Domain tl-css.etb2bimg.com
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-06 07:04
Last seen 2026-02-09 06:40
Open for 94 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff431818dff1ab714ac2ab714ac2ab714ac2ab714ac2Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /v1/{portal}/{entity}/details/{course_id} GET /v1/{portal}/{entity}/{type}/{region}Found on 2026-02-09 06:40
-
-
Open service 2.16.206.18:443 · tl-css.etb2bimg.com
2026-01-23 01:28
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Last-Modified: Thu, 04 Dec 2025 02:56:30 GMT X-Cool: 22.144 Content-Language: en X-Frame-Options: sameorigin Strict-Transport-Security: max-age=25920000; includeSubdomains X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: public, max-age=180 Expires: Fri, 23 Jan 2026 01:31:08 GMT Date: Fri, 23 Jan 2026 01:28:08 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,POST
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.206.18:443 · tl-css.etb2bimg.com
2026-01-10 01:21
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Last-Modified: Thu, 04 Dec 2025 02:56:30 GMT X-Cool: 22.144 Content-Language: en X-Frame-Options: sameorigin Strict-Transport-Security: max-age=25920000; includeSubdomains X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: public, max-age=180 Expires: Sat, 10 Jan 2026 01:24:43 GMT Date: Sat, 10 Jan 2026 01:21:43 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,POST
Found 2026-01-10 by HttpPluginCreate report
-
Open service 2.16.206.18:443 · tl-css.etb2bimg.com
2026-01-03 00:56
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Last-Modified: Thu, 04 Dec 2025 02:56:30 GMT X-Cool: 22.144 Content-Language: en X-Frame-Options: sameorigin Strict-Transport-Security: max-age=25920000; includeSubdomains X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: public, max-age=180 Expires: Sat, 03 Jan 2026 00:59:27 GMT Date: Sat, 03 Jan 2026 00:56:27 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,POST
Found 2026-01-03 by HttpPluginCreate report
-
Open service 2.16.206.18:443 · tl-css.etb2bimg.com
2025-12-22 23:11
HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Pragma: no-cache Last-Modified: Thu, 04 Dec 2025 02:56:30 GMT X-Cool: 22.144 Content-Language: en X-Frame-Options: sameorigin Strict-Transport-Security: max-age=25920000; includeSubdomains X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Cache-Control: public, max-age=180 Expires: Mon, 22 Dec 2025 23:14:18 GMT Date: Mon, 22 Dec 2025 23:11:18 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: * Access-Control-Allow-Methods: GET,POST
Found 2025-12-22 by HttpPluginCreate report