Domain json.myanmar.820.hk
China
Software information
Tengine
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-10 03:16
Last seen 2026-01-17 00:07
Open for 6 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-17 00:07
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-10 03:16-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-10 03:16
-
-
Open service 180.163.146.112:443 · json.myanmar.820.hk
2026-01-23 12:51
HTTP/1.1 200 OK Server: Tengine Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; base-uri 'self'; report-uri /csp-violation-report-endpoint/;block-all-mixed-content; X-Powered-By: ASP.NET Date: Fri, 23 Jan 2026 12:52:00 GMT Via: ens-cache14.l2hk12[24,0], kunlun3.cn7174[283,0] Timing-Allow-Origin: * EagleId: b4a3921717691727202948879e 看到这里页面说明你已经成功启动了本项目:)
Found 2026-01-23 by HttpPluginCreate report
-
Open service 180.163.146.112:443 · json.myanmar.820.hk
2026-01-10 03:16
HTTP/1.1 200 OK Server: Tengine Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; base-uri 'self'; report-uri /csp-violation-report-endpoint/;block-all-mixed-content; X-Powered-By: ASP.NET Date: Sat, 10 Jan 2026 03:16:25 GMT Via: ens-cache13.l2hk12[16,0], kunlun10.cn7174[54,0] Timing-Allow-Origin: * EagleId: b4a3921e17680149858545904e 看到这里页面说明你已经成功启动了本项目:)
Found 2026-01-10 by HttpPluginCreate report
-
Open service 180.163.146.112:80 · json.myanmar.820.hk
2026-01-10 03:16
HTTP/1.1 200 OK Server: Tengine Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; base-uri 'self'; report-uri /csp-violation-report-endpoint/;block-all-mixed-content; X-Powered-By: ASP.NET Date: Sat, 10 Jan 2026 03:16:25 GMT Via: ens-cache26.l2hk12[17,0], kunlun1.cn7174[56,0] Timing-Allow-Origin: * EagleId: b4a3921517680149854555200e 看到这里页面说明你已经成功启动了本项目:)
Found 2026-01-10 by HttpPluginCreate report