Domain suzmiya.com
China
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-27 02:03
Last seen 2026-02-09 11:32
Open for 44 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-09 11:32
-
-
Open service 122.188.44.139:443 · suzmiya.com
2026-01-23 05:58
HTTP/1.1 200 OK Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Type: text/html Content-Language: en-US Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin set-cookie: XSRF-TOKEN=35bd1b53-dfac-4c07-8e06-471d6eca3c21; Path=/; HTTPOnly Server: Lego Server Date: Fri, 23 Jan 2026 05:59:12 GMT X-Cache-Lookup: Cache Miss X-Cache-Lookup: Hit From Upstream Cluster X-Cache-Lookup: Hit From Inner Cluster Cache-Control: must-revalidate, no-cache, no-store, max-age=0 Age: 0 Transfer-Encoding: chunked X-NWS-LOG-UUID: 4765237459327884136 Connection: close X-Cache-Lookup: Cache Miss Strict-Transport-Security: max-age=2592000;
Found 2026-01-23 by HttpPluginCreate report
-
Open service 122.188.44.139:443 · suzmiya.com
2026-01-09 23:44
HTTP/1.1 200 OK Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Type: text/html Content-Language: en-US Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin set-cookie: XSRF-TOKEN=82e430aa-f55b-4752-8aaf-5f4d0976201b; Path=/; HTTPOnly Server: Lego Server Date: Fri, 09 Jan 2026 23:45:02 GMT X-Cache-Lookup: Cache Miss X-Cache-Lookup: Hit From Upstream Cluster X-Cache-Lookup: Hit From Inner Cluster Cache-Control: must-revalidate, no-cache, no-store, max-age=0 Age: 0 Transfer-Encoding: chunked X-NWS-LOG-UUID: 11260746938544836989 Connection: close X-Cache-Lookup: Cache Miss Strict-Transport-Security: max-age=2592000;
Found 2026-01-09 by HttpPluginCreate report
-
Open service 122.188.44.139:443 · suzmiya.com
2026-01-02 21:20
HTTP/1.1 200 OK Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Type: text/html Content-Language: en-US Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin set-cookie: XSRF-TOKEN=98bde1a2-afac-4d66-9f9c-ba5f47770161; Path=/; HTTPOnly Server: Lego Server Date: Fri, 02 Jan 2026 21:20:07 GMT X-Cache-Lookup: Cache Miss X-Cache-Lookup: Hit From Upstream Cluster X-Cache-Lookup: Hit From Inner Cluster Cache-Control: must-revalidate, no-cache, no-store, max-age=0 Age: 0 Transfer-Encoding: chunked X-NWS-LOG-UUID: 5245082638910802396 Connection: close X-Cache-Lookup: Cache Miss Strict-Transport-Security: max-age=2592000;
Found 2026-01-02 by HttpPluginCreate report