Domain uat.tflapis.com
United States
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-27 05:48
Last seen 2026-02-09 22:45
Open for 44 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354932c6d6280ab360ae23a45676bb1c6ed9caf965cdPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /Cart/{id} GET /Cart/{shoppingCartId}/Items GET /Cart/{shoppingCartId}/Items/{id} GET /Catalog/Autocomplete GET /Catalog/Categories GET /Catalog/Categories/{id} GET /Catalog/Events GET /Catalog/Events/{id} GET /Catalog/Events/{id}/Tickets GET /Catalog/Performers GET /Catalog/Performers/{id} GET /Catalog/Venues GET /Catalog/Venues/{id} GET /ConsumerKey GET /Customers/{id} GET /Orders GET /Orders/{orderNumber} GET /Tickets/DeliveryMethods GET /Tickets/{id} GET /Webhooks GET /Webhooks/{id} POST /Cart POST /Cart/Checkout POST /Cart/{shoppingCartId}/Checkout POST /CustomersFound on 2026-02-09 22:45
-
-
Open service 20.40.202.14:443 · uat.tflapis.com
2026-01-23 13:26
HTTP/1.1 302 Redirect Content-Length: 165 Connection: close Content-Type: text/html; charset=UTF-8 Date: Fri, 23 Jan 2026 13:26:43 GMT Server: Microsoft-IIS/10.0 Location: https://uat.tflapis.com/swagger/index.html Set-Cookie: ARRAffinity=4c49b4f3b902e350a1ad9525cd5ea7ce8ed6f76059805385024f1537955c5059;Path=/;HttpOnly;Secure;Domain=uat.tflapis.com Set-Cookie: ARRAffinitySameSite=4c49b4f3b902e350a1ad9525cd5ea7ce8ed6f76059805385024f1537955c5059;Path=/;HttpOnly;SameSite=None;Secure;Domain=uat.tflapis.com X-Powered-By: ASP.NET Page title: Document Moved <head><title>Document Moved</title></head> <body><h1>Object Moved</h1>This document may be found <a HREF="https://uat.tflapis.com/swagger/index.html">here</a></body>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 20.40.202.14:443 · uat.tflapis.com
2026-01-10 01:21
HTTP/1.1 302 Redirect Content-Length: 165 Connection: close Content-Type: text/html; charset=UTF-8 Date: Sat, 10 Jan 2026 01:22:09 GMT Server: Microsoft-IIS/10.0 Location: https://uat.tflapis.com/swagger/index.html Set-Cookie: ARRAffinity=bc8e171b7c002d3bb23de8e3244cd18e70004f34dd2c93bbe3345e8d9a795961;Path=/;HttpOnly;Secure;Domain=uat.tflapis.com Set-Cookie: ARRAffinitySameSite=bc8e171b7c002d3bb23de8e3244cd18e70004f34dd2c93bbe3345e8d9a795961;Path=/;HttpOnly;SameSite=None;Secure;Domain=uat.tflapis.com X-Powered-By: ASP.NET Page title: Document Moved <head><title>Document Moved</title></head> <body><h1>Object Moved</h1>This document may be found <a HREF="https://uat.tflapis.com/swagger/index.html">here</a></body>
Found 2026-01-10 by HttpPluginCreate report