LeakIX - Host api.timesshoppingguide.com

Domain api.timesshoppingguide.com

Germany

Akamai International B.V.

Ubuntu

Software information

nginx nginx 1.18.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.53.42.187
Domain: api.timesshoppingguide.com
Port: 443
URL: https://api.timesshoppingguide.com

First seen 2025-12-08 06:44
Last seen 2026-02-08 23:44
Open for 62 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-02-08 23:44
Create report

Open service 23.53.42.187:443 · api.timesshoppingguide.com

2026-01-08 23:18

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: nginx/1.18.0 (Ubuntu)
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
X-Akamai-Transformed: 9 - 0 pmb=mRUM,1
Cache-Control: max-age=30364480
Expires: Sat, 26 Dec 2026 09:52:53 GMT
Date: Thu, 08 Jan 2026 23:18:13 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767914293320_389360287_1684289885_36_6851_0_7_-";dur=1


ok

Found 2026-01-08 by HttpPlugin

Create report

Open service 23.53.42.187:443 · api.timesshoppingguide.com

2026-01-01 22:35

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: nginx/1.18.0 (Ubuntu)
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
X-Akamai-Transformed: 9 2 0 pmb=mRUM,1
Cache-Control: max-age=30971837
Expires: Sat, 26 Dec 2026 09:52:52 GMT
Date: Thu, 01 Jan 2026 22:35:35 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=489
Server-Timing: origin; dur=0
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767306934362_389360287_1146221351_48872_16570_156_186_-";dur=1


ok

Found 2026-01-01 by HttpPlugin

Create report

Open service 23.53.42.187:443 · api.timesshoppingguide.com

2025-12-23 01:42

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: nginx/1.18.0 (Ubuntu)
Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
ETag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
X-Akamai-Transformed: 9 - 0 pmb=mRUM,1
Cache-Control: max-age=30486125
Expires: Thu, 10 Dec 2026 22:05:00 GMT
Date: Tue, 23 Dec 2025 01:42:55 GMT
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1766454175176_389360311_162470624_63_11052_0_16_-";dur=1


ok

Found 2025-12-23 by HttpPlugin

Create report

api.timesshoppingguide.comcheesecentralbeta.timesfoodie.comcheeseitup.timesfoodie.comcheeseitupbeta.timesfoodie.cometnow.bizetnow.co.inetnow.firm.inetnow.gen.inetnow.inetnow.infoeventaccess.inhindi.etnownews.comimages.timesdrive.inimages.timesfoodie.comkannada.timesnownews.comssocdn.timesprism.comssocdnstg.timesprism.comwww.bombaynow.inwww.bombaytimesnow.comwww.bombaytimesnow.inwww.economictimesnow.comwww.economictimesnow.inwww.enow.co.inwww.enowtv.comwww.enowtv.inwww.etnow-tv.comwww.etnow.mobiwww.etnow.net.inwww.etnow.orgwww.etnow.org.inwww.etnow.tvwww.etnow.uswww.etnowlive.asiawww.etnowlive.bizwww.etnowlive.co.inwww.etnowlive.comwww.etnowlive.inwww.etnowlive.infowww.etnowlive.mobiwww.etnowlive.netwww.etnowlive.net.inwww.etnowlive.orgwww.etnowlive.org.inwww.etnowlive.tvwww.etnowlive.uswww.etnowonline.asiawww.etnowonline.bizwww.etnowonline.co.inwww.etnowonline.co.ukwww.etnowonline.comwww.etnowonline.inwww.etnowonline.infowww.etnowonline.mobiwww.etnowonline.netwww.etnowonline.net.inwww.etnowonline.orgwww.etnowonline.org.inwww.etnowonline.uswww.etnowswadesh.cowww.etnowswadesh.co.inwww.etnowswadesh.comwww.etnowswadesh.inwww.etnowswadesh.livewww.etnowswadesh.netwww.etnowswadesh.onlinewww.etnowswadesh.orgwww.etnowswadesh.tvwww.eventaccess.inwww.mbnow.inwww.mirrornow.co.inwww.mirrornow.inwww.mirrornow.tvwww.nbtnow.comwww.nbtnow.inwww.risewithindia.comwww.risewithindia.inwww.timesbharat.comwww.timesbharat.inwww.timesnavbharat.comwww.timesnavbharat.inwww.timesnetwork.inwww.timesnetworkindia.comwww.timesnow.co.inwww.timesnow.firm.inwww.timesnow.inwww.timesnow.ind.inwww.timesnow.net.inwww.timesnow.orgwww.timesnow.org.inwww.timesnowmobile.co.inwww.timesnowmobile.inwww.timesnowmobile.tvwww.timesnownavbharat.cowww.timesnownavbharat.co.inwww.timesnownavbharat.inwww.timesnownavbharat.livewww.timesnownavbharat.netwww.timesnownavbharat.onlinewww.timesnownavbharat.org

Fingerprint:

6f539cbcf57560dbc227ddf01d579dd7bd7f548c52f86f797c29d2566c06a0f3

CN:

etnow.in

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-08 08:14

Not after:

2026-03-08 08:14

Domain summary

api.timesshoppingguide.com 3

1 recorded

IP summary

23.53.42.187 2

1 recorded

Domain api.timesshoppingguide.com

Germany

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Domain summary

IP summary