LeakIX - Host gateway.ebonpay.com

Domain gateway.ebonpay.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.136
Domain: gateway.ebonpay.com
Port: 443
URL: https://gateway.ebonpay.com

First seen 2025-10-24 06:28
Last seen 2026-01-09 07:48
Open for 77 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ec1fc9f56ab358aedd5ecc0d40b0d4b0610cac7ebe
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /actuator
GET /actuator/health
GET /actuator/health/{*path}
GET /actuator/info
GET /actuator/metrics
GET /actuator/metrics/{requiredMetricName}
```
  Found on 2026-01-09 07:48
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.136
Domain: gateway.ebonpay.com
Port: 80
URL: http://gateway.ebonpay.com

First seen 2025-10-24 06:28
Last seen 2026-01-09 07:44
Open for 77 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd110a331ec1fc9f56ab358aedd5ecc0d40b0d4b0610cac7ebe
```
Public Swagger UI/API detected at path: /v2/api-docs - sample paths:
GET /actuator
GET /actuator/health
GET /actuator/health/{*path}
GET /actuator/info
GET /actuator/metrics
GET /actuator/metrics/{requiredMetricName}
```
  Found on 2026-01-09 07:44
Create report

Open service 23.50.131.136:443 · gateway.ebonpay.com

2026-01-09 07:48

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Strict-Transport-Security: max-age=15724800; includeSubDomains
Expires: Fri, 09 Jan 2026 07:48:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Jan 2026 07:48:53 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=563
Server-Timing: origin; dur=16
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767944932503_389224204_2586280582_57717_6595_101_133_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.50.131.136:80 · gateway.ebonpay.com

2026-01-09 07:44

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Expires: Fri, 09 Jan 2026 07:44:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 09 Jan 2026 07:44:57 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=190
Server-Timing: origin; dur=12
Server-Timing: ak_p; desc="1767944697403_389224200_876228424_20095_4662_0_0_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.50.131.136:443 · gateway.ebonpay.com

2026-01-02 13:31

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Strict-Transport-Security: max-age=15724800; includeSubDomains
Expires: Fri, 02 Jan 2026 13:31:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jan 2026 13:31:55 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=187
Server-Timing: origin; dur=3
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767360714912_389224200_3355456317_18935_5609_0_3_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.50.131.136:80 · gateway.ebonpay.com

2026-01-02 05:17

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Expires: Fri, 02 Jan 2026 05:17:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jan 2026 05:17:26 GMT
Connection: close
Server-Timing: edge; dur=1
Server-Timing: origin; dur=147
Server-Timing: cdn-cache; desc=MISS
Server-Timing: ak_p; desc="1767331045861_389224200_3312631056_14782_5589_12_0_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.50.131.136:443 · gateway.ebonpay.com

2025-12-22 21:02

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Strict-Transport-Security: max-age=15724800; includeSubDomains
Expires: Mon, 22 Dec 2025 21:02:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Dec 2025 21:02:58 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=514
Server-Timing: origin; dur=3
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1766437378056_389224200_1394710531_51676_7763_13_71_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 23.50.131.136:80 · gateway.ebonpay.com

2025-12-22 13:40

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Expires: Mon, 22 Dec 2025 13:40:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Dec 2025 13:40:34 GMT
Connection: close
Server-Timing: edge; dur=1
Server-Timing: origin; dur=171
Server-Timing: cdn-cache; desc=MISS
Server-Timing: ak_p; desc="1766410834232_389224200_1325313915_17144_4825_84_0_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 23.50.131.136:443 · gateway.ebonpay.com

2025-12-20 23:22

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Strict-Transport-Security: max-age=15724800; includeSubDomains
Expires: Sat, 20 Dec 2025 23:22:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 20 Dec 2025 23:22:22 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=558
Server-Timing: origin; dur=17
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1766272941625_389224200_1101764355_57368_4805_87_94_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2025-12-20 by HttpPlugin

Create report

Open service 23.50.131.136:80 · gateway.ebonpay.com

2025-12-20 13:39

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Expires: Sat, 20 Dec 2025 13:39:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 20 Dec 2025 13:39:19 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=172
Server-Timing: origin; dur=5
Server-Timing: ak_p; desc="1766237959459_389224200_1018547147_17752_5519_11_0_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2025-12-20 by HttpPlugin

Create report

Open service 23.50.131.136:443 · gateway.ebonpay.com

2025-12-19 01:14

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 48
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Strict-Transport-Security: max-age=15724800; includeSubDomains
Expires: Fri, 19 Dec 2025 01:14:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 19 Dec 2025 01:14:09 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=508
Server-Timing: origin; dur=3
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1766106848700_389224204_444205146_51049_5122_0_16_-";dur=1


{"code":"500","message":"Internal Server Error"}

Found 2025-12-19 by HttpPlugin

Create report

au.ebonex.iocenter-gateway-uat.ebonex.ioclient.ebonpay.comcustomer.ebsec.comdemo-admin.ebonex.iodemo-kyx.ebonex.iodemo.ebonex.ioebfs-gateway-uat.ebonex.ioebpower-uat.ebonex.ioenergy-uat.ebonex.ioesp-gateway-uat.ebonex.ioforex-gateway-uat.ebonex.ioforex-openapi-uat.ebonex.iogateway.ebonex.iogateway.ebonpay.comgateway.qingyunpay.comh5.ebsec.comkyx.ebonfx.comopenapi.ebonfx.comopenapi.ebsec.comotc-admin.ebonex.iootc-kyx-uat.ebonex.iootc-kyx.ebonex.com.auotc-uat.ebonex.iootc.ebonex.com.auotc.ebonex.iootc.ebsec.compartnerconnect.redbacktech.compaycenter-uat.ebonex.ioportal-new.redbacktech.comportal.redbacktech.compush-center.ebonex.ioquote.ebsec.comrep.ebonfx.comsecurities-customer-uat.ebsec.comsecurities-quote-uat.ebsec.comsecurities-trade-uat.ebsec.comsecurities-ws-uat.ebsec.comstock-h5-uat.ebsec.comstock-otc-uat.ebsec.comstock-portal-uat.ebsec.comtrade.ebsec.comws.ebsec.comwww.ebang.cowww.ebang.comwww.ebang.com.cnwww.ebonex.ccwww.ebonex.com.auwww.ebonfx.comwww.ebonsolar.comwww.ebsec.comwww.luceo.energywww.qingyunpay.comwww.redbacktech.com

Fingerprint:

fce68213c8dd55d3c0e62d79bb7893b8d24f2f71101c887e98b5c66dbb86064d

CN:

www.ebonex.cc

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-13 01:07

Not after:

2026-02-11 01:07

Domain summary

gateway.ebonpay.com 10

1 recorded

IP summary

23.50.131.136 2

1 recorded

Domain gateway.ebonpay.com

Germany

Swagger API description is publicly available

Swagger API description is publicly available

Domain summary

IP summary