LeakIX - Host api.openfiat.org

Domain api.openfiat.org

United States

AMAZON-02

Software information

Vercel

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 66.33.60.35
Domain: api.openfiat.org
Port: 443
URL: https://api.openfiat.org

First seen 2025-11-02 22:22
Last seen 2026-01-09 07:28
Open for 67 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 07:28
Create report

Open service 66.33.60.35:443 · api.openfiat.org

2026-01-09 07:28

HTTP/1.1 401 Unauthorized
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 41
Content-Type: application/json
Date: Fri, 09 Jan 2026 07:28:07 GMT
Server: Vercel
Strict-Transport-Security: max-age=63072000
Vary: Origin
X-Vercel-Cache: MISS
X-Vercel-Id: iad1::bom1::6ccx4-1767943687291-e03bead4c4af
Connection: close


{"error":false,"message":"Access Denied"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 66.33.60.35:443 · api.openfiat.org

2026-01-02 06:12

HTTP/1.1 401 Unauthorized
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 41
Content-Type: application/json
Date: Fri, 02 Jan 2026 06:12:31 GMT
Server: Vercel
Strict-Transport-Security: max-age=63072000
Vary: Origin
X-Vercel-Cache: MISS
X-Vercel-Id: iad1::bom1::xc5t6-1767334348701-325b21419299
Connection: close


{"error":false,"message":"Access Denied"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 66.33.60.35:443 · api.openfiat.org

2025-12-22 13:54

HTTP/1.1 401 Unauthorized
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 41
Content-Type: application/json
Date: Mon, 22 Dec 2025 13:54:58 GMT
Server: Vercel
Strict-Transport-Security: max-age=63072000
Vary: Origin
X-Vercel-Cache: MISS
X-Vercel-Id: fra1::bom1::52pqx-1766411696022-170ee3913fad
Connection: close


{"error":false,"message":"Access Denied"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 66.33.60.35:443 · api.openfiat.org

2025-12-20 13:57

HTTP/1.1 401 Unauthorized
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 41
Content-Type: application/json
Date: Sat, 20 Dec 2025 13:57:28 GMT
Server: Vercel
Strict-Transport-Security: max-age=63072000
Vary: Origin
X-Vercel-Cache: MISS
X-Vercel-Id: fra1::bom1::vr5cm-1766239046811-6f005aa02359
Connection: close


{"error":false,"message":"Access Denied"}

Found 2025-12-20 by HttpPlugin

Create report

api.openfiat.org

Fingerprint:

c0cdf3abbc6bc91b804a2c9576e7de4e25464f5e973fa8575bc3293a91d21f6b

CN:

api.openfiat.org

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-02 02:13

Not after:

2026-03-02 02:13

Domain summary

api.openfiat.org 4

1 recorded

IP summary

66.33.60.35 2

1 recorded

Domain api.openfiat.org

United States

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

api.openfiat.org

Domain summary

IP summary