LeakIX - Host api.vaulty.site

Domain api.vaulty.site

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 76.223.11.49
Domain: api.vaulty.site
Port: 80
URL: http://api.vaulty.site

First seen 2025-11-17 00:26
Last seen 2026-01-10 01:32
Open for 54 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a36c50fc35

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/me
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2026-01-10 01:32

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a32311aae5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/canLeaveReview
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/getUserInfoBySession
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2025-11-30 14:50

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 75.2.43.161
Domain: api.vaulty.site
Port: 443
URL: https://api.vaulty.site

First seen 2025-11-17 00:26
Last seen 2026-01-09 06:59
Open for 53 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a36c50fc35

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/me
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2026-01-09 06:59

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035496fb8488333c570fbfbc980be4b90d7a32311aae5

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Good/delete-good-image
DELETE /api/Good/delete-temporary-image
DELETE /api/Good/deleteGood
DELETE /api/Review/deleteReview
DELETE /api/User/deleteSocial
DELETE /api/chat/deleteChat
DELETE /api/messages/deleteMessage
GET /api/Auth/logout
GET /api/Auth/session
GET /api/Deal/getDealInfo
GET /api/Deal/getMyDeals
GET /api/Good/getAvailableGoodTypes
GET /api/Good/getGoodInf
GET /api/Good/getGoods
GET /api/Good/getMyGoods
GET /api/Good/getUserGoods
GET /api/Review/canLeaveReview
GET /api/Review/getMyReviews
GET /api/Review/getUserReviews
GET /api/Ton/transactions
GET /api/Ton/wallet
GET /api/Ton/withdrawal/{requestId}
GET /api/User/checkAvailabilityOfUsername
GET /api/User/getMyEmail
GET /api/User/getUserInfoById
GET /api/User/getUserInfoBySession
GET /api/chat/getUserChats
GET /api/messages/getConversation
GET /api/payments/balance
GET /api/payments/success
GET /api/payments/transactions
GET /api/payments/transactions/{id}
GET /healthz
POST /api/Auth/confirm-email
POST /api/Auth/forgot-password
POST /api/Auth/login
POST /api/Auth/register
POST /api/Auth/resend-confirmation-code
POST /api/Auth/reset-password
POST /api/Deal/createDeal
POST /api/Good/createGood
POST /api/Good/upload-good-image
POST /api/Good/upload-temporary
POST /api/Review/addReview
POST /api/Ton/wallet/create
POST /api/Ton/withdrawal/request
POST /api/User/upload-profile
POST /api/User/upload-profile-background
POST /api/chat/create
POST /api/messages/markAsReadMessage
POST /api/messages/sendMessage
POST /api/payments/create
POST /api/payments/webhook
PUT /api/Deal/approveDeal
PUT /api/Deal/openDispute
PUT /api/Good/updateGood
PUT /api/Good/updateGoodImages
PUT /api/Review/updateReview
PUT /api/User/changePassword
PUT /api/User/editSocial
PUT /api/User/reorderAllSocials
PUT /api/User/updateUserInfo
PUT /api/User/upsertSocial

Found on 2025-11-30 20:15

Create report

Open service 76.223.11.49:80 · api.vaulty.site

2026-01-10 01:32

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Sat, 10 Jan 2026 01:33:04 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=0Tqjh0C7ReywvoXzZ2xLrIgJB045gCCChYbSaI1wF60%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1768008784"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=0Tqjh0C7ReywvoXzZ2xLrIgJB045gCCChYbSaI1wF60%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1768008784"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2 days ago by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.vaulty.site

2026-01-09 06:59

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Fri, 09 Jan 2026 06:59:45 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=tgnZ5trNEd2L612Bl3GAvMIj8VocKO5K2ITN0sHTlI4%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767941986"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=tgnZ5trNEd2L612Bl3GAvMIj8VocKO5K2ITN0sHTlI4%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767941986"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2026-01-09 by HttpPlugin

Create report

Open service 76.223.11.49:80 · api.vaulty.site

2026-01-03 00:40

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Sat, 03 Jan 2026 00:40:47 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=BdDCV5wHfZYOBsJO2qoVGRDjXlDIVoZZBZCK5RAmZz8%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767400848"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=BdDCV5wHfZYOBsJO2qoVGRDjXlDIVoZZBZCK5RAmZz8%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767400848"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2026-01-03 by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.vaulty.site

2026-01-02 08:09

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Fri, 02 Jan 2026 08:09:31 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=I%2BEkJ6dtDXCxpm2EMsN5F77PsDcZJjYKmHJOt%2FogLWE%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767341371"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=I%2BEkJ6dtDXCxpm2EMsN5F77PsDcZJjYKmHJOt%2FogLWE%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767341371"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

Open service 76.223.11.49:80 · api.vaulty.site

2025-12-23 03:39

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Tue, 23 Dec 2025 03:39:44 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=uvVeGRQ8PdOS5ZhQVWKfS59dM5WI4S7beXmiwa7YnYA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766461185"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=uvVeGRQ8PdOS5ZhQVWKfS59dM5WI4S7beXmiwa7YnYA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766461185"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2025-12-23 by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.vaulty.site

2025-12-22 12:58

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Mon, 22 Dec 2025 12:58:14 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=jvdeSYgeaGKVmDJLTGoyK7vahmKBzEuUTjSa%2F0ba0Mc%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766408294"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=jvdeSYgeaGKVmDJLTGoyK7vahmKBzEuUTjSa%2F0ba0Mc%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766408294"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2025-12-22 by HttpPlugin

Create report

Open service 76.223.11.49:80 · api.vaulty.site

2025-12-20 16:47

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Sat, 20 Dec 2025 16:47:21 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LpqIKcntCA7jwtvUvvmdjAiAgsxqMpwEbXJR%2F7hOqRw%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766249242"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LpqIKcntCA7jwtvUvvmdjAiAgsxqMpwEbXJR%2F7hOqRw%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766249242"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2025-12-20 by HttpPlugin

Create report

Open service 75.2.43.161:443 · api.vaulty.site

2025-12-20 15:48

HTTP/1.1 404 Not Found
Content-Length: 0
Date: Sat, 20 Dec 2025 15:48:45 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=CnOT7n1OcJSFHHIvVf%2BLpDh2HRqFLM91xu0KXiNQa3w%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766245725"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=CnOT7n1OcJSFHHIvVf%2BLpDh2HRqFLM91xu0KXiNQa3w%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766245725"
Server: Heroku
Via: 1.1 heroku-router
Connection: close

Found 2025-12-20 by HttpPlugin

Create report

api.vaulty.site

Fingerprint:

7ecb3e9f267bcb62fc685e746e53b4e8c22c697e2479db802f0e8d623cb075d8

CN:

api.vaulty.site

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-16 23:27

Not after:

2026-02-14 23:27

Domain summary

api.vaulty.site 11

1 recorded

IP summary

76.223.11.49 1 75.2.43.161 1

2 recorded