LeakIX - Host analytics.dotconnect.vc

Domain analytics.dotconnect.vc

Poland

GOOGLE-CLOUD-PLATFORM

Software information

Caddy

tcp/443 tcp/80

Kestrel Kestrel

tcp/443

nginx nginx 1.25.3

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.116.159.62
Domain: dev.data.analytics.dotconnect.vc
Port: 443
URL: https://dev.data.analytics.dotconnect.vc

First seen 2025-10-25 10:16
Last seen 2026-01-16 08:24
Open for 82 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354972994ef423d327490876e8d14775b9d017145965

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /GetDeploymentDescriptorsRequest
GET /GetGeospatialRevisionDataFileUploadInfoRequest
GET /GetGeospatialRevisionDataRequest
GET /GetGeospatialRevisionsRequest
GET /GetOperatorsRequest
GET /GetWarsawNoticeRequest
GET /GetWarsawPaymentsRequest
GET /GetWarsawResidentsRequest
GET /GetWarsawSignsRequest
GET /PerformWarsawDatabaseSyncRequest
GET /QueryAlprDeviceRecognitionsRequest
GET /QueryDeviceScanningSessionsRequest
GET /QueryGpsDataRequest
GET /QueryNegativePolygonsRequest
GET /QueryParkingPolygonsRequest
GET /QueryRfidDeviceRecognitionsRequest
GET /QueryRoadSignDeviceRecognitionsRequest
GET /QueryStreetsRequest
GET /QueryVehicleGpsDataRequest
GET /QueryWeatherRecordsRequest
GET /QueryZonesRequest
POST /CreateDeploymentDescriptorRequest
POST /CreateDeviceDescriptorRequest
POST /CreateGeospatialRevisionRequest
POST /DeleteGeospatialRevisionRequest
POST /DeleteRoutesPlannerRequest
POST /GetRoutePlannerDataRequest
POST /GetRoutesPlannerRequest
POST /GetWarsawWhitelistRequest
POST /MigrateDatabasesRequest
POST /UpdateDeploymentRequest
POST /UpdateGeospatialRevisionRequest
POST /UpdateRoutePlannerTitleRequest
POST /UploadAlprDeviceRecognitionsRequest
POST /UploadDeviceGpsDataBatchRequest
POST /UploadOperatorEventsRequest
POST /UploadRfidDeviceRecognitionsRequest
POST /UploadRoadSignDeviceRecognitionsRequest
POST /UploadRoutePlannerRequest
POST /UploadWarsawSignsRequest

Found on 2026-01-16 08:24

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354972994ef423d327490876e8d14775b9d063643981

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /GetDeploymentDescriptorsRequest
GET /GetGeospatialRevisionDataFileUploadInfoRequest
GET /GetGeospatialRevisionDataRequest
GET /GetGeospatialRevisionsRequest
GET /GetOperatorsRequest
GET /GetWarsawNoticeRequest
GET /GetWarsawPaymentsRequest
GET /GetWarsawResidentsRequest
GET /GetWarsawSignsRequest
GET /PerformWarsawDatabaseSyncRequest
GET /QueryAlprDeviceRecognitionsRequest
GET /QueryDeviceScanningSessionsRequest
GET /QueryGpsDataRequest
GET /QueryNegativePolygonsRequest
GET /QueryParkingPolygonsRequest
GET /QueryRfidDeviceRecognitionsRequest
GET /QueryRoadSignDeviceRecognitionsRequest
GET /QueryStreetsRequest
GET /QueryVehicleGpsDataRequest
GET /QueryWeatherRecordsRequest
GET /QueryZonesRequest
POST /CreateDeploymentDescriptorRequest
POST /CreateDeviceDescriptorRequest
POST /CreateGeospatialRevisionRequest
POST /DeleteGeospatialRevisionRequest
POST /GetWarsawWhitelistRequest
POST /MigrateDatabasesRequest
POST /UpdateDeploymentRequest
POST /UpdateGeospatialRevisionRequest
POST /UploadAlprDeviceRecognitionsRequest
POST /UploadDeviceGpsDataBatchRequest
POST /UploadOperatorEventsRequest
POST /UploadRfidDeviceRecognitionsRequest
POST /UploadRoadSignDeviceRecognitionsRequest
POST /UploadWarsawSignsRequest

Found on 2025-11-12 17:06

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.116.159.62
Domain: dev.reporting.analytics.dotconnect.vc
Port: 443
URL: https://dev.reporting.analytics.dotconnect.vc

First seen 2025-10-22 21:16
Last seen 2026-02-01 22:42
Open for 102 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035491d2c1dcd59f1c675c91943c5ba88571d6d332d1a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /GetAnalysesRequest
GET /GetAnalysisRequest
GET /GetAnalyticsArtifactRequest
GET /GetAnalyticsReportRequest
GET /GetChildUsersRequest
GET /GetDeploymentDetailsRequest
GET /GetDeploymentsRequest
GET /GetLibraryDeploymentsRequest
GET /GetLibraryVersionsRequest
GET /GetMyResourcesRequest
GET /GetReportKindsPresentOnDeploymentRequest
GET /RequestArtifactAccessUrlRequest
GET /UpdateWarsawFinesReportWithNewNoticeDataRequest
POST /AddAnalysisNotificationSubscriberRequest
POST /AddDataSourceToDeploymentRequest
POST /AddUserToDeploymentRequest
POST /AuthenticateWithGuestAccessKeyRequest
POST /AuthenticateWithResourceAccessTokenRequest
POST /CancelAnalysisRequest
POST /ChangeUserCultureRequest
POST /ConfirmArtifactUploadStatusRequest
POST /CreateAnalysisRequest
POST /CreateArtifactRequest
POST /CreateChildUserAccessTokenRequest
POST /CreateDataSourceRequest
POST /CreateDeploymentRequest
POST /CreateLibraryUserRequest
POST /CreateLibraryVersionRequest
POST /CreateReportRequest
POST /CreateSyncClientUserRequest
POST /CreateUserResourceAccessRequest
POST /DeleteAnalysisRequest
POST /GetGuestUserAccessKeyRequest
POST /GetReportDocumentRequest
POST /NotifyNewScanningSessionsCreatedRequest
POST /RemoveAnalysisNotificationSubscriberRequest
POST /RemoveChildUserRequest
POST /RemoveUserFromDeploymentRequest
POST /ReportAnalysisReportProgressRequest
POST /ReportOverallAnalysisProgressRequest
POST /RequestArtifactUploadTokenRequest
POST /ReuploadAnalysisArtifactsRequest
POST /SendAnalysisNotificationRequest
POST /SetAnalysisExpirationDateRequest
POST /SetGuestUserAccessKeyRequest
POST /SetUserDeploymentAccessTypesRequest
POST /SyncAnalyticsUserRequest
POST /UpdateLibraryVersionRequest
POST /UploadAnalysisRequest

Found on 2026-02-01 22:42

Create report

Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 34.116.159.62
Domain: polyscriptor.analytics.dotconnect.vc
Port: 443
URL: https://polyscriptor.analytics.dotconnect.vc

First seen 2023-07-13 20:20
Last seen 2026-02-09 14:11
Open for 941 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522024ae262
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
[user]
	name = Barbara Morawska
	email = barbara.morawska@dotconnect.vc
[remote "origin"]
	url = git@gitlab.dotconnect.vc:cityscanneranalytics/polygondescriptor.git
	fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
	remote = origin
	merge = refs/heads/master
```
  Found on 2026-02-09 14:11
  
  364 Bytes
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.116.159.62
Domain: reporting.analytics.dotconnect.vc
Port: 443
URL: https://reporting.analytics.dotconnect.vc

First seen 2025-10-25 17:35
Last seen 2026-02-02 12:29
Open for 99 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035491d2c1dcd59f1c675c91943c5ba88571d6d332d1a

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /GetAnalysesRequest
GET /GetAnalysisRequest
GET /GetAnalyticsArtifactRequest
GET /GetAnalyticsReportRequest
GET /GetChildUsersRequest
GET /GetDeploymentDetailsRequest
GET /GetDeploymentsRequest
GET /GetLibraryDeploymentsRequest
GET /GetLibraryVersionsRequest
GET /GetMyResourcesRequest
GET /GetReportKindsPresentOnDeploymentRequest
GET /RequestArtifactAccessUrlRequest
GET /UpdateWarsawFinesReportWithNewNoticeDataRequest
POST /AddAnalysisNotificationSubscriberRequest
POST /AddDataSourceToDeploymentRequest
POST /AddUserToDeploymentRequest
POST /AuthenticateWithGuestAccessKeyRequest
POST /AuthenticateWithResourceAccessTokenRequest
POST /CancelAnalysisRequest
POST /ChangeUserCultureRequest
POST /ConfirmArtifactUploadStatusRequest
POST /CreateAnalysisRequest
POST /CreateArtifactRequest
POST /CreateChildUserAccessTokenRequest
POST /CreateDataSourceRequest
POST /CreateDeploymentRequest
POST /CreateLibraryUserRequest
POST /CreateLibraryVersionRequest
POST /CreateReportRequest
POST /CreateSyncClientUserRequest
POST /CreateUserResourceAccessRequest
POST /DeleteAnalysisRequest
POST /GetGuestUserAccessKeyRequest
POST /GetReportDocumentRequest
POST /NotifyNewScanningSessionsCreatedRequest
POST /RemoveAnalysisNotificationSubscriberRequest
POST /RemoveChildUserRequest
POST /RemoveUserFromDeploymentRequest
POST /ReportAnalysisReportProgressRequest
POST /ReportOverallAnalysisProgressRequest
POST /RequestArtifactUploadTokenRequest
POST /ReuploadAnalysisArtifactsRequest
POST /SendAnalysisNotificationRequest
POST /SetAnalysisExpirationDateRequest
POST /SetGuestUserAccessKeyRequest
POST /SetUserDeploymentAccessTypesRequest
POST /SyncAnalyticsUserRequest
POST /UpdateLibraryVersionRequest
POST /UploadAnalysisRequest

Found on 2026-02-02 12:29

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 34.116.159.62
Domain: data.analytics.dotconnect.vc
Port: 443
URL: https://data.analytics.dotconnect.vc

First seen 2025-10-25 17:35
Last seen 2026-02-02 00:19
Open for 99 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354972994ef423d327490876e8d14775b9d063643981

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /GetDeploymentDescriptorsRequest
GET /GetGeospatialRevisionDataFileUploadInfoRequest
GET /GetGeospatialRevisionDataRequest
GET /GetGeospatialRevisionsRequest
GET /GetOperatorsRequest
GET /GetWarsawNoticeRequest
GET /GetWarsawPaymentsRequest
GET /GetWarsawResidentsRequest
GET /GetWarsawSignsRequest
GET /PerformWarsawDatabaseSyncRequest
GET /QueryAlprDeviceRecognitionsRequest
GET /QueryDeviceScanningSessionsRequest
GET /QueryGpsDataRequest
GET /QueryNegativePolygonsRequest
GET /QueryParkingPolygonsRequest
GET /QueryRfidDeviceRecognitionsRequest
GET /QueryRoadSignDeviceRecognitionsRequest
GET /QueryStreetsRequest
GET /QueryVehicleGpsDataRequest
GET /QueryWeatherRecordsRequest
GET /QueryZonesRequest
POST /CreateDeploymentDescriptorRequest
POST /CreateDeviceDescriptorRequest
POST /CreateGeospatialRevisionRequest
POST /DeleteGeospatialRevisionRequest
POST /GetWarsawWhitelistRequest
POST /MigrateDatabasesRequest
POST /UpdateDeploymentRequest
POST /UpdateGeospatialRevisionRequest
POST /UploadAlprDeviceRecognitionsRequest
POST /UploadDeviceGpsDataBatchRequest
POST /UploadOperatorEventsRequest
POST /UploadRfidDeviceRecognitionsRequest
POST /UploadRoadSignDeviceRecognitionsRequest
POST /UploadWarsawSignsRequest

Found on 2026-02-02 00:19

Create report

Open service 34.116.159.62:443 · reporting.analytics.dotconnect.vc

2026-01-23 15:56

HTTP/1.1 404 Not Found
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Alt-Svc: h3=":443"; ma=2592000
Content-Length: 0
Date: Fri, 23 Jan 2026 15:56:56 GMT
Server: Kestrel
Via: 1.1 Caddy
Connection: close

Found 2026-01-23 by HttpPlugin

Domain analytics.dotconnect.vc

Poland

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Git configuration and history exposed

Swagger API description is publicly available

Swagger API description is publicly available

reporting.analytics.dotconnect.vc

dev.reporting.analytics.dotconnect.vc

polyscriptor.analytics.dotconnect.vc

data.analytics.dotconnect.vc

dev.data.analytics.dotconnect.vc

dev.analytics.dotconnect.vc

analytics.dotconnect.vc

data.analytics.dotconnect.vc

dev.computation.analytics.dotconnect.vc

polyscriptor.analytics.dotconnect.vc

reporting.analytics.dotconnect.vc

dev.data.analytics.dotconnect.vc

Domain summary

IP summary