Domain my.observer.town
United States
Software information
Apache
tcp/443 tcp/80
nginx 1.14.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-21 12:04
Last seen 2026-02-09 23:13
Open for 50 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-09 23:13
-
-
Open service 67.222.38.131:443 · www.my.observer.town
2026-01-24 16:57
HTTP/1.1 200 OK Date: Sat, 24 Jan 2026 16:58:00 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, close Last-Modified: Thu, 22 Feb 2018 14:52:30 GMT Accept-Ranges: bytes Content-Length: 0 host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type: text/html
Found 2026-01-24 by HttpPluginCreate report
-
Open service 67.222.38.131:80 · www.my.observer.town
2026-01-24 16:57
HTTP/1.1 301 Moved Permanently Date: Sat, 24 Jan 2026 16:58:09 GMT Server: Apache Location: https://www.my.observer.town/ Content-Length: 237 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 301 Moved Permanently <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://www.my.observer.town/">here</a>.</p> </body></html>
Found 2026-01-24 by HttpPluginCreate report
-
Open service 3.216.42.100:443 · my.observer.town
2026-01-23 15:22
HTTP/1.1 302 Found Server: nginx/1.14.0 (Ubuntu) Date: Fri, 23 Jan 2026 15:22:34 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 29 Connection: close X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Location: /v2/app Vary: Accept, Accept-Encoding Set-Cookie: connect.sid=s%3AL9D7m_6dPRr4KG00ebWB17dk9-6ZtMOc.q7JG9%2BhvxK4tP4I2LafORHikbav%2FCIU9iRM4EDFN6t4; Path=/; HttpOnly Found. Redirecting to /v2/app
Found 2026-01-23 by HttpPluginCreate report
-
Open service 3.216.42.100:443 · my.observer.town
2026-01-09 20:21
HTTP/1.1 302 Found Server: nginx/1.14.0 (Ubuntu) Date: Fri, 09 Jan 2026 20:21:40 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 29 Connection: close X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Location: /v2/app Vary: Accept, Accept-Encoding Set-Cookie: connect.sid=s%3A2MkZRezbAHWMIcww3DNmJwTgqL2A8oS6.2i0eBFFe10BM6x3k0XVYtL233TtIvbyKemxwkI9PPBo; Path=/; HttpOnly Found. Redirecting to /v2/app
Found 2026-01-09 by HttpPluginCreate report
-
Open service 3.216.42.100:443 · my.observer.town
2025-12-23 10:02
HTTP/1.1 302 Found Server: nginx/1.14.0 (Ubuntu) Date: Tue, 23 Dec 2025 10:02:56 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 29 Connection: close X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Location: /v2/app Vary: Accept, Accept-Encoding Set-Cookie: connect.sid=s%3AMMWE0p1EkYfxDBMeRFigzW4jKxwCNiwk.AJdu7LJypzAL1XoUHzqw1gkQGG81WNFd6cpYHzDrDWQ; Path=/; HttpOnly Found. Redirecting to /v2/app
Found 2025-12-23 by HttpPluginCreate report