Domain api.hansfans.com
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-16 22:58
Last seen 2026-01-09 10:42
Open for 84 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-09 10:42
-
-
Open service 2.16.206.135:443 · api.hansfans.com
2026-01-09 10:42
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Fri, 09 Jan 2026 10:42:05 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 10:42:05 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1767955325948_34655642_1900950812_1362_1033_9_30_-";dur=1 {"error":"Home"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 2.16.206.135:443 · api.hansfans.com
2026-01-02 04:31
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Fri, 02 Jan 2026 04:31:16 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 02 Jan 2026 04:31:16 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1767328276470_34655642_2872090137_1634_717_15_24_-";dur=1 {"error":"Home"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 2.16.206.135:443 · api.hansfans.com
2025-12-22 19:02
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Mon, 22 Dec 2025 19:02:14 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 19:02:14 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766430134004_34655623_1431236740_2221_1021_12_23_-";dur=1 {"error":"Home"}Found 2025-12-22 by HttpPluginCreate report
-
Open service 2.16.183.223:443 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Sun, 21 Dec 2025 21:06:03 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:03 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766351163202_399897887_419760932_1901_1302_164_178_-";dur=1 {"error":"Home"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 2.16.183.224:80 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 301 Moved Permanently Content-Type: text/html Content-Length: 178 Location: https://origin-api.hansfans.com/ Expires: Sun, 21 Dec 2025 21:06:05 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:05 GMT Connection: close Server-Timing: ak_p; desc="1766351165695_399897888_257671391_1392_1911_91_0_-";dur=1 Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.24.0 (Ubuntu)</center> </body> </html>
Found 2025-12-21 by HttpPluginCreate report
-
Open service 2.16.183.224:443 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Sun, 21 Dec 2025 21:06:03 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:03 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766351162772_399897887_419760255_62599_1787_18_107_-";dur=1 {"error":"Home"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 2a02:26f0:7100::1720:ee0a:80 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 301 Moved Permanently Content-Type: text/html Content-Length: 178 Location: https://origin-api.hansfans.com/ Expires: Sun, 21 Dec 2025 21:06:05 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:05 GMT Connection: close Server-Timing: ak_p; desc="1766351165251_388034054_306396639_1885_1802_0_0_-";dur=1 Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.24.0 (Ubuntu)</center> </body> </html>
Found 2025-12-21 by HttpPluginCreate report
-
Open service 2a02:26f0:7100::1720:ee0a:443 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Sun, 21 Dec 2025 21:06:02 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:02 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766351162292_388034054_306393322_1540_1263_1_23_-";dur=1 {"error":"Home"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 2a02:26f0:7100::213:c6c8:443 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Sun, 21 Dec 2025 21:06:02 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:02 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766351162137_34850500_332790952_4358_1992_0_74_-";dur=1 {"error":"Home"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 2a02:26f0:7100::213:c6c8:80 · api.hansfans.com
2025-12-21 21:06
HTTP/1.1 301 Moved Permanently Content-Type: text/html Content-Length: 178 Location: https://origin-api.hansfans.com/ Expires: Sun, 21 Dec 2025 21:06:05 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 21:06:05 GMT Connection: close Server-Timing: ak_p; desc="1766351165087_34850500_332794142_1473_1750_14_0_-";dur=1 Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.24.0 (Ubuntu)</center> </body> </html>
Found 2025-12-21 by HttpPluginCreate report
-
Open service 2.16.206.135:443 · api.hansfans.com
2025-12-20 19:49
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Sat, 20 Dec 2025 19:49:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 20 Dec 2025 19:49:24 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766260164145_34655623_882627260_2198_1174_15_28_-";dur=1 {"error":"Home"}Found 2025-12-20 by HttpPluginCreate report
-
Open service 2.16.206.135:443 · api.hansfans.com
2025-12-19 01:29
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=utf-8 Content-Length: 16 Vary: Origin ETag: W/"10-qO8GjQHDizjpZgmZkebg1MdyQa4" Expires: Fri, 19 Dec 2025 01:29:19 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 19 Dec 2025 01:29:19 GMT Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600 Connection: close Server-Timing: ak_p; desc="1766107759461_34655642_1128017336_19212_690_8_24_-";dur=1 {"error":"Home"}Found 2025-12-19 by HttpPluginCreate report