LeakIX - Host api-ru.livlong.com

Domain api-ru.livlong.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.36.162.198
Domain: api-ru.livlong.com
Port: 443
URL: https://api-ru.livlong.com

First seen 2025-11-16 06:10
Last seen 2026-02-02 06:54
Open for 78 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-02-02 06:54
Create report

Open service 23.36.162.198:443 · api-ru.livlong.com

2026-01-23 01:12

HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Content-Length: 103
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"67-08Z5h3ufX3O1bkQWjFbGFwQRXso"
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
Expires: Fri, 23 Jan 2026 01:12:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 23 Jan 2026 01:12:16 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=c6454fae19aa76d28c0e111f00107a33; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=c6454fae19aa76d28c0e111f00107a33; Path=/


{"data":null,"metadata":{"code":404,"message":"Page Not found","timestamp":"2026-01-23T01:12:16.696Z"}}

Found 2026-01-23 by HttpPlugin

Create report

Open service 23.36.162.198:443 · api-ru.livlong.com

2026-01-09 07:00

HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Content-Length: 103
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"67-b055Xd5gBsh423Z0x9X8MS858As"
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
Expires: Fri, 09 Jan 2026 07:00:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Jan 2026 07:00:43 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=c6454fae19aa76d28c0e111f00107a33; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=c6454fae19aa76d28c0e111f00107a33; Path=/


{"data":null,"metadata":{"code":404,"message":"Page Not found","timestamp":"2026-01-09T07:00:43.756Z"}}

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.36.162.198:443 · api-ru.livlong.com

2026-01-02 08:08

HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Content-Length: 103
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"67-W1g4Wi394j4PDzwS6vG27h2qS/k"
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
Expires: Fri, 02 Jan 2026 08:08:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jan 2026 08:08:50 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=e162de6c46466dfe465da8a52555a51e; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=e162de6c46466dfe465da8a52555a51e; Path=/


{"data":null,"metadata":{"code":404,"message":"Page Not found","timestamp":"2026-01-02T08:08:50.303Z"}}

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.36.162.198:443 · api-ru.livlong.com

2025-12-22 13:00

HTTP/1.1 404 Not Found
Content-Type: application/json; charset=utf-8
Content-Length: 103
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
Origin-Agent-Cluster: ?1
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"67-O1HvY1TQx97j7I+LNsx1gvSbPvw"
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow
Expires: Mon, 22 Dec 2025 13:00:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Dec 2025 13:00:06 GMT
Connection: close
Set-Cookie: ApplicationGatewayAffinityCORS=c6454fae19aa76d28c0e111f00107a33; Path=/; SameSite=None; Secure
Set-Cookie: ApplicationGatewayAffinity=c6454fae19aa76d28c0e111f00107a33; Path=/


{"data":null,"metadata":{"code":404,"message":"Page Not found","timestamp":"2025-12-22T13:00:06.049Z"}}

Found 2025-12-22 by HttpPlugin

Create report

*.livlong.comlivlong.com

Fingerprint:

b26abae39b04faa75d379a044c8d11bb0eb0812aad58327243e9253a359d2bcf

CN:

*.livlong.com

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2025-05-28 00:00

Not after:

2026-05-27 23:59

Domain summary

api-ru.livlong.com 4

1 recorded

IP summary

23.36.162.198 2

1 recorded

Domain api-ru.livlong.com

Germany

Swagger API description is publicly available

Create report

Create report

Create report

Create report

*.livlong.comlivlong.com

Domain summary

IP summary