Domain halosb.com
Singapore
Software information
openresty
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 00:28
Last seen 2026-01-16 00:43
Open for 48 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-01-16 00:43
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 00:28
Last seen 2026-01-30 01:32
Open for 62 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-01-30 01:32
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 00:28
Last seen 2026-01-16 04:39
Open for 48 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-01-16 04:39
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 00:28
Last seen 2026-02-08 22:33
Open for 71 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2026-02-08 22:33
-
-
Open service 43.159.99.31:443 · www.halosb.com
2026-01-23 01:06
HTTP/1.1 200 OK Server: openresty Content-Type: text/html Vary: Accept-Encoding Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Language: zh-CN Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin set-cookie: XSRF-TOKEN=0a311126-b36d-4d1c-bd9f-2b49167ba0d0; Path=/; HTTPOnly Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: must-revalidate, no-cache, no-store, max-age=0 Transfer-Encoding: chunked Connection: close Date: Fri, 23 Jan 2026 01:06:36 GMT EO-LOG-UUID: 1169641771762016481 EO-Cache-Status: MISS
Found 2026-01-23 by HttpPluginCreate report
-
Open service 43.159.99.31:80 · www.halosb.com
2026-01-23 00:52
HTTP/1.1 301 Moved Permanently Server: openresty Content-Type: text/html Location: https://www.halosb.com/ Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 166 Connection: close Date: Fri, 23 Jan 2026 00:52:51 GMT EO-LOG-UUID: 7414301687515865530 EO-Cache-Status: MISS Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>openresty</center> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 43.159.99.31:80 · halosb.com
2026-01-22 22:06
HTTP/1.1 301 Moved Permanently Server: openresty Content-Type: text/html Location: https://halosb.com/ Strict-Transport-Security: max-age=31536000; includeSubDomains Access-Control-Allow-Origin: https://www.halosb.com Access-Control-Allow-Methods: GET,POST,OPTIONS,PUT,DELETE Access-Control-Allow-Credentials: true Content-Length: 166 Connection: close Date: Thu, 22 Jan 2026 22:07:02 GMT EO-LOG-UUID: 15909458881925937994 EO-Cache-Status: MISS Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>openresty</center> </body> </html>
Found 2026-01-22 by HttpPluginCreate report
-
Open service 43.159.99.31:80 · halosb.com
2026-01-09 04:10
HTTP/1.1 200 OK Server: openresty Content-Type: text/html Vary: Accept-Encoding Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Content-Language: zh-CN Pragma: no-cache Expires: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 Referrer-Policy: strict-origin-when-cross-origin Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 98020 Accept-Ranges: bytes Connection: close Date: Fri, 09 Jan 2026 04:10:42 GMT Age: 1255328 EO-LOG-UUID: 5990845771337727860 EO-Cache-Status: HIT Cache-Control: max-age=0 Page title: 知栖小筑 | 没有bug的代码是不完美的 <!doctype html> <html lang="zh-CN"> <head> <meta charset="UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title >知栖小筑 | 没有bug的代码是不完美的</title> <meta name="description" content="没有bug的代码是不完美的" /> <meta name="author" content="知栖小筑" /> <link rel="canonical" href="https://www.halosb.com" /> <link rel="icon" href="/upload/logo.webp" /> <link rel="apple-touch-icon" href="/upload/logo.webp" /> <link rel="alternate" type="application/rss+xml" href="https://www.halosb.com/rss.xml" title="知栖小筑 - RSS Feed" /> <meta property="og:site_name" content="知栖小筑" /> <meta property="og:locale" content="zh_CN" /> <meta property="og:type" content="website" /> <meta property="og:title" content="知栖小筑" /> <meta property="og:description" content="没有bug的代码是不完美的" /> <meta property="og:url" content="https://www.halosb.com" /> <meta property="og:image" content="/upload/logo2.webp" /> <meta name="twitter:card" content="summary_large_image" /> <meta name="twitter:title" content="知栖小筑" /> <meta name="twitter:description" content="没有bug的代码是不完美的" /> <meta name="twitter:image" content="/upload/logo2.webp" /> <link rel="stylesheet" href="/themes/theme-clarity/assets/fonts/JetBrainsMono-Regular/jetBrainsMonoRegular.css?v=1.1.1" media="print" onload="this.media = 'all'" /> <link rel="stylesheet" href="/themes/theme-clarity/assets/fonts/JetBrainsMono-Italic/jetBrainsMonoItalic.css?v=1.1.1" media="print" onload="this.media = 'all'" /> <style>@font-face { font-family: "Logo Font"; font-weight: 700; src: url("//at.alicdn.com/wf/webfont/cKoofVUAeETk/oG79FelL85Xf.woff2") format("woff2"), url("//at.alicdn.com/wf/webfont/cKoofVUAeETk/sTUj8EWKNZtT.woff") format("woff"); font-variation-settings: normal; font-display: swap; } .webfont { font-family: "Logo Font"; font-variation-settings: normal; }</style> <link rel="stylesheet" href="/themes/theme-clarity/assets/dist/vendor.css?v=1.1.1" /> <link rel="stylesheet" href="/themes/theme-clarity/assets/dist/main.css?v=1.1.1" /> <script type="module" src="/themes/theme-clarity/assets/dist/main.js?v=1.1.1"></script> <style> :root, :root.light, :root.dark { --c-primary: #3b82f6 !important; --c-primary-soft: color-mix(in srgb, #3b82f6, transparent 85%) !important; --c-accent: #60a5fa !important; } </style> <script> (function () { const theme = localStorage.getItem("theme") || "system"; const isDark = theme === "dark" || (theme === "system" && window.matchMedia("(prefers-color-scheme: dark)").matches); if (isDark) { document.documentElement.classList.add("dark"); } })(); </script> <link rel="manifest" href="/apis/api.pwa.kunkunyu.com/v1alpha1/basic-config"/><meta content="Halo 2.22.1" name="generator"/><!-- plugin-comment-widget start --> <link rel="modulepreload" href="/plugins/PluginCommentWidget/assets/static/comment-widget.js?version=3.0.0"> <link rel="stylesheet" href="/plugins/PluginCommentWidget/assets/static/index.css?version=3.0.0" /> <!-- plugin-comment-widget end --> <!-- comment-interact start --> <script defer src="/plugins/comment-interact/assets/static/comment-reference.umd.js?version=1.0.1"></script> <!-- comment-interact end --> <script src="/plugins/plugin-thyuu-embed/assets/static/thyuu-embed.iife.js?version=1.1.4"></script> <!-- PluginSearchWidget start --> <script src="/plugins/PluginSearchWidget/assets/static/search-widget.iife.js?version=1.7.1" defer></script> <link rel="stylesheet" href="/plugins/PluginSearchWidget/assets/Found 2026-01-09 by HttpPluginCreate report