LeakIX - Host 2.16.204.216

Host 2.16.204.216

Germany

Akamai International B.V.

Software information

AkamaiGHost

tcp/443 tcp/80

Bhoot

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.16.204.216
Domain: mcjs.etb2bimg.com
Port: 443
URL: https://mcjs.etb2bimg.com

First seen 2025-11-10 05:42
Last seen 2026-02-09 09:03
Open for 91 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b885ff431818dff1ab714ac2ab714ac2ab714ac2ab714ac2
```
Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /v1/{portal}/{entity}/details/{course_id}
GET /v1/{portal}/{entity}/{type}/{region}
```
  Found on 2026-02-09 09:03
Create report

Open service 2.16.204.216:80

2026-01-26 15:19

HTTP/1.0 400 Bad Request
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 312
Expires: Mon, 26 Jan 2026 15:20:13 GMT
Date: Mon, 26 Jan 2026 15:20:13 GMT
Connection: close

Page title: Invalid URL

<HTML><HEAD>
<TITLE>Invalid URL</TITLE>
</HEAD><BODY>
<H1>Invalid URL</H1>
The requested URL "&#91;no&#32;URL&#93;", is invalid.<p>
Reference&#32;&#35;9&#46;38221102&#46;1769440813&#46;7c4910e4
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;9&#46;38221102&#46;1769440813&#46;7c4910e4</P>
</BODY></HTML>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.216:443 · ie.disneydevelopment.co.uk

2026-01-26 09:58

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 2296
Cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html
Date: Mon, 26 Jan 2026 09:58:42 GMT
Connection: close
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
X-Disney-Akamai-Rule: Uncacheable Responses
X-Disney-Akamai-Rule: Offload
X-Disney-Akamai-Rule: Compressible Objects
X-Disney-Akamai-Rule: Performance
X-Disney-Akamai-Rule: Default Rule
Server-Timing: ak_p; desc="1769421522385_34677294_761606409_9_5035_160_163_-";dur=1

Page title: Server Security

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="robots" content="noindex,nofollow"/>
<title>Server Security</title>
<link rel="stylesheet" href="https://use.typekit.net/dwp3nbd.css">
<style>
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_1.woff2");font-weight:100 300}
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_2.woff2");font-weight:400}
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:InspireTWDC,Arial,sans-serif;background:#fff;display:flex;align-items:center;justify-content:center;min-height:100vh;padding:20px}
.container{width:100%;max-width:420px;text-align:center;color:#565656}
h1{font-size:clamp(2rem,5vw,3rem);margin-bottom:20px}
h3{font-size:clamp(1rem,2.5vw,1.25rem);line-height:1.6;margin-bottom:20px;font-weight:350}
img{width:75%;height:auto;margin-top:20px}
</style>
</head>
<body>
<div class="container">
<h1 id="h">HULK SMASH!</h1>
<h3><span id="m">Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.</span><br><br><b id="r">Reference:</b> 0.2e221102.1769421522.2d653109</h3>
<img src="est-assets/wdtci-emea/asset-3.jpg" alt="Hulk"/>
</div>
<script>
const t={
en:{h:"HULK SMASH!",m:"Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.",t:"Server Security | Walt Disney Travel Company International",r:"Reference:"},
de:{h:"HULK ZERSCHMETTERN!",m:"Etwas in Ihrer Anfrage hat das System verärgert. Die Seite existiert — Sie wurden jedoch vorübergehend vom Zugriff darauf blockiert.",t:"Serversicherheit | Walt Disney Travel Company International",r:"Referenz:"},
es:{h:"¡HULK APLASTAR!",m:"Algo en su solicitud enojó al sistema. La página existe, pero se le ha bloqueado temporalmente el acceso a ella.",t:"Seguridad del Servidor | Walt Disney Travel Company International",r:"Referencia:"}
};
const h=location.hostname;
const l=h.includes('.de')?t.de:h.includes('.es')?t.es:t.en;
document.title=l.t;
document.getElementById('h').textContent=l.h;
document.getElementById('m').textContent=l.m;
document.getElementById('r').textContent=l.r;
</script>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.216:80 · uk.disneydevelopment.co.uk

2026-01-26 09:58

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 2296
Cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html
Date: Mon, 26 Jan 2026 09:59:03 GMT
Connection: close
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
X-Disney-Akamai-Rule: Redirect to HTTPS
X-Disney-Akamai-Rule: Uncacheable Responses
X-Disney-Akamai-Rule: Offload
X-Disney-Akamai-Rule: Compressible Objects
X-Disney-Akamai-Rule: Performance
X-Disney-Akamai-Rule: Default Rule
Server-Timing: ak_p; desc="1769421543752_34677304_1992545255_13_7175_18_0_-";dur=1

Page title: Server Security

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="robots" content="noindex,nofollow"/>
<title>Server Security</title>
<link rel="stylesheet" href="https://use.typekit.net/dwp3nbd.css">
<style>
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_1.woff2");font-weight:100 300}
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_2.woff2");font-weight:400}
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:InspireTWDC,Arial,sans-serif;background:#fff;display:flex;align-items:center;justify-content:center;min-height:100vh;padding:20px}
.container{width:100%;max-width:420px;text-align:center;color:#565656}
h1{font-size:clamp(2rem,5vw,3rem);margin-bottom:20px}
h3{font-size:clamp(1rem,2.5vw,1.25rem);line-height:1.6;margin-bottom:20px;font-weight:350}
img{width:75%;height:auto;margin-top:20px}
</style>
</head>
<body>
<div class="container">
<h1 id="h">HULK SMASH!</h1>
<h3><span id="m">Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.</span><br><br><b id="r">Reference:</b> 0.38221102.1769421543.76c3d3e7</h3>
<img src="est-assets/wdtci-emea/asset-3.jpg" alt="Hulk"/>
</div>
<script>
const t={
en:{h:"HULK SMASH!",m:"Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.",t:"Server Security | Walt Disney Travel Company International",r:"Reference:"},
de:{h:"HULK ZERSCHMETTERN!",m:"Etwas in Ihrer Anfrage hat das System verärgert. Die Seite existiert — Sie wurden jedoch vorübergehend vom Zugriff darauf blockiert.",t:"Serversicherheit | Walt Disney Travel Company International",r:"Referenz:"},
es:{h:"¡HULK APLASTAR!",m:"Algo en su solicitud enojó al sistema. La página existe, pero se le ha bloqueado temporalmente el acceso a ella.",t:"Seguridad del Servidor | Walt Disney Travel Company International",r:"Referencia:"}
};
const h=location.hostname;
const l=h.includes('.de')?t.de:h.includes('.es')?t.es:t.en;
document.title=l.t;
document.getElementById('h').textContent=l.h;
document.getElementById('m').textContent=l.m;
document.getElementById('r').textContent=l.r;
</script>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.216:443 · uk.disneydevelopment.co.uk

2026-01-26 09:58

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 2296
Cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html
Date: Mon, 26 Jan 2026 09:58:42 GMT
Connection: close
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
X-Disney-Akamai-Rule: Uncacheable Responses
X-Disney-Akamai-Rule: Offload
X-Disney-Akamai-Rule: Compressible Objects
X-Disney-Akamai-Rule: Performance
X-Disney-Akamai-Rule: Default Rule
Server-Timing: ak_p; desc="1769421522328_34677304_1992428437_10_6646_162_165_-";dur=1

Page title: Server Security

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="robots" content="noindex,nofollow"/>
<title>Server Security</title>
<link rel="stylesheet" href="https://use.typekit.net/dwp3nbd.css">
<style>
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_1.woff2");font-weight:100 300}
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_2.woff2");font-weight:400}
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:InspireTWDC,Arial,sans-serif;background:#fff;display:flex;align-items:center;justify-content:center;min-height:100vh;padding:20px}
.container{width:100%;max-width:420px;text-align:center;color:#565656}
h1{font-size:clamp(2rem,5vw,3rem);margin-bottom:20px}
h3{font-size:clamp(1rem,2.5vw,1.25rem);line-height:1.6;margin-bottom:20px;font-weight:350}
img{width:75%;height:auto;margin-top:20px}
</style>
</head>
<body>
<div class="container">
<h1 id="h">HULK SMASH!</h1>
<h3><span id="m">Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.</span><br><br><b id="r">Reference:</b> 0.38221102.1769421522.76c20b95</h3>
<img src="est-assets/wdtci-emea/asset-3.jpg" alt="Hulk"/>
</div>
<script>
const t={
en:{h:"HULK SMASH!",m:"Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.",t:"Server Security | Walt Disney Travel Company International",r:"Reference:"},
de:{h:"HULK ZERSCHMETTERN!",m:"Etwas in Ihrer Anfrage hat das System verärgert. Die Seite existiert — Sie wurden jedoch vorübergehend vom Zugriff darauf blockiert.",t:"Serversicherheit | Walt Disney Travel Company International",r:"Referenz:"},
es:{h:"¡HULK APLASTAR!",m:"Algo en su solicitud enojó al sistema. La página existe, pero se le ha bloqueado temporalmente el acceso a ella.",t:"Seguridad del Servidor | Walt Disney Travel Company International",r:"Referencia:"}
};
const h=location.hostname;
const l=h.includes('.de')?t.de:h.includes('.es')?t.es:t.en;
document.title=l.t;
document.getElementById('h').textContent=l.h;
document.getElementById('m').textContent=l.m;
document.getElementById('r').textContent=l.r;
</script>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.216:80 · ie.disneydevelopment.co.uk

2026-01-26 09:58

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Length: 2296
Cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html
Date: Mon, 26 Jan 2026 09:59:03 GMT
Connection: close
Server-Timing: cdn-cache; desc=HIT
Server-Timing: edge; dur=1
X-Disney-Akamai-Rule: Redirect to HTTPS
X-Disney-Akamai-Rule: Uncacheable Responses
X-Disney-Akamai-Rule: Offload
X-Disney-Akamai-Rule: Compressible Objects
X-Disney-Akamai-Rule: Performance
X-Disney-Akamai-Rule: Default Rule
Server-Timing: ak_p; desc="1769421543667_34677304_1992544664_14_7044_18_0_-";dur=1

Page title: Server Security

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="robots" content="noindex,nofollow"/>
<title>Server Security</title>
<link rel="stylesheet" href="https://use.typekit.net/dwp3nbd.css">
<style>
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_1.woff2");font-weight:100 300}
@font-face{font-family:InspireTWDC;src:url("est-assets/wdtci-emea/asset_2.woff2");font-weight:400}
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:InspireTWDC,Arial,sans-serif;background:#fff;display:flex;align-items:center;justify-content:center;min-height:100vh;padding:20px}
.container{width:100%;max-width:420px;text-align:center;color:#565656}
h1{font-size:clamp(2rem,5vw,3rem);margin-bottom:20px}
h3{font-size:clamp(1rem,2.5vw,1.25rem);line-height:1.6;margin-bottom:20px;font-weight:350}
img{width:75%;height:auto;margin-top:20px}
</style>
</head>
<body>
<div class="container">
<h1 id="h">HULK SMASH!</h1>
<h3><span id="m">Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.</span><br><br><b id="r">Reference:</b> 0.38221102.1769421543.76c3d198</h3>
<img src="est-assets/wdtci-emea/asset-3.jpg" alt="Hulk"/>
</div>
<script>
const t={
en:{h:"HULK SMASH!",m:"Something in your request made the system angry. The page exists — but you've been temporarily blocked from accessing it.",t:"Server Security | Walt Disney Travel Company International",r:"Reference:"},
de:{h:"HULK ZERSCHMETTERN!",m:"Etwas in Ihrer Anfrage hat das System verärgert. Die Seite existiert — Sie wurden jedoch vorübergehend vom Zugriff darauf blockiert.",t:"Serversicherheit | Walt Disney Travel Company International",r:"Referenz:"},
es:{h:"¡HULK APLASTAR!",m:"Algo en su solicitud enojó al sistema. La página existe, pero se le ha bloqueado temporalmente el acceso a ella.",t:"Seguridad del Servidor | Walt Disney Travel Company International",r:"Referencia:"}
};
const h=location.hostname;
const l=h.includes('.de')?t.de:h.includes('.es')?t.es:t.en;
document.title=l.t;
document.getElementById('h').textContent=l.h;
document.getElementById('m').textContent=l.m;
document.getElementById('r').textContent=l.r;
</script>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.216:80 · www.etnownews.com

2026-01-24 00:52

HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.etnownews.com/
Expires: Sat, 24 Jan 2026 00:53:56 GMT
Date: Sat, 24 Jan 2026 00:52:56 GMT
Connection: close
X-Origin-Hit: 
Cache-Control: public, must-revalidate, max-age=60
Akamai-Cache-Status: Redirect from child

Found 2026-01-24 by HttpPlugin

Create report

Open service 2.16.204.216:443 · www.etnownews.com

2026-01-24 00:52

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
X-Content-Type-Options: 
X-Frame-Options: 
X-XSS-Protection: 
Pragma: no-cache
x-response-time: 0ms
ETag: W/"1fd80951937f72ef"
Expires: Sat, 24 Jan 2026 00:53:34 GMT
Date: Sat, 24 Jan 2026 00:52:34 GMT
Content-Length: 955321
Connection: close
X-Origin-Hit: 
Cache-Control: public, must-revalidate, max-age=60
Akamai-Cache-Status: Hit from child
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload

Page title: ET Now: Latest Business News, Finance News, Today's Business News and Updates

<!DOCTYPE html><html lang="en" data-gate-mode="lcp"><head><meta charSet="utf-8" data-next-head=""/><link rel="preconnect" href="https://fonts.googleapis.com" data-next-head=""/><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="" data-next-head=""/><link rel="preconnect" href="https://images.etnownews.com" crossorigin="" data-next-head=""/><link rel="preconnect" href="https://securepubads.g.doubleclick.net" data-next-head=""/><link rel="manifest" href="/et_next/manifest.json" data-next-head=""/><link rel="shortcut icon" href="https://www.etnownews.com/et_next/tnnassets/images/icons/favicon.png" type="image/x-icon" data-next-head=""/><meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=5.0, user-scalable=yes" data-next-head=""/><title data-next-head="">ET Now: Latest Business News, Finance News, Today&#x27;s Business News and Updates</title><meta name="description" content="ET Now: Read here all latest business and finance news, today&#x27;s share market updates and stock market news here." data-next-head=""/><meta name="keywords" content="ET Now, business news, latest business news finance news, today finance news, share market news, stock market news, today share market news, finance news updates, business news updates" data-next-head=""/><meta name="news_keywords" content="ET Now, business news, latest business news finance news, today finance news, share market news, stock market news, today share market news, finance news updates, business news updates" data-next-head=""/><link rel="canonical" href="https://www.etnownews.com" data-next-head=""/><meta property="og:title" content="ET Now: Latest Business News, Finance News, Today&#x27;s Business News and Updates" data-next-head=""/><meta property="og:image" content="https://images.etnownews.com/photo/msid-95762555/95762555.jpg" data-next-head=""/><meta property="og:url" content="https://www.etnownews.com" data-next-head=""/><meta property="og:description" content="ET Now: Read here all latest business and finance news, today&#x27;s share market updates and stock market news here." data-next-head=""/><meta property="og:image:type" content="image/jpeg" data-next-head=""/><meta name="twitter:title" content="ET Now: Latest Business News, Finance News, Today&#x27;s Business News and Updates" data-next-head=""/><meta name="twitter:description" content="ET Now: Read here all latest business and finance news, today&#x27;s share market updates and stock market news here." data-next-head=""/><meta name="twitter:image" content="https://images.etnownews.com/photo/msid-95762555/95762555.jpg" data-next-head=""/><meta name="twitter:url" content="https://www.etnownews.com/" data-next-head=""/><meta name="msapplication-TileColor" content="#135394" data-next-head=""/><meta name="category" content="Business" data-next-head=""/><meta name="coverage" content="Worldwide" data-next-head=""/><meta name="distribution" content="Global" data-next-head=""/><meta name="rating" content="General" data-next-head=""/><link rel="dns-prefetch" href="https://images.etnownews.com" data-next-head=""/><link rel="dns-prefetch" href="https://securepubads.g.doubleclick.net" data-next-head=""/><link rel="dns-prefetch" href="https://www.googletagmanager.com" data-next-head=""/><link rel="dns-prefetch" href="https://connect.facebook.net" data-next-head=""/><link rel="dns-prefetch" href="https://platform.twitter.com" data-next-head=""/><script type="application/ld+json">{"@context":"https://schema.org","@type":"NewsMediaOrganization","name":"ET Now","url":"https://www.etnownews.com","logo":{"@type":"ImageObject","url":"https://images.etnownews.com/photo/msid-111599270/111599270.jpg","width":600,"height":60},"address":{"@type":"PostalAddress","streetAddress":"Plot No-FC 6, Second Floor, Film City, Noida Sector 16A,","addressLocality":"Noida","addressRegion":"Uttar Pradesh","postalCode":"201301","addressCountry":{"@type":"Country","name":"IN"}},"contactPoint":{"@type":"ContactPoint","telephone":"+91 – 0120 – 6634600","contactType":"Customer Serv

Found 2026-01-24 by HttpPlugin

Create report

Open service 2.16.204.216:443 · mcjs.etb2bimg.com

2026-01-23 01:09

HTTP/1.1 200 OK
Server: Bhoot
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Last-Modified: Wed, 16 Oct 2024 07:40:49 GMT
X-Cool: 55.56
Content-Language: en
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=25920000; includeSubdomains
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: public, max-age=86400
Expires: Sat, 24 Jan 2026 01:09:16 GMT
Date: Fri, 23 Jan 2026 01:09:16 GMT
Alt-Svc: h3=":443"; ma=93600
Transfer-Encoding:  chunked
Connection: close
Connection: Transfer-Encoding
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST

Found 2026-01-23 by HttpPlugin

Create report

Open service 2.16.204.216:80 · disinsgst-api.wdprapps.disney.com

2026-01-22 23:44
Found 2026-01-22 by HttpPlugin
Create report
Open service 2.16.204.216:443 · disinsgst-api.wdprapps.disney.com

2026-01-22 23:44
Found 2026-01-22 by HttpPlugin
Create report

Open service 2.16.204.216:443 · stage.find-merch.dlr.wdprapps.disney.com

2026-01-22 13:59

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 410
Cache-Control: max-age=0
Expires: Thu, 22 Jan 2026 13:59:05 GMT
Date: Thu, 22 Jan 2026 13:59:05 GMT
Connection: close
X-Disney-Akamai-Rule: find merch - UI
X-Disney-Akamai-Rule: Offload
X-Disney-Akamai-Rule: Compressible Objects
X-Disney-Akamai-Rule: Performance

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;stage&#46;find&#45;merch&#46;dlr&#46;wdprapps&#46;disney&#46;com&#47;" on this server.<P>
Reference&#32;&#35;18&#46;34221102&#46;1769090345&#46;33e0bd38
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;34221102&#46;1769090345&#46;33e0bd38</P>
</BODY>
</HTML>