LeakIX - Host api.kkl1.com

Domain api.kkl1.com

Singapore

ACE

Software information

nginx nginx

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 43.159.99.102
Domain: t.api.kkl1.com
Port: 80
URL: http://t.api.kkl1.com

First seen 2025-10-15 00:02
Last seen 2026-02-09 08:31
Open for 117 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 08:31
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 43.159.99.102
Domain: t.api.kkl1.com
Port: 443
URL: https://t.api.kkl1.com

First seen 2025-10-15 00:02
Last seen 2026-02-09 00:48
Open for 117 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 00:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 43.159.99.102
Domain: api.kkl1.com
Port: 80
URL: http://api.kkl1.com

First seen 2025-11-06 00:06
Last seen 2026-02-09 06:24
Open for 95 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 06:24
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 43.159.98.10
Domain: api.kkl1.com
Port: 443
URL: https://api.kkl1.com

First seen 2025-11-06 00:06
Last seen 2026-02-09 06:24
Open for 95 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-02-09 06:24
Create report

Open service 43.159.99.102:80 · api.kkl1.com

2026-01-23 02:26

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,ignoreCancelToken,AccessToken,X-CSRF-Token,Authorization,Token,X-Token,X-User-Id,Current-Language
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE,PUT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, New-Token, New-Expires-At
Content-Length: 18
Connection: close
Date: Fri, 23 Jan 2026 02:26:54 GMT
EO-LOG-UUID: 205098216818532767
EO-Cache-Status: MISS


404 page not found

Found 2026-01-23 by HttpPlugin

Create report

Open service 43.159.98.10:443 · api.kkl1.com

2026-01-23 02:26

HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,ignoreCancelToken,AccessToken,X-CSRF-Token,Authorization,Token,X-Token,X-User-Id,Current-Language
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE,PUT
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, New-Token, New-Expires-At
Content-Length: 18
Connection: close
Date: Fri, 23 Jan 2026 02:26:51 GMT
EO-LOG-UUID: 12035252118861106084
EO-Cache-Status: MISS


404 page not found

Found 2026-01-23 by HttpPlugin

Create report

api.kkl1.com

Fingerprint:

d744d9d584104f53845b8f763f4e6d6544e8e2fd4de38f0b8adb0e717041fecd

CN:

api.kkl1.com

Key:

RSA-2048

Issuer:

TrustAsia DV TLS RSA CA 2025

Not before:

2026-01-20 00:00

Not after:

2026-04-19 23:59

Domain summary

api.kkl1.com 3 t.api.kkl1.com 2

2 recorded

IP summary

43.159.99.102 2 43.159.98.10 1

2 recorded

Domain api.kkl1.com

Singapore

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Swagger API description is publicly available

Create report

Create report

api.kkl1.com

Domain summary

IP summary