Domain api.burgerschon.com
United States
AMAZON-02
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 17:33
Last seen 2026-01-09 06:18
Open for 40 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff433cdca38764b7c98a468bd6a23cb02e563fd7a7c2Public Swagger UI/API detected at path: /swagger.json - sample paths: GET /api/health GET /api/ready GET /api/version POST /api/payment/check-status POST /api/payment/installments POST /api/payment/process-3d POST /api/payment/refund
Found on 2026-01-09 06:18
-
-
Open service 216.198.79.1:443 · api.burgerschon.com
2026-01-09 06:18
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=UTF-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 09 Jan 2026 06:18:37 GMT Etag: W/"1ae1-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Correlation-Id: 5887b82b-ff88-41cb-ad02-225d78b2a1ed X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::rl6rp-1767939517201-d757dcd46391 X-Xss-Protection: 0 Connection: close Transfer-Encoding: chunked Page title: Backend Anasayfa <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Backend Anasayfa</title> <style> html, body { height: 100%; } body { margin: 0; background: #000; color: #fff; font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace; display: flex; align-items: center; justify-content: center; } .container { padding: 24px; text-align: center; } .status { display: inline-flex; align-items: center; gap: 8px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); padding: 8px 12px; border-radius: 999px; margin-bottom: 16px; } .dot { width: 10px; height: 10px; border-radius: 50%; background: #999; box-shadow: 0 0 8px rgba(255,255,255,0.2); } .ok { background: #10b981; box-shadow: 0 0 8px rgba(16,185,129,0.65); } .fail { background: #ef4444; box-shadow: 0 0 8px rgba(239,68,68,0.65); } .status-text { font-size: 12px; color: #ddd; letter-spacing: .2px; } pre { margin: 0 auto; text-align: left; line-height: 1.05; white-space: pre; } .meta { margin-top: 16px; color: #bbb; font-size: 12px; } .support-link { position: fixed; left: 16px; bottom: 16px; padding: 10px 14px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); color: #fff; text-decoration: none; border-radius: 10px; font-size: 14px; transition: background .2s ease, border-color .2s ease; } .support-link:hover { background: rgba(255,255,255,0.12); border-color: rgba(255,255,255,0.2); } .support-link svg { width: 16px; height: 16px; margin-right: 8px; vertical-align: -2px; } </style> <meta name="robots" content="noindex,nofollow"> <meta name="version" content="2"> </head> <body> <div class="container" aria-label="ASCII Logo"> <div class="status" id="api-status"> <span class="dot" id="api-dot"></span> <span class="status-text" id="api-text">API durumu kontrol ediliyor…</span> </div> <pre> # ######## ####### ########## ############ ### ############## ########### ######################### ################# #### ############### ############################### ##### ###################### ##### ######## ########### ######### ############# ############################ ######## ######### ########### ############ ########## ############ ######### #### ###### ###### ##### ############ ###### ################## ########### ############ ########### #### ##### ###### ###### ########## ########### ############################ ##### ##### ######## ###### ############ ###################### ###### ############################# #### ##### #### ########### #### ###### ############################### #### ##### #### ######### ################################ #### ###### # ######### ############# ##Found 2026-01-09 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.burgerschon.com
2026-01-02 05:50
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=UTF-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Fri, 02 Jan 2026 05:50:38 GMT Etag: W/"1ae1-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Correlation-Id: b1732beb-8816-47c8-a29d-e554f3ef8268 X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: lhr1::iad1::gvgjg-1767333037513-a2fbfc9b6c24 X-Xss-Protection: 0 Connection: close Transfer-Encoding: chunked Page title: Backend Anasayfa <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Backend Anasayfa</title> <style> html, body { height: 100%; } body { margin: 0; background: #000; color: #fff; font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace; display: flex; align-items: center; justify-content: center; } .container { padding: 24px; text-align: center; } .status { display: inline-flex; align-items: center; gap: 8px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); padding: 8px 12px; border-radius: 999px; margin-bottom: 16px; } .dot { width: 10px; height: 10px; border-radius: 50%; background: #999; box-shadow: 0 0 8px rgba(255,255,255,0.2); } .ok { background: #10b981; box-shadow: 0 0 8px rgba(16,185,129,0.65); } .fail { background: #ef4444; box-shadow: 0 0 8px rgba(239,68,68,0.65); } .status-text { font-size: 12px; color: #ddd; letter-spacing: .2px; } pre { margin: 0 auto; text-align: left; line-height: 1.05; white-space: pre; } .meta { margin-top: 16px; color: #bbb; font-size: 12px; } .support-link { position: fixed; left: 16px; bottom: 16px; padding: 10px 14px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); color: #fff; text-decoration: none; border-radius: 10px; font-size: 14px; transition: background .2s ease, border-color .2s ease; } .support-link:hover { background: rgba(255,255,255,0.12); border-color: rgba(255,255,255,0.2); } .support-link svg { width: 16px; height: 16px; margin-right: 8px; vertical-align: -2px; } </style> <meta name="robots" content="noindex,nofollow"> <meta name="version" content="2"> </head> <body> <div class="container" aria-label="ASCII Logo"> <div class="status" id="api-status"> <span class="dot" id="api-dot"></span> <span class="status-text" id="api-text">API durumu kontrol ediliyor…</span> </div> <pre> # ######## ####### ########## ############ ### ############## ########### ######################### ################# #### ############### ############################### ##### ###################### ##### ######## ########### ######### ############# ############################ ######## ######### ########### ############ ########## ############ ######### #### ###### ###### ##### ############ ###### ################## ########### ############ ########### #### ##### ###### ###### ########## ########### ############################ ##### ##### ######## ###### ############ ###################### ###### ############################# #### ##### #### ########### #### ###### ############################### #### ##### #### ######### ################################ #### ###### # ######### ############# ##Found 2026-01-02 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.burgerschon.com
2025-12-30 13:25
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=UTF-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Tue, 30 Dec 2025 13:25:58 GMT Etag: W/"1ae1-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Correlation-Id: cb147e3a-a535-44f7-a58f-493591f4aca3 X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::w5mw2-1767101158153-38762f9c6a9e X-Xss-Protection: 0 Connection: close Transfer-Encoding: chunked Page title: Backend Anasayfa <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Backend Anasayfa</title> <style> html, body { height: 100%; } body { margin: 0; background: #000; color: #fff; font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace; display: flex; align-items: center; justify-content: center; } .container { padding: 24px; text-align: center; } .status { display: inline-flex; align-items: center; gap: 8px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); padding: 8px 12px; border-radius: 999px; margin-bottom: 16px; } .dot { width: 10px; height: 10px; border-radius: 50%; background: #999; box-shadow: 0 0 8px rgba(255,255,255,0.2); } .ok { background: #10b981; box-shadow: 0 0 8px rgba(16,185,129,0.65); } .fail { background: #ef4444; box-shadow: 0 0 8px rgba(239,68,68,0.65); } .status-text { font-size: 12px; color: #ddd; letter-spacing: .2px; } pre { margin: 0 auto; text-align: left; line-height: 1.05; white-space: pre; } .meta { margin-top: 16px; color: #bbb; font-size: 12px; } .support-link { position: fixed; left: 16px; bottom: 16px; padding: 10px 14px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); color: #fff; text-decoration: none; border-radius: 10px; font-size: 14px; transition: background .2s ease, border-color .2s ease; } .support-link:hover { background: rgba(255,255,255,0.12); border-color: rgba(255,255,255,0.2); } .support-link svg { width: 16px; height: 16px; margin-right: 8px; vertical-align: -2px; } </style> <meta name="robots" content="noindex,nofollow"> <meta name="version" content="2"> </head> <body> <div class="container" aria-label="ASCII Logo"> <div class="status" id="api-status"> <span class="dot" id="api-dot"></span> <span class="status-text" id="api-text">API durumu kontrol ediliyor…</span> </div> <pre> # ######## ####### ########## ############ ### ############## ########### ######################### ################# #### ############### ############################### ##### ###################### ##### ######## ########### ######### ############# ############################ ######## ######### ########### ############ ########## ############ ######### #### ###### ###### ##### ############ ###### ################## ########### ############ ########### #### ##### ###### ###### ########## ########### ############################ ##### ##### ######## ###### ############ ###################### ###### ############################# #### ##### #### ########### #### ###### ############################### #### ##### #### ######### ################################ #### ###### # ######### ############# ##Found 2025-12-30 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.burgerschon.com
2025-12-22 16:29
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=UTF-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Mon, 22 Dec 2025 16:29:22 GMT Etag: W/"1ae1-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Correlation-Id: 6cb72e8c-1024-4852-9026-8b41fa1357cd X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::9j5fh-1766420960991-5a2ece928cfb X-Xss-Protection: 0 Connection: close Transfer-Encoding: chunked Page title: Backend Anasayfa <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Backend Anasayfa</title> <style> html, body { height: 100%; } body { margin: 0; background: #000; color: #fff; font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace; display: flex; align-items: center; justify-content: center; } .container { padding: 24px; text-align: center; } .status { display: inline-flex; align-items: center; gap: 8px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); padding: 8px 12px; border-radius: 999px; margin-bottom: 16px; } .dot { width: 10px; height: 10px; border-radius: 50%; background: #999; box-shadow: 0 0 8px rgba(255,255,255,0.2); } .ok { background: #10b981; box-shadow: 0 0 8px rgba(16,185,129,0.65); } .fail { background: #ef4444; box-shadow: 0 0 8px rgba(239,68,68,0.65); } .status-text { font-size: 12px; color: #ddd; letter-spacing: .2px; } pre { margin: 0 auto; text-align: left; line-height: 1.05; white-space: pre; } .meta { margin-top: 16px; color: #bbb; font-size: 12px; } .support-link { position: fixed; left: 16px; bottom: 16px; padding: 10px 14px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); color: #fff; text-decoration: none; border-radius: 10px; font-size: 14px; transition: background .2s ease, border-color .2s ease; } .support-link:hover { background: rgba(255,255,255,0.12); border-color: rgba(255,255,255,0.2); } .support-link svg { width: 16px; height: 16px; margin-right: 8px; vertical-align: -2px; } </style> <meta name="robots" content="noindex,nofollow"> <meta name="version" content="2"> </head> <body> <div class="container" aria-label="ASCII Logo"> <div class="status" id="api-status"> <span class="dot" id="api-dot"></span> <span class="status-text" id="api-text">API durumu kontrol ediliyor…</span> </div> <pre> # ######## ####### ########## ############ ### ############## ########### ######################### ################# #### ############### ############################### ##### ###################### ##### ######## ########### ######### ############# ############################ ######## ######### ########### ############ ########## ############ ######### #### ###### ###### ##### ############ ###### ################## ########### ############ ########### #### ##### ###### ###### ########## ########### ############################ ##### ##### ######## ###### ############ ###################### ###### ############################# #### ##### #### ########### #### ###### ############################### #### ##### #### ######### ################################ #### ###### # ######### ############# ##Found 2025-12-22 by HttpPluginCreate report
-
Open service 216.198.79.1:443 · api.burgerschon.com
2025-12-20 22:35
HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Credentials: true Age: 0 Cache-Control: public, max-age=0 Content-Security-Policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type: text/html; charset=UTF-8 Cross-Origin-Opener-Policy: same-origin Cross-Origin-Resource-Policy: same-origin Date: Sat, 20 Dec 2025 22:35:53 GMT Etag: W/"1ae1-1668f272800" Last-Modified: Sat, 20 Oct 2018 01:46:40 GMT Origin-Agent-Cluster: ?1 Referrer-Policy: no-referrer Server: Vercel Strict-Transport-Security: max-age=15552000; includeSubDomains Vary: Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Correlation-Id: 4727d307-44b0-4625-a13a-ae5efd698a54 X-Dns-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Vercel-Cache: MISS X-Vercel-Id: fra1::iad1::s8r84-1766270153113-c1ae3a1be6b3 X-Xss-Protection: 0 Connection: close Transfer-Encoding: chunked Page title: Backend Anasayfa <!DOCTYPE html> <html lang="tr"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Backend Anasayfa</title> <style> html, body { height: 100%; } body { margin: 0; background: #000; color: #fff; font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace; display: flex; align-items: center; justify-content: center; } .container { padding: 24px; text-align: center; } .status { display: inline-flex; align-items: center; gap: 8px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); padding: 8px 12px; border-radius: 999px; margin-bottom: 16px; } .dot { width: 10px; height: 10px; border-radius: 50%; background: #999; box-shadow: 0 0 8px rgba(255,255,255,0.2); } .ok { background: #10b981; box-shadow: 0 0 8px rgba(16,185,129,0.65); } .fail { background: #ef4444; box-shadow: 0 0 8px rgba(239,68,68,0.65); } .status-text { font-size: 12px; color: #ddd; letter-spacing: .2px; } pre { margin: 0 auto; text-align: left; line-height: 1.05; white-space: pre; } .meta { margin-top: 16px; color: #bbb; font-size: 12px; } .support-link { position: fixed; left: 16px; bottom: 16px; padding: 10px 14px; background: rgba(255,255,255,0.06); border: 1px solid rgba(255,255,255,0.12); color: #fff; text-decoration: none; border-radius: 10px; font-size: 14px; transition: background .2s ease, border-color .2s ease; } .support-link:hover { background: rgba(255,255,255,0.12); border-color: rgba(255,255,255,0.2); } .support-link svg { width: 16px; height: 16px; margin-right: 8px; vertical-align: -2px; } </style> <meta name="robots" content="noindex,nofollow"> <meta name="version" content="2"> </head> <body> <div class="container" aria-label="ASCII Logo"> <div class="status" id="api-status"> <span class="dot" id="api-dot"></span> <span class="status-text" id="api-text">API durumu kontrol ediliyor…</span> </div> <pre> # ######## ####### ########## ############ ### ############## ########### ######################### ################# #### ############### ############################### ##### ###################### ##### ######## ########### ######### ############# ############################ ######## ######### ########### ############ ########## ############ ######### #### ###### ###### ##### ############ ###### ################## ########### ############ ########### #### ##### ###### ###### ########## ########### ############################ ##### ##### ######## ###### ############ ###################### ###### ############################# #### ##### #### ########### #### ###### ############################### #### ##### #### ######### ################################ #### ###### # ######### ############# ##Found 2025-12-20 by HttpPluginCreate report
api.burgerschon.com
CN:
api.burgerschon.com
Not before:
2025-11-29 16:34
Not after:
2026-02-27 16:34