LeakIX - Host comms.unit-e.uk

Domain comms.unit-e.uk

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.157
Domain: comms.unit-e.uk
Port: 443
URL: https://comms.unit-e.uk

First seen 2025-12-12 10:48
Last seen 2026-01-16 11:55
Open for 35 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549effe8e3aeffe8e3aeffe8e3aeffe8e3aeffe8e3a
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/v1/notification
```
  Found on 2026-01-16 11:55
Create report

Open service 23.50.131.157:443 · comms.unit-e.uk

2026-01-09 09:08

HTTP/1.1 200 OK
Request-Context: appId=cid-v1:69efe5ee-c086-4f13-b5da-c9a3e5f9dfc7
Content-Length: 19
Cache-Control: max-age=0
Expires: Fri, 09 Jan 2026 09:08:25 GMT
Date: Fri, 09 Jan 2026 09:08:25 GMT
Connection: close
Set-Cookie: ARRAffinity=65593b90f286279b348e36fdc72aad46ed75244dcdda79821be8bcb3e08b0ac1;Path=/;HttpOnly;Secure;Domain=comms.unit-e.uk
Set-Cookie: ARRAffinitySameSite=65593b90f286279b348e36fdc72aad46ed75244dcdda79821be8bcb3e08b0ac1;Path=/;HttpOnly;SameSite=None;Secure;Domain=comms.unit-e.uk
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), microphone=(), camera=()
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload


Service is running.

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.50.131.157:443 · comms.unit-e.uk

2026-01-02 08:18

HTTP/1.1 200 OK
Request-Context: appId=cid-v1:69efe5ee-c086-4f13-b5da-c9a3e5f9dfc7
Content-Length: 19
Cache-Control: max-age=0
Expires: Fri, 02 Jan 2026 08:18:53 GMT
Date: Fri, 02 Jan 2026 08:18:53 GMT
Connection: close
Set-Cookie: ARRAffinity=65593b90f286279b348e36fdc72aad46ed75244dcdda79821be8bcb3e08b0ac1;Path=/;HttpOnly;Secure;Domain=comms.unit-e.uk
Set-Cookie: ARRAffinitySameSite=65593b90f286279b348e36fdc72aad46ed75244dcdda79821be8bcb3e08b0ac1;Path=/;HttpOnly;SameSite=None;Secure;Domain=comms.unit-e.uk
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), microphone=(), camera=()
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload


Service is running.

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.50.131.157:443 · comms.unit-e.uk

2025-12-23 05:43

HTTP/1.1 200 OK
Request-Context: appId=cid-v1:69efe5ee-c086-4f13-b5da-c9a3e5f9dfc7
Content-Length: 19
Cache-Control: max-age=0
Expires: Tue, 23 Dec 2025 05:43:27 GMT
Date: Tue, 23 Dec 2025 05:43:27 GMT
Connection: close
Set-Cookie: ARRAffinity=65593b90f286279b348e36fdc72aad46ed75244dcdda79821be8bcb3e08b0ac1;Path=/;HttpOnly;Secure;Domain=comms.unit-e.uk
Set-Cookie: ARRAffinitySameSite=65593b90f286279b348e36fdc72aad46ed75244dcdda79821be8bcb3e08b0ac1;Path=/;HttpOnly;SameSite=None;Secure;Domain=comms.unit-e.uk
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(), microphone=(), camera=()
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload


Service is running.

Found 2025-12-23 by HttpPlugin

Create report

admissions-data.unit-e.ukadmissions-functions.unit-e.ukadmissions-process.unit-e.ukapp.unit-e.ukapply-bcnogroup.unit-e.ukapply-robr.unit-e.ukapply-vcad.unit-e.ukaudit.unit-e.ukauth.unit-e.ukbcno.unit-e.ukcedar-nclu.unit-e.ukcedar-robr.unit-e.ukcedar-test-nclu.unit-e.ukcedar-test-robr.unit-e.ukcedar-test-vcad.unit-e.ukcedar-train-nclu.unit-e.ukcedar-train-robr.unit-e.ukcedar-train-vcad.unit-e.ukcedar-vcad.unit-e.ukcertificate.unit-e.ukcolchsfc.unit-e.ukcolchsfctest.unit-e.ukcomms.unit-e.ukdoccomp.unit-e.ukdocupload.unit-e.ukenrol-nclu.unit-e.ukenrol-test-nclu.unit-e.ukenrol-train-nclu.unit-e.ukessdale.unit-e.ukgrafana-essdale.unit-e.ukgrafana.essdale.unit-e.ukhelp.unit-e.ukhuddnewcoll.unit-e.ukhuddnewcolltest.unit-e.uklaunchpad-bcnogroup.unit-e.uklaunchpad-robr.unit-e.uklaunchpad-vcad.unit-e.ukmorley.unit-e.ukmorleytest.unit-e.ukonboarding.unit-e.ukos.unit-e.ukpathways.unit-e.ukreleases.cedarportal.co.ukrouting.unit-e.ukstaff-bcnogroup.unit-e.ukstaff-robr.unit-e.ukstaff-vcad.unit-e.ukstudents-bcnogroup.unit-e.ukstudents-robr.unit-e.ukstudents-vcad.unit-e.uktemplate.unit-e.ukucas.unit-e.ukunit-e.ukwebapi-bcnogroup.unit-e.ukwebapi-mviogroup.unit-e.ukwebapi-robr.unit-e.ukwebapi-test-bcnogroup.unit-e.ukwebapi-test-mviogroup.unit-e.ukwebapi-test-robr.unit-e.ukwebapi-test-vcad.unit-e.ukwebapi-train-bcnogroup.unit-e.ukwebapi-train-mviogroup.unit-e.ukwebapi-train-robr.unit-e.ukwebapi-train-vcad.unit-e.ukwebapi-vcad.unit-e.ukwww.ess-unit-e.co.uk

Fingerprint:

bc55f844f53bdb4cf07c4256218084a70685929e53296d8d217dbe4526292dce

CN:

certificate.unit-e.uk

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-15 09:25

Not after:

2026-03-15 09:25

Domain summary

comms.unit-e.uk 3

1 recorded

IP summary

23.50.131.157 2

1 recorded

Domain comms.unit-e.uk

Germany

Swagger API description is publicly available

Create report

Create report

Create report

Domain summary

IP summary