Domain notes.tdsecurities.com
Germany
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-17 13:28
Last seen 2026-01-09 01:28
Open for 83 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110b5863c070598b46604d138658e5bccfbcd909f8ba4c86cPublic Swagger UI/API detected at path: /api-docs/swagger.json - sample paths: GET /api/v1/note-reports GET /api/v1/note-reports/download-csv GET /api/v1/note-test/daily-performance GET /api/v1/note-test/data-type GET /api/v1/note-test/debt-type GET /api/v1/note-test/enum-field GET /api/v1/note-test/feature-field GET /api/v1/note-test/file GET /api/v1/note-test/file/duplicate GET /api/v1/note-test/file/{code}/download GET /api/v1/note-test/issuer GET /api/v1/note-test/issuer-rating GET /api/v1/note-test/note GET /api/v1/note-test/note/{code} GET /api/v1/note-test/rating GET /api/v1/note-test/underlying-info GET /api/v1/notes GET /api/v1/notes/codes/details GET /api/v1/notes/enums/all GET /api/v1/notes/file/{code}/download GET /api/v1/notes/file/{code}/{fileType}/{lang} GET /api/v1/notes/file/{id} GET /api/v1/notes/{code} GET /api/v1/priip-document/all GET /api/v1/priip-document/download/{id} GET /api/v1/priip/download/{id} GET /api/v1/priip/search GET /api/v1/sn-event GET /api/v1/sn-event/corp-action-event GET /api/v1/sn-event/corp-action/{corpActionId} GET /api/v1/sn-event/event-description GET /api/v1/sn-event/lifecycle-event GET /api/v1/static/file GET /api/v1/static/file/download GET /api/v1/static/file/download/{id} GET /api/v1/vault/ga/flag GET /api/v1/vault/ga/track-id GET /env GET /health GET /infoFound on 2026-01-09 01:28
-
-
Open service 2.16.204.89:443 · notes.tdsecurities.com
2026-01-09 01:28
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Microsoft-IIS/10.0 ETag: W/"418-199ede146e0" Last-Modified: Thu, 16 Oct 2025 16:36:28 GMT X-Request-ID: e25d8da449194e30b6b556bf87672a2b X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-Powered-By: ASP.NET Expires: Fri, 09 Jan 2026 01:28:56 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 01:28:56 GMT Content-Length: 1048 Connection: close Set-Cookie: connect.sid=s%3AibciUwKmfEIqNWfqA_ol2_j64EWvdW50.s72noGu7J92aU%2Bo42e%2FIu276okOqVSlQdTZYFKDz714; Path=/; Expires=Fri, 09 Jan 2026 22:37:28 GMT; HttpOnly; Secure Strict-Transport-Security: max-age=86400 Page title: TD One Portal - Header NavTDS Structured Notes <!doctype html><html lang="en" xml:lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="description" content=""/><meta name="author" content=""/><link rel="shortcut icon" href="assets/img/favicon.ico"/><title>TD One Portal - Header Nav</title><link rel="shortcut icon" href="/assets/img/favicon.ico" type="image/vnd.microsoft.icon"/><link href="/assets/css/td-standards.css" rel="stylesheet"/><link href="/assets/css/extra/td-spacers.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.comp.css" rel="stylesheet"/><link href="/assets/css/tds-react-overrides.css" rel="stylesheet"/><title>TDS Structured Notes</title><script defer="defer" src="/static/js/main.1e84cc8c.js"></script><link href="/static/css/main.88cc226f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 2.16.204.89:443 · notes.tdsecurities.com
2026-01-02 06:26
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Microsoft-IIS/10.0 ETag: W/"418-199ede146e0" Last-Modified: Thu, 16 Oct 2025 16:36:28 GMT X-Request-ID: 297a4addc40f4630b7d3c3a43e6c0683 X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-Powered-By: ASP.NET Expires: Fri, 02 Jan 2026 06:26:15 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 02 Jan 2026 06:26:15 GMT Content-Length: 1048 Connection: close Set-Cookie: connect.sid=s%3Aa-WZ4AJVdbPZRaY94iEGJRPou9JgtJS8.euFCRymt0dVN1puOpPqtHMtyn2btTJf%2BsH9FYcQPzQ4; Path=/; Expires=Mon, 05 Jan 2026 13:40:50 GMT; HttpOnly; Secure Strict-Transport-Security: max-age=86400 Page title: TD One Portal - Header NavTDS Structured Notes <!doctype html><html lang="en" xml:lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="description" content=""/><meta name="author" content=""/><link rel="shortcut icon" href="assets/img/favicon.ico"/><title>TD One Portal - Header Nav</title><link rel="shortcut icon" href="/assets/img/favicon.ico" type="image/vnd.microsoft.icon"/><link href="/assets/css/td-standards.css" rel="stylesheet"/><link href="/assets/css/extra/td-spacers.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.comp.css" rel="stylesheet"/><link href="/assets/css/tds-react-overrides.css" rel="stylesheet"/><title>TDS Structured Notes</title><script defer="defer" src="/static/js/main.1e84cc8c.js"></script><link href="/static/css/main.88cc226f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2.16.204.89:443 · notes.tdsecurities.com
2025-12-30 11:37
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Microsoft-IIS/10.0 ETag: W/"418-199ede146e0" Last-Modified: Thu, 16 Oct 2025 16:36:28 GMT X-Request-ID: bba44aa3a2e44f6096f6812be7dd71df X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-Powered-By: ASP.NET Expires: Tue, 30 Dec 2025 11:37:14 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 30 Dec 2025 11:37:14 GMT Content-Length: 1048 Connection: close Set-Cookie: connect.sid=s%3AGi19HzvcKnS4MYfl2FGreIXPe_MiCwBd.IADs4Ga9gOV9hTzuYExz4pfI3uyiara2ykgMsGJ8E%2Bo; Path=/; Expires=Mon, 05 Jan 2026 13:40:50 GMT; HttpOnly; Secure Set-Cookie: GDPR=true; expires=Tue, 30-Dec-2025 16:37:14 GMT; path=/ Strict-Transport-Security: max-age=86400 Page title: TD One Portal - Header NavTDS Structured Notes <!doctype html><html lang="en" xml:lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="description" content=""/><meta name="author" content=""/><link rel="shortcut icon" href="assets/img/favicon.ico"/><title>TD One Portal - Header Nav</title><link rel="shortcut icon" href="/assets/img/favicon.ico" type="image/vnd.microsoft.icon"/><link href="/assets/css/td-standards.css" rel="stylesheet"/><link href="/assets/css/extra/td-spacers.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.comp.css" rel="stylesheet"/><link href="/assets/css/tds-react-overrides.css" rel="stylesheet"/><title>TDS Structured Notes</title><script defer="defer" src="/static/js/main.1e84cc8c.js"></script><link href="/static/css/main.88cc226f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
Found 2025-12-30 by HttpPluginCreate report
-
Open service 2.16.204.89:443 · notes.tdsecurities.com
2025-12-22 10:52
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Microsoft-IIS/10.0 ETag: W/"418-199ede146e0" Last-Modified: Thu, 16 Oct 2025 16:36:28 GMT X-Request-ID: 6a1a231c526646b98d482d9681764482 X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-Powered-By: ASP.NET Expires: Mon, 22 Dec 2025 10:52:13 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 10:52:13 GMT Content-Length: 1048 Connection: close Set-Cookie: connect.sid=s%3ArNNpULvaPAmyZG1X2kCWKRrNfX4J2WhZ.tj8%2Br5VUSIQC%2BRUGwoP%2FTkyEAtx1BibI3BXN22zZpMk; Path=/; Expires=Mon, 29 Dec 2025 04:59:44 GMT; HttpOnly; Secure Strict-Transport-Security: max-age=86400 Page title: TD One Portal - Header NavTDS Structured Notes <!doctype html><html lang="en" xml:lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="description" content=""/><meta name="author" content=""/><link rel="shortcut icon" href="assets/img/favicon.ico"/><title>TD One Portal - Header Nav</title><link rel="shortcut icon" href="/assets/img/favicon.ico" type="image/vnd.microsoft.icon"/><link href="/assets/css/td-standards.css" rel="stylesheet"/><link href="/assets/css/extra/td-spacers.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.comp.css" rel="stylesheet"/><link href="/assets/css/tds-react-overrides.css" rel="stylesheet"/><title>TDS Structured Notes</title><script defer="defer" src="/static/js/main.1e84cc8c.js"></script><link href="/static/css/main.88cc226f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
Found 2025-12-22 by HttpPluginCreate report
-
Open service 2.16.204.89:443 · notes.tdsecurities.com
2025-12-21 05:12
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: Microsoft-IIS/10.0 ETag: W/"418-199ede146e0" Last-Modified: Thu, 16 Oct 2025 16:36:28 GMT X-Request-ID: d6343d79f64846c6a7fbc24f5f39a410 X-DNS-Prefetch-Control: off Expect-CT: max-age=0 X-Content-Type-Options: nosniff Origin-Agent-Cluster: ?1 X-Permitted-Cross-Domain-Policies: none X-XSS-Protection: 0 X-Powered-By: ASP.NET Expires: Sun, 21 Dec 2025 05:12:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sun, 21 Dec 2025 05:12:46 GMT Content-Length: 1048 Connection: close Set-Cookie: connect.sid=s%3AUISTfsrQVtF9EaZqDglu4zjwyEbvi-jT.HA6WTta2t4T7xl7%2FmPlY43M2HSnDndSAsAYLb6Mx8qw; Path=/; Expires=Sun, 28 Dec 2025 03:26:31 GMT; HttpOnly; Secure Strict-Transport-Security: max-age=86400 Page title: TD One Portal - Header NavTDS Structured Notes <!doctype html><html lang="en" xml:lang="en"><head><meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="description" content=""/><meta name="author" content=""/><link rel="shortcut icon" href="assets/img/favicon.ico"/><title>TD One Portal - Header Nav</title><link rel="shortcut icon" href="/assets/img/favicon.ico" type="image/vnd.microsoft.icon"/><link href="/assets/css/td-standards.css" rel="stylesheet"/><link href="/assets/css/extra/td-spacers.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.css" rel="stylesheet"/><link href="/assets/css/tds-one-portal.comp.css" rel="stylesheet"/><link href="/assets/css/tds-react-overrides.css" rel="stylesheet"/><title>TDS Structured Notes</title><script defer="defer" src="/static/js/main.1e84cc8c.js"></script><link href="/static/css/main.88cc226f.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div></body></html>
Found 2025-12-21 by HttpPluginCreate report