST /api/accounts/phone/request
POST /api/accounts/register
POST /api/accounts/resend-email-confirmation
POST /api/accounts/reset-password
POST /api/accounts/video-content
POST /api/admin/users/force-change-password
POST /api/admin/users/resend-email-confirmation
POST /api/admin/users/{email}/impersonate
POST /api/ai/content/image-from-campaign-fields
POST /api/ai/content/image-from-image
POST /api/ai/content/image-from-prompt
POST /api/ai/content/video-from-prompt-image
POST /api/auth/complete-social-registration
POST /api/auth/login
POST /api/auth/login/request-code
POST /api/auth/login/with-code
POST /api/auth/logout
POST /api/auth/refresh-token
POST /api/auth/social-login
POST /api/brands/team/invite
POST /api/brands/verify
POST /api/campaigns
POST /api/campaigns/applications
POST /api/campaigns/collaborations
POST /api/chat/read
POST /api/chat/start
POST /api/chat/{chatId}/archive
POST /api/chat/{chatId}/messages/attachment
POST /api/chat/{chatId}/messages/text
POST /api/content/categories/assign
POST /api/files/upload-temp
POST /api/materials/upload
POST /api/notifications/broadcast
POST /api/payments/credits/topup
POST /api/payments/subscriptions
POST /api/payments/subscriptions/onboarding-trial
POST /api/payments/subscriptions/redeem-coupon
POST /api/payments/subscriptions/{subscriptionId}/cancel
POST /api/payments/subscriptions/{subscriptionId}/reactivate
POST /api/payments/subscriptions/{subscriptionId}/update
POST /api/payments/webhook/stripe
POST /api/share-links
POST /api/system/proposal-access/generate
POST /api/system/proposal-access/verify
POST /api/system/ui-error
PUT /api/accounts/preferences
PUT /api/content/categories/display-order
PUT /api/notifications/installations

Found on 2026-01-10 02:41

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.206.176.5
Domain: api-prod.ugcpoint.net
Port: 443
URL: https://api-prod.ugcpoint.net

First seen 2026-01-07 06:47
Last seen 2026-01-17 13:44
Open for 10 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354954c7fa353ae05d05eda131643d58d0908134af98

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SystemNotifications/{id}
DELETE /api/accounts/me
DELETE /api/accounts/user-profile-photos
DELETE /api/accounts/video-content/{videoId}
DELETE /api/brands/brand-profile-photos/{userId}
DELETE /api/brands/team/{memberUserId}
DELETE /api/chat/messages/{messageId}
DELETE /api/chat/{chatId}
DELETE /api/content/categories/unassign
DELETE /api/notifications/installations/{installationId}
DELETE /api/payments/coupons/{couponId}
GET /api/Analytics/daily-activity
GET /api/Analytics/dashboard-stats
GET /api/Analytics/reviews
GET /api/SystemNotifications
GET /api/SystemNotifications/all
GET /api/SystemNotifications/unread-count
GET /api/accounts/bulk-creators/template
GET /api/accounts/confirm-email
GET /api/accounts/creators
GET /api/accounts/creators/recent
GET /api/accounts/creators/{creatorId}
GET /api/accounts/landing-stats
GET /api/accounts/onboarding
GET /api/accounts/password-recovery/options
GET /api/accounts/profile
GET /api/accounts/users
GET /api/admin/creators/to-approve
GET /api/admin/users
GET /api/admin/users/deleted-audits
GET /api/admin/users/stats
GET /api/admin/users/{userId}
GET /api/admin/users/{userId}/onboarding
GET /api/ai/botchat
GET /api/ai/botchat/messages
GET /api/ai/content
GET /api/ai/credits
GET /api/ai/credits/{userId}
GET /api/brands
GET /api/brands/admin/{brandId}
GET /api/brands/check-verified-company
GET /api/brands/stats
GET /api/brands/{brandId}
GET /api/campaigns/admin/search
GET /api/campaigns/applications/mutual
GET /api/campaigns/applications/my
GET /api/campaigns/applications/notifications/brand/{brandId}
GET /api/campaigns/brand/{brandId}
GET /api/campaigns/collaborations/brand/{brandId}
GET /api/campaigns/collaborations/mutual
GET /api/campaigns/collaborations/my
GET /api/campaigns/collaborations/{collaborationId}
GET /api/campaigns/featured
GET /api/campaigns/public
GET /api/campaigns/search
GET /api/campaigns/stats/brand/{brandId}
GET /api/campaigns/stats/creator/my
GET /api/campaigns/{campaignId}
GET /api/campaigns/{campaignId}/applications
GET /api/campaigns/{campaignId}/is-updatable
GET /api/campaigns/{campaignId}/stats
GET /api/chat
GET /api/chat/unread-count
GET /api/chat/with-creator/{creatorId}
GET /api/chat/{chatId}/messages
GET /api/content/categories/available
GET /api/materials
GET /api/materials/{materialId}
GET /api/payments/analytics/subscriptions
GET /api/payments/coupons
GET /api/payments/subscription-plans
GET /api/payments/subscription-plans/{planId}
GET /api/payments/subscriptions/all
GET /api/payments/subscriptions/brand/{brandId}
GET /api/payments/subscriptions/check-premium
GET /api/payments/subscriptions/my-plan
GET /api/payments/transactions
GET /api/payments/transactions/export
GET /api/payments/transactions/my
GET /api/payments/transactions/{transactionId}
GET /api/payments/transactions/{transactionId}/details
GET /api/share-links/{slug}
GET /api/system/feature-flags
GET /api/system/feature-flags/by-key/{key}
GET /api/system/feature-flags/{id}
GET /api/system/mobile-app-card
GET /api/system/prompts
GET /api/system/prompts/by-key/{key}
GET /api/system/prompts/{id}
GET /api/system/proposal-access
GET /api/system/ui-errors
GET /share/{slug}
PATCH /api/Feedback/opt-out
PATCH /api/accounts/inactivate
PATCH /api/accounts/user-profile
PATCH /api/accounts/video-content/{videoId}/featured
PATCH /api/admin/users/status
PATCH /api/brands/profile
PATCH /api/campaigns/applications/{applicationId}/review
PATCH /api/campaigns/applications/{applicationId}/withdraw
PATCH /api/campaigns/collaborations/{collaborationId}/rate
PATCH /api/campaigns/collaborations/{collaborationId}/status
PATCH /api/campaigns/{campaignId}/status/cancel
PATCH /api/campaigns/{campaignId}/status/complete
PATCH /api/campaigns/{campaignId}/status/draft
PATCH /api/campaigns/{campaignId}/status/published
POST /api/Analytics/track-daily-activity
POST /api/Feedback
POST /api/SystemNotifications/mark-read
POST /api/accounts/bulk-creators/create
POST /api/accounts/bulk-creators/validate
POST /api/accounts/bulk-email
POST /api/accounts/change-password
POST /api/accounts/creators/pending/notify
POST /api/accounts/forgot-password
POST /api/accounts/password-recovery/confirm-sms
POST /api/accounts/password-recovery/request-sms
POST /api/accounts/phone/confirm
POST /api/accounts/phone/request
POST /api/accounts/register
POST /api/accounts/resend-email-confirmation
POST /api/accounts/reset-password
POST /api/accounts/video-content
POST /api/admin/users/force-change-password
POST /api/admin/users/resend-email-confirmation
POST /api/admin/users/{email}/impersonate
POST /api/ai/content/image-from-campaign-fields
POST /api/ai/content/image-from-image
POST /api/ai/content/image-from-prompt
POST /api/ai/content/video-from-prompt-image
POST /api/auth/complete-social-registration
POST /api/auth/login
POST /api/auth/login/request-code
POST /api/auth/login/with-code
POST /api/auth/logout
POST /api/auth/refresh-token
POST /api/auth/social-login
POST /api/brands/team/invite
POST /api/brands/verify
POST /api/campaigns
POST /api/campaigns/applications
POST /api/campaigns/collaborations
POST /api/chat/read
POST /api/chat/start
POST /api/chat/{chatId}/archive
POST /api/chat/{chatId}/messages/attachment
POST /api/chat/{chatId}/messages/text
POST /api/content/categories/assign
POST /api/files/upload-temp
POST /api/materials/upload
POST /api/notifications/broadcast
POST /api/payments/credits/topup
POST /api/payments/plans
POST /api/payments/subscriptions
POST /api/payments/subscriptions/onboarding-trial
POST /api/payments/subscriptions/redeem-coupon
POST /api/payments/subscriptions/{subscriptionId}/cancel
POST /api/payments/subscriptions/{subscriptionId}/reactivate
POST /api/payments/subscriptions/{subscriptionId}/update
POST /api/payments/transactions/{transactionId}/refund
POST /api/payments/webhook/stripe
POST /api/share-links
POST /api/system/proposal-access/generate
POST /api/system/proposal-access/verify
POST /api/system/ui-error
PUT /api/accounts/preferences
PUT /api/content/categories/display-order
PUT /api/notifications/installations
PUT /api/payments/plans/{planId}

Found on 2026-01-17 13:44

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354954c7fa353ae05d05eda131643d58d0908e0d4ca3

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SystemNotifications/{id}
DELETE /api/accounts/me
DELETE /api/accounts/user-profile-photos
DELETE /api/accounts/video-content/{videoId}
DELETE /api/brands/brand-profile-photos/{userId}
DELETE /api/brands/team/{memberUserId}
DELETE /api/chat/messages/{messageId}
DELETE /api/chat/{chatId}
DELETE /api/content/categories/unassign
DELETE /api/notifications/installations/{installationId}
DELETE /api/payments/coupons/{couponId}
GET /api/Analytics/daily-activity
GET /api/Analytics/dashboard-stats
GET /api/Analytics/reviews
GET /api/SystemNotifications
GET /api/SystemNotifications/all
GET /api/SystemNotifications/unread-count
GET /api/accounts/bulk-creators/template
GET /api/accounts/confirm-email
GET /api/accounts/creators
GET /api/accounts/creators/recent
GET /api/accounts/creators/{creatorId}
GET /api/accounts/landing-stats
GET /api/accounts/onboarding
GET /api/accounts/password-recovery/options
GET /api/accounts/profile
GET /api/accounts/users
GET /api/admin/users
GET /api/admin/users/{userId}
GET /api/admin/users/{userId}/onboarding
GET /api/ai/botchat
GET /api/ai/botchat/messages
GET /api/ai/content
GET /api/ai/credits
GET /api/ai/credits/{userId}
GET /api/brands
GET /api/brands/admin/{brandId}
GET /api/brands/check-verified-company
GET /api/brands/{brandId}
GET /api/campaigns/applications/mutual
GET /api/campaigns/applications/my
GET /api/campaigns/applications/notifications/brand/{brandId}
GET /api/campaigns/brand/{brandId}
GET /api/campaigns/collaborations/brand/{brandId}
GET /api/campaigns/collaborations/mutual
GET /api/campaigns/collaborations/my
GET /api/campaigns/collaborations/{collaborationId}
GET /api/campaigns/featured
GET /api/campaigns/public
GET /api/campaigns/search
GET /api/campaigns/stats/brand/{brandId}
GET /api/campaigns/stats/creator/my
GET /api/campaigns/{campaignId}
GET /api/campaigns/{campaignId}/applications
GET /api/campaigns/{campaignId}/is-updatable
GET /api/campaigns/{campaignId}/stats
GET /api/chat
GET /api/chat/unread-count
GET /api/chat/with-creator/{creatorId}
GET /api/chat/{chatId}/messages
GET /api/content/categories/available
GET /api/materials
GET /api/materials/{materialId}
GET /api/payments/coupons
GET /api/payments/subscription-plans
GET /api/payments/subscription-plans/{planId}
GET /api/payments/subscriptions/brand/{brandId}
GET /api/payments/subscriptions/check-premium
GET /api/payments/subscriptions/my-plan
GET /api/payments/transactions
GET /api/payments/transactions/my
GET /api/payments/transactions/{transactionId}
GET /api/share-links/{slug}
GET /api/system/feature-flags
GET /api/system/feature-flags/by-key/{key}
GET /api/system/feature-flags/{id}
GET /api/system/mobile-app-card
GET /api/system/prompts
GET /api/system/prompts/by-key/{key}
GET /api/system/prompts/{id}
GET /api/system/proposal-access
GET /api/system/ui-errors
GET /share/{slug}
PATCH /api/Feedback/opt-out
PATCH /api/accounts/inactivate
PATCH /api/accounts/user-profile
PATCH /api/accounts/video-content/{videoId}/featured
PATCH /api/admin/users/status
PATCH /api/brands/profile
PATCH /api/campaigns/applications/{applicationId}/review
PATCH /api/campaigns/applications/{applicationId}/withdraw
PATCH /api/campaigns/collaborations/{collaborationId}/rate
PATCH /api/campaigns/collaborations/{collaborationId}/status
PATCH /api/campaigns/{campaignId}/status/cancel
PATCH /api/campaigns/{campaignId}/status/complete
PATCH /api/campaigns/{campaignId}/status/draft
PATCH /api/campaigns/{campaignId}/status/published
POST /api/Analytics/track-daily-activity
POST /api/Feedback
POST /api/SystemNotifications/mark-read
POST /api/accounts/bulk-creators/create
POST /api/accounts/bulk-creators/validate
POST /api/accounts/bulk-email
POST /api/accounts/change-password
POST /api/accounts/creators/pending/notify
POST /api/accounts/forgot-password
POST /api/accounts/password-recovery/confirm-sms
POST /api/accounts/password-recovery/request-sms
POST /api/accounts/phone/confirm
POST /api/accounts/phone/request
POST /api/accounts/register
POST /api/accounts/resend-email-confirmation
POST /api/accounts/reset-password
POST /api/accounts/video-content
POST /api/admin/users/force-change-password
POST /api/admin/users/resend-email-confirmation
POST /api/admin/users/{email}/impersonate
POST /api/ai/content/image-from-campaign-fields
POST /api/ai/content/image-from-image
POST /api/ai/content/image-from-prompt
POST /api/ai/content/video-from-prompt-image
POST /api/auth/complete-social-registration
POST /api/auth/login
POST /api/auth/login/request-code
POST /api/auth/login/with-code
POST /api/auth/logout
POST /api/auth/refresh-token
POST /api/auth/social-login
POST /api/brands/team/invite
POST /api/brands/verify
POST /api/campaigns
POST /api/campaigns/applications
POST /api/campaigns/collaborations
POST /api/chat/read
POST /api/chat/start
POST /api/chat/{chatId}/archive
POST /api/chat/{chatId}/messages/attachment
POST /api/chat/{chatId}/messages/text
POST /api/content/categories/assign
POST /api/files/upload-temp
POST /api/materials/upload
POST /api/notifications/broadcast
POST /api/payments/credits/topup
POST /api/payments/subscriptions
POST /api/payments/subscriptions/onboarding-trial
POST /api/payments/subscriptions/redeem-coupon
POST /api/payments/subscriptions/{subscriptionId}/cancel
POST /api/payments/subscriptions/{subscriptionId}/reactivate
POST /api/payments/subscriptions/{subscriptionId}/update
POST /api/payments/webhook/stripe
POST /api/share-links
POST /api/system/proposal-access/generate
POST /api/system/proposal-access/verify
POST /api/system/ui-error
PUT /api/accounts/preferences
PUT /api/content/categories/display-order
PUT /api/notifications/installations

Found on 2026-01-09 16:56

Create report

Open service 20.206.176.5:80 · api-prod.ugcpoint.net

2026-01-22 19:26

HTTP/1.1 200 OK
Connection: close
Content-Type: application/json; charset=utf-8
Date: Thu, 22 Jan 2026 19:26:32 GMT
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:70f800c8-fa92-400c-951c-c3b9fe46fca9


{"name":"UGC Point Backend API","version":"1.0.0","status":"Running","description":"UGC Point landing page backend services for customer management and lead processing","endpoints":{"health":"/api/health","documentation":"/swagger"},"timestamp":"2026-01-22T19:26:32.5206328Z"}

Found 2026-01-22 by HttpPlugin

Create report

Open service 20.206.176.5:80 · api-prod.ugcpoint.net

2026-01-10 02:41

HTTP/1.1 200 OK
Connection: close
Content-Type: application/json; charset=utf-8
Date: Sat, 10 Jan 2026 02:42:16 GMT
Server: Kestrel
Transfer-Encoding: chunked
Request-Context: appId=cid-v1:70f800c8-fa92-400c-951c-c3b9fe46fca9


{"name":"UGC Point Backend API","version":"1.0.0","status":"Running","description":"UGC Point landing page backend services for customer management and lead processing","endpoints":{"health":"/api/health","documentation":"/swagger"},"timestamp":"2026-01-10T02:42:16.9517119Z"}

Found 2026-01-10 by HttpPlugin

Create report

Domain summary

api-prod.ugcpoint.net 7

1 recorded

IP summary

20.206.176.5 2

1 recorded