Domain economysimulator.com
CLOUDFLARENET
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-17 03:06
Last seen 2026-02-02 05:40
Open for 16 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354928069275dffdf3d18e8848e5e7b079361294c43aPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/economy-chat/v1/channels/{channelId}/messages/{messageId} DELETE /apisite/forums/v1/posts/{postId} DELETE /apisite/groups/v1/groups/{groupId}/rolesets/{roleSetId} DELETE /apisite/groups/v1/groups/{groupId}/social-links/{socialId} DELETE /apisite/groups/v1/groups/{groupId}/users/{userId} DELETE /apisite/groups/v1/groups/{groupId}/wall/posts/{postId} GET /Asset/BodyColors.ashx GET /Asset/CharacterFetch.ashx GET /BuildersClub/Upgrade.ashx GET /Game/GamePass/GamePassHandler.ashx GET /Game/LoadPlaceInfo.ashx GET /Game/LuaWebService/HandleSocialRequest.ashx GET /Users/GetBanStatus.ashx GET /Users/ListStaff.ashx GET /abusereport/UserProfile GET /abusereport/asset GET /abusereport/user GET /abusereport/users GET /api/Asset GET /api/economy-chat/v1/channels/list GET /api/economy-chat/v1/channels/{channelId}/messages GET /api/economy-chat/v1/channels/{channelId}/read GET /api/economy-chat/v1/metadata GET /api/internal/gameserver/hashes GET /apisite/accountinformation/v1/birthdate GET /apisite/accountinformation/v1/description GET /apisite/accountinformation/v1/gender GET /apisite/accountinformation/v1/metadata GET /apisite/accountinformation/v1/phone GET /apisite/accountinformation/v1/promotion-channels GET /apisite/accountinformation/v1/star-code-affiliates GET /apisite/accountinformation/v1/users/{userId}/roblox-badges GET /apisite/accountsettings/v1/content-restriction GET /apisite/accountsettings/v1/email GET /apisite/accountsettings/v1/inventory-privacy GET /apisite/accountsettings/v1/themes/types GET /apisite/accountsettings/v1/themes/user GET /apisite/accountsettings/v1/trade-privacy GET /apisite/accountsettings/v1/trade-value GET /apisite/ads/v1/sponsored-pages GET /apisite/ads/v1/user-ads/{creatorType}/{creatorId} GET /apisite/api/alerts/alert-info GET /apisite/api/marketplace/productinfo GET /apisite/api/users/get-by-username GET /apisite/api/users/{userId} GET /apisite/api/v1/countries/phone-prefix-list GET /apisite/apis/purchase-warning/v1/purchase-warnings/pre-purchase-authorization GET /apisite/apis/universal-app-configuration/v1/behaviors/account-settings-ui/content GET /apisite/apis/universal-app-configuration/v1/behaviors/configure-group-ui/content GET /apisite/apis/universal-app-configuration/v1/behaviors/group-details-ui/content GET /apisite/apis/universal-app-configuration/v1/behaviors/robux-product-policy/content GET /apisite/auth/v1/account/pin GET /apisite/auth/v1/security-prompt-parameters GET /apisite/auth/v1/social/connected-providers GET /apisite/auth/v1/usernames/validate GET /apisite/auth/v1/xbox/connection GET /apisite/auth/v2/metadata GET /apisite/auth/v2/passwords/current-status GET /apisite/avatar/v1/avatar GET /apisite/avatar/v1/avatar-rules GET /apisite/avatar/v1/avatar/metadata GET /apisite/avatar/v1/recent-items/{item}/list GET /apisite/avatar/v1/users/{userId}/avatar GET /apisite/avatar/v1/users/{userId}/outfits GET /apisite/badges/v1/universes/{universeId}/badges GET /apisite/badges/v1/users/{userId}/badges GET /apisite/billing/v1/credit GET /apisite/billing/v1/paymentmethods GET /apisite/catalog/v1/asset-to-category GET /apisite/catalog/v1/asset-to-subcategory GET /apisite/catalog/v1/catalog/metadata GET /apisite/catalog/v1/categories GET /apisite/catalog/v1/favorites/users/{userId}/assets/{assetId}/favorite GET /apisite/catalog/v1/recommendations/asset/{assetTypeId} GET /apisite/catalog/v1/recommendations/metadata GET /apisite/catalog/v1/search/items GET /apisite/catalog/v1/search/navigation-menu-items GET /apisite/catalog/v1/subcategories GET /apisite/chat/v2/chat-settings GET /apisite/chat/v2/get-messages GET /apisite/chat/v2/get-unread-conversation-count GET /apisite/chat/v2/get-user-conversations GET /apisite/chat/v2/metadata GET /apisite/chat/v2/multi-get-latest-messages GET /apisite/clientsettings/Setting/QuietGet/ChromeAppSettings GET /apisite/clientsettings/Setting/QuietGet/ClientAppSettings GET /apisite/clientsettings/Setting/QuietGet/FireFoxAppSettings GET /apisite/clientsettings/Setting/QuietGet/RccAppSettings GET /apisite/contacts/v1/contacts/metadata GET /apisite/contacts/v1/user/get-tags GET /apisite/develop/v1/assets GET /apisite/develop/v1/assets/genres GET /apisite/develop/v1/user/is-verified-creator GET /apisite/economy/v1/assets/{assetId}/resale-data GET /apisite/economy/v1/assets/{assetId}/resellers GET /apisite/economy/v1/assets/{assetId}/users/{userId}/resellable-copies GET /apisite/economy/v1/groups/{groupId}/addfunds/allowed GET /apisite/economy/v1/groups/{groupId}/currency GET /apisite/economy/v1/groups/{groupId}/revenue/summary/{timePeriod} GET /apisite/economy/v1/groups/{groupId}/users-payout-eligibility GET /apisite/economy/v1/users/{userId}/currency GET /apisite/economy/v1/users/{userId}/revenue/summary/{timePeriod} GET /apisite/economy/v2/currency-exchange/market/activity GET /apisite/economy/v2/currency-exchange/orders/my GET /apisite/economy/v2/currency-exchange/orders/my/count GET /apisite/economy/v2/groups/{groupId}/transaction-totals GET /apisite/economy/v2/groups/{groupId}/transactions GET /apisite/economy/v2/users/{userId}/transaction-totals GET /apisite/economy/v2/users/{userId}/transaction-types GET /apisite/economy/v2/users/{userId}/transactions GET /apisite/ecsv2/www/e.png GET /apisite/followings/v1/users/{userId}/universes/{universeId}/status GET /apisite/forums/v1/posts/list GET /apisite/forums/v1/posts/{postId}/info GET /apisite/forums/v1/stats GET /apisite/forums/v1/sub-category/{subCategoryId}/info GET /apisite/forums/v1/sub-category/{subCategoryId}/posts GET /apisite/forums/v1/threads/{threadId}/info GET /apisite/forums/v1/threads/{threadId}/replies GET /apisite/forums/v1/users/{userId}/posts GET /apisite/friends/v1/metadata GET /apisite/friends/v1/my/friends/requests GET /apisite/friends/v1/user/friend-requests/count GET /apisite/friends/v1/users/{userId}/followers GET /apisite/friends/v1/users/{userId}/followers/count GET /apisite/friends/v1/users/{userId}/followings GET /apisite/friends/v1/users/{userId}/followings/count GET /apisite/friends/v1/users/{userId}/friends GET /apisite/friends/v1/users/{userId}/friends/statuses GET /apisite/games/v1/games GET /apisite/games/v1/games/list GET /apisite/games/v1/games/multiget-place-details GET /apisite/games/v1/games/multiget-playability-status GET /apisite/games/v1/games/recommendations/game/{universeId} GET /apisite/games/v1/games/sorts GET /apisite/games/v1/games/votes GET /apisite/games/v1/games/{universeId}/social-links/list GET /apisite/games/v2/games/{universeId}/media GET /apisite/games/v2/groups/{groupId}/games GET /apisite/games/v2/users/{userId}/games GET /apisite/groups/v1/groups/configuration/metadata GET /apisite/groups/v1/groups/metadata GET /apisite/groups/v1/groups/search GET /apisite/groups/v1/groups/search/lookup GET /apisite/groups/v1/groups/search/metadata GET /apisite/groups/v1/groups/{groupId} GET /apisite/groups/v1/groups/{groupId}/audit-log GET /apisite/groups/v1/groups/{groupId}/membership GET /apisite/groups/v1/groups/{groupId}/payout-restriction GET /apisite/groups/v1/groups/{groupId}/payouts GET /apisite/groups/v1/groups/{groupId}/relationships/{relationshipType} GET /apisite/groups/v1/groups/{groupId}/roles GET /apisite/groups/v1/groups/{groupId}/roles/permissions GET /apisite/groups/v1/groups/{groupId}/roles/{roleSetId}/permissions GET /apisite/groups/v1/groups/{groupId}/roles/{roleSetId}/users GET /apisite/groups/v1/groups/{groupId}/settings GET /apisite/groups/v1/groups/{groupId}/social-links GET /apisite/groups/v1/groups/{groupId}/users GET /apisite/groups/v1/users/{userId}/groups/primary/role GET /apisite/groups/v1/users/{userId}/groups/roles GET /apisite/groups/v2/groups/{groupId}/wall/posts GET /apisite/groups/v2/users/{userId}/groups/roles GET /apisite/inventory/v1/users/{userId}/assets/collectibles GET /apisite/inventory/v1/users/{userId}/items/Asset/{assetId} GET /apisite/inventory/v2/assets/{assetId}/owners GET /apisite/itemconfiguration/v1/assets/{assetId}/get-selling-fee GET /apisite/itemconfiguration/v1/creations/get-assets GET /apisite/itemconfiguration/v1/item-tags GET /apisite/itemconfiguration/v1/item-tags/metadata GET /apisite/itemconfiguration/v1/metadata GET /apisite/locale/v1/locales GET /apisite/locale/v1/locales/user-localization-locus-supported-locales GET /apisite/metrics/v1/thumbnails/metadata GET /apisite/notifications/v2/notifications/get-settings GET /apisite/notifications/v2/stream-notifications/get-recent GET /apisite/notifications/v2/stream-notifications/unread-count GET /apisite/premiumfeatures/v1/products GET /apisite/premiumfeatures/v1/users/{userId}/subscriptions GET /apisite/premiumfeatures/v1/users/{userId}/validate-membership GET /apisite/privatemessages/v1/announcements GET /apisite/privatemessages/v1/announcements/metadata GET /apisite/privatemessages/v1/messages GET /apisite/privatemessages/v1/messages/unread/count GET /apisite/privatemessages/v1/messages/{messageId} GET /apisite/thumbnails/v1/assets GET /apisite/thumbnails/v1/games/icons GET /apisite/thumbnails/v1/groups/icons GET /apisite/thumbnails/v1/users/avatar GET /apisite/thumbnails/v1/users/avatar-headshot GET /apisite/thumbnails/v1/users/outfits GET /apisite/trades/v1/trades/inbound/count GET /apisite/trades/v1/trades/{tradeId} GET /apisite/trades/v1/trades/{tradeType} GET /apisite/users/v1/users/authenticated GET /apisite/users/v1/users/{userId} GET /apisite/users/v1/users/{userId}/status GET /apisite/users/v1/users/{userId}/username-history GET /asset GET /asset/shader GET /auth/submit GET /botapi/migrate-alltypes GET /botapi/migrate-clothing GET /catalog GET /catalog/configure GET /catalog/{assetId} GET /catalog/{assetId}/{assetName} GET /clientsettingscdn/ClientAppSettings.json GET /clientsettingscdn/RccAppSettings.json GET /comments/get-json GET /currency/balance GET /game/get-join-script GET /game/join.ashx GET /games GET /games/getgameinstancesjson GET /games/refer GET /games/votingservice/{placeId} GET /games/{placeId}/{placeName} GET /groups GET /groups/configure GET /groups/create GET /groups/search GET /groups/{groupId}/{name} GET /home GET /icons/asset.ashx GET /info/blog GET /internal/release-metadata GET /login/negotiate.ashx GET /login/negotiateasync.ashx GET /my/account GET /my/avatar GET /my/economy-status GET /my/groups GET /my/messages GET /ownership/hasasset GET /placelauncher.ashx GET /search/groups GET /search/users GET /search/users/results GET /thumbs/asset.ashx GET /thumbs/avatar-headshot.ashx GET /thumbs/avatar.ashx GET /trades GET /transactions GET /userads/redirect GET /usercheck/show-tos GET /users/favorites/list-json GET /users/friends GET /users/inventory/list-json GET /users/profile/robloxcollections-json GET /users/{userId}/friends GET /users/{userId}/inventory GET /users/{userId}/profile GET /users/{userId}/trade PATCH /apisite/avatar/v1/outfits/{outfitId} PATCH /apisite/develop/v1/assets/{assetId} PATCH /apisite/develop/v1/universes/{universeId}/max-player-count PATCH /apisite/economy/v1/assets/{assetId}/resellable-copies/{userAssetId} PATCH /apisite/games/v1/games/{universeId}/user-votes PATCH /apisite/groups/v1/groups/icon PATCH /apisite/groups/v1/groups/{groupId}/status POST /Game/ValidateTicket.ashx POST /api/economy-chat/v1/channels/{channelId}/send POST /api/economy-chat/v1/channels/{channelId}/typing POST /api/moderation/filtertext POST /apisite/ads/v1/user-ads/asset/create POST /apisite/ads/v1/user-ads/group/create POST /apisite/ads/v1/user-ads/{advertisementId}/run POST /apisite/auth/v1/username POST /apisite/auth/v2/login POST /apisite/auth/v2/logout POST /apisite/auth/v2/logoutfromallsessionsandreauthenticate POST /apisite/auth/v2/signup POST /apisite/auth/v2/user/passwords/change POST /apisite/avatar/v1/avatar/assets/{assetId}/wear POST /apisite/avatar/v1/avatar/redraw-thumbnail POST /apisite/avatar/v1/avatar/set-body-colors POST /apisite/avatar/v1/avatar/set-player-avatar-type POST /apisite/avatar/v1/avatar/set-scales POST /apisite/avatar/v1/avatar/set-wearing-assets POST /apisite/avatar/v1/outfits/create POST /apisite/avatar/v1/outfits/{outfitId}/delete POST /apisite/avatar/v1/outfits/{outfitId}/wear POST /apisite/billing/v1/promocodes/redeem POST /apisite/catalog/v1/catalog/items/details POST /apisite/chat/v2/mark-as-read POST /apisite/chat/v2/send-message POST /apisite/chat/v2/start-one-to-one-conversation POST /apisite/chat/v2/update-user-typing-status POST /apisite/economy/v1/purchases/products/{assetId} POST /apisite/economy/v2/currency-exchange/orders/create POST /apisite/economy/v2/currency-exchange/orders/{orderId}/close POST /apisite/forums/v1/posts/{postId}/mark-as-read POST /apisite/forums/v1/posts/{postId}/reply POST /apisite/forums/v1/sub-category/{subCategoryId}/thread POST /apisite/friends/v1/user/following-exists POST /apisite/friends/v1/users/{userIdToAccept}/accept-friend-request POST /apisite/friends/v1/users/{userIdToDecline}/decline-friend-request POST /apisite/friends/v1/users/{userIdToFollow}/follow POST /apisite/friends/v1/users/{userIdToRemove}/unfriend POST /apisite/friends/v1/users/{userIdToRequest}/request-friendship POST /apisite/friends/v1/users/{userIdToUnfollow}/unfollow POST /apisite/groups/v1/groups/create POST /apisite/groups/v1/groups/policies POST /apisite/groups/v1/groups/{groupId}/change-owner POST /apisite/groups/v1/groups/{groupId}/claim-ownership POST /apisite/groups/v1/groups/{groupId}/description POST /apisite/groups/v1/groups/{groupId}/rolesets/create POST /apisite/groups/v1/groups/{groupId}/wall/posts POST /apisite/groups/v1/user/groups/primary POST /apisite/itemconfiguration/v1/assets/{assetId}/release POST /apisite/itemconfiguration/v1/assets/{assetId}/update POST /apisite/itemconfiguration/v1/assets/{assetId}/update-price POST /apisite/itemconfiguration/v1/creations/get-asset-details POST /apisite/metrics/v1/performance/measurements POST /apisite/metrics/v1/performance/send-measurement POST /apisite/metrics/v1/thumbnails/load POST /apisite/notifications/v2/stream-notifications/clear-unread POST /apisite/notifications/v2/stream-notifications/mark-interacted POST /apisite/presence/v1/presence/register-app-presence POST /apisite/presence/v1/presence/users POST /apisite/privatemessages/v1/messages/archive POST /apisite/privatemessages/v1/messages/mark-read POST /apisite/privatemessages/v1/messages/mark-unread POST /apisite/privatemessages/v1/messages/send POST /apisite/privatemessages/v1/messages/unarchive POST /apisite/thumbnails/v1/batch POST /apisite/trades/v1/trades/send POST /apisite/trades/v1/trades/{tradeId}/accept POST /apisite/trades/v1/trades/{tradeId}/decline POST /apisite/users/v1/usernames/users POST /apisite/users/v1/users POST /asset/toggle-profile POST /comments/post POST /develop/upload POST /develop/upload-version POST /game/validate-machine POST /gs/a POST /gs/activity POST /gs/delete POST /gs/ping POST /gs/players/report POST /gs/shutdown POST /internal/gameserver/heartbeat POST /internal/gameserver/shutdown POST /internal/gameserver/upload/avatar-render POST /persistence/getSortedValues POST /persistence/getv2 POST /persistence/increment POST /persistence/set POST /users/set-builders-clubFound on 2026-02-02 05:40
-
-
Open service 104.21.68.13:443 ยท economysimulator.com
2026-01-23 01:27
HTTP/1.1 302 Found Date: Fri, 23 Jan 2026 01:27:06 GMT Transfer-Encoding: chunked Connection: close alt-svc: h3=":443"; ma=86400 content-security-policy: default-src 'self'; img-src 'self' data:; child-src 'self'; script-src 'unsafe-eval' 'self' https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js https://example.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css; font-src 'self' fonts.gstatic.com; connect-src 'self' https://*.example.com wss://*.example.com https://hcaptcha.com https://*.hcaptcha.com https://*.cdn.com; worker-src 'self'; cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin location: /auth/home Server: cloudflare strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 Caddy x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block cf-cache-status: DYNAMIC Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UvB4q85yBwNPh7EBKLDpl8pVQZaHSF1753KDHdhpt9MT7rlqAFlGGjpOTEsw55v04KlueFR8haJ3vWyQ3QAKYRUfEPyzOF2uXpOsdB%2BGMJvG6x1Z"}]} CF-RAY: 9c2381bafbe8b71e-FRA Object moved to <a href="/auth/home">here</a>.Found 2026-01-23 by HttpPluginCreate report
economysimulator.com*.economysimulator.com
CN:
economysimulator.com
Not before:
2026-01-13 17:24
Not after:
2026-04-13 18:23