LeakIX - Host api.fitzei.com

Domain api.fitzei.com

United States

GOOGLE

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 142.250.186.147
Domain: api.fitzei.com
Port: 443
URL: https://api.fitzei.com

First seen 2025-11-17 21:04
Last seen 2026-01-23 01:37
Open for 66 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-23 01:37
Create report

Open service 142.250.186.147:443 · api.fitzei.com

2026-01-23 01:37

HTTP/1.1 404 Not Found
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
content-security-policy: default-src 'none'
x-content-type-options: nosniff
x-cloud-trace-context: a936d2a091250f62007a7605c16cf5ca
date: Fri, 23 Jan 2026 01:37:40 GMT
server: Google Frontend
Content-Length: 139
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 142.250.74.211:443 · hml.api.fitzei.com

2026-01-12 03:57

HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
location: https://www.fitzei.com
x-cloud-trace-context: 48aa6f250424c1adc02f300d1957bc60
date: Mon, 12 Jan 2026 03:57:19 GMT
server: Google Frontend
Content-Length: 250
Connection: close

Page title: Redirecting...

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="https://www.fitzei.com">https://www.fitzei.com</a>. If not click the link.

Found 2026-01-12 by HttpPlugin

Create report

Open service 2a00:1450:4001:803::2013:443 · hml.api.fitzei.com

2026-01-12 03:57

HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
location: https://www.fitzei.com
x-cloud-trace-context: 75eb1824def417c4fca24145b48b35e8
date: Mon, 12 Jan 2026 03:57:19 GMT
server: Google Frontend
Content-Length: 250
Connection: close

Page title: Redirecting...

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="https://www.fitzei.com">https://www.fitzei.com</a>. If not click the link.

Found 2026-01-12 by HttpPlugin

Create report

Open service 142.250.74.211:443 · api.fitzei.com

2026-01-12 00:27

HTTP/1.1 404 Not Found
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
content-security-policy: default-src 'none'
x-content-type-options: nosniff
x-cloud-trace-context: a7202f70be3ca563349a1cdb2be287ae
date: Mon, 12 Jan 2026 00:27:14 GMT
server: Google Frontend
Content-Length: 139
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-12 by HttpPlugin

Create report

Open service 142.250.74.211:80 · api.fitzei.com

2026-01-12 00:27

HTTP/1.1 301 Moved Permanently
location: https://api.fitzei.com/
x-cloud-trace-context: b0273a4b06e1c653acabb1dedef83912
date: Mon, 12 Jan 2026 00:28:10 GMT
content-type: text/html
server: Google Frontend
Content-Length: 0
Connection: close

Found 2026-01-12 by HttpPlugin

Create report

Open service 2a00:1450:4001:829::2013:80 · api.fitzei.com

2026-01-12 00:27

HTTP/1.1 301 Moved Permanently
location: https://api.fitzei.com/
x-cloud-trace-context: 0b4659e1c88a9a8a916769a55afeb993
date: Mon, 12 Jan 2026 00:28:10 GMT
content-type: text/html
server: Google Frontend
Content-Length: 0
Connection: close

Found 2026-01-12 by HttpPlugin

Create report

Open service 2a00:1450:4001:829::2013:443 · api.fitzei.com

2026-01-12 00:27

HTTP/1.1 404 Not Found
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
content-security-policy: default-src 'none'
x-content-type-options: nosniff
x-cloud-trace-context: 8d27621dea7c1ccb9d0d5ddc452def10
date: Mon, 12 Jan 2026 00:27:13 GMT
server: Google Frontend
Content-Length: 139
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>

Found 2026-01-12 by HttpPlugin

Create report

api.fitzei.com

Fingerprint:

19fe0601e2b33954f454bba07721c0e6b8b39ffa02a44231ef4b64badf0b3053

CN:

api.fitzei.com

Key:

RSA-2048

Issuer:

WR3

Not before:

2026-01-11 23:25

Not after:

2026-04-12 00:18

hml.api.fitzei.com

Fingerprint:

1d37645afcfaee4637c95a018e855722661904f910042c78fc11492d67710522

CN:

hml.api.fitzei.com

Key:

RSA-2048

Issuer:

WR3

Not before:

2026-01-04 03:27

Not after:

2026-04-04 04:17

api.fitzei.com

Fingerprint:

46ea8afb124f47b65444c8aa36fa9549b9964d50d52bf96eb41ad22c66af58e5

CN:

api.fitzei.com

Key:

RSA-2048

Issuer:

WR3

Not before:

2025-11-17 20:03

Not after:

2026-02-15 20:54

Domain summary

api.fitzei.com 5 hml.api.fitzei.com 1

2 recorded

IP summary

142.250.74.211 2 142.250.186.147 1 2a00:1450:4001:803::2013 1 2a00:1450:4001:829::2013 1

4 recorded

Domain api.fitzei.com

United States

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

Create report

Create report

api.fitzei.com

hml.api.fitzei.com

api.fitzei.com

Domain summary

IP summary