LeakIX - Host www.ctrlr.cc

Domain www.ctrlr.cc

United States

LEVEL3

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 207.120.36.139
Domain: www.ctrlr.cc
Port: 443
URL: https://www.ctrlr.cc

First seen 2025-10-19 17:44
Last seen 2025-10-31 09:19
Open for 11 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff43a81ce88f562b774ca7894bf46905fba96905fba9
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /coupons
GET /coupons/hascoupon
GET /coupons/verify
GET /language
```
  Found on 2025-10-31 09:19
Create report

Open service 207.120.36.139:443 · www.ctrlr.cc

2025-12-30 08:26

HTTP/1.1 403 Forbidden
Date: Tue, 30 Dec 2025 08:26:14 GMT
Content-Type: text/html
Content-Length: 118
Connection: close
X-Varnish: 13046794
Age: 0
Via: 1.1 varnish (Varnish/6.3)
section-io-cache: Miss
section-io-id: 8edee101314d03ad658f01da015cfd15

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

Found 2025-12-30 by HttpPlugin

Create report

Open service 207.120.36.139:443 · www.ctrlr.cc

2025-12-22 08:41

HTTP/1.1 403 Forbidden
Date: Mon, 22 Dec 2025 08:41:56 GMT
Content-Type: text/html
Content-Length: 118
Connection: close
X-Varnish: 8249666
Age: 0
Via: 1.1 varnish (Varnish/6.3)
section-io-cache: Miss
section-io-id: fabf2abe3524711160ddff7ca5a9f9e7

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

Open service 207.120.36.139:443 · www.ctrlr.cc

2025-12-20 09:18

HTTP/1.1 403 Forbidden
Date: Sat, 20 Dec 2025 09:18:42 GMT
Content-Type: text/html
Content-Length: 118
Connection: close
X-Varnish: 5087365
Age: 0
Via: 1.1 varnish (Varnish/6.3)
section-io-cache: Miss
section-io-id: a4eb2bbdd8ed04916876b1d115b5ea72

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

Found 2025-12-20 by HttpPlugin

Create report

www.ctrlr.cc

Fingerprint:

791b5edc7c01a8eae19d6ee52f08e5559caab804f6700c453a83d37765c88af4

CN:

www.ctrlr.cc

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-18 15:57

Not after:

2026-03-18 15:57

Domain summary

www.ctrlr.cc 3

1 recorded

IP summary

207.120.36.139 2

1 recorded

Domain www.ctrlr.cc

United States

Swagger API description is publicly available

Create report

Create report

Create report

www.ctrlr.cc

Domain summary

IP summary