Domain app.payplanet.pl
United States
Software information
Vercel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-18 18:38
Last seen 2026-01-09 14:46
Open for 51 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656Public Swagger UI/API detected at path: /swagger-ui.html
Found on 2026-01-09 14:46
-
-
Open service 216.150.16.129:443 · app.payplanet.pl
2026-01-09 14:46
HTTP/1.1 307 Temporary Redirect Cache-Control: public, max-age=0, must-revalidate Content-Type: text/plain Date: Fri, 09 Jan 2026 14:46:13 GMT Location: /login Referrer-Policy: origin-when-cross-origin Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: on X-Frame-Options: SAMEORIGIN X-Vercel-Id: iad1::8zm9v-1767969972797-636ffc3b60cb X-Xss-Protection: 1; mode=block Connection: close Transfer-Encoding: chunked Redirecting...
Found 2026-01-09 by HttpPluginCreate report
-
Open service 216.150.16.129:443 · app.payplanet.pl
2026-01-02 14:50
HTTP/1.1 307 Temporary Redirect Cache-Control: public, max-age=0, must-revalidate Content-Type: text/plain Date: Fri, 02 Jan 2026 14:50:57 GMT Location: /login Referrer-Policy: origin-when-cross-origin Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: on X-Frame-Options: SAMEORIGIN X-Vercel-Id: iad1::69bsb-1767365456842-afc380caf500 X-Xss-Protection: 1; mode=block Connection: close Transfer-Encoding: chunked Redirecting...
Found 2026-01-02 by HttpPluginCreate report
-
Open service 216.150.16.129:443 · app.payplanet.pl
2025-12-23 05:56
HTTP/1.1 307 Temporary Redirect Cache-Control: public, max-age=0, must-revalidate Content-Type: text/plain Date: Tue, 23 Dec 2025 05:56:18 GMT Location: /login Referrer-Policy: origin-when-cross-origin Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: on X-Frame-Options: SAMEORIGIN X-Vercel-Id: iad1::xnh2c-1766469376569-606ca7eaad9f X-Xss-Protection: 1; mode=block Connection: close Transfer-Encoding: chunked Redirecting...
Found 2025-12-23 by HttpPluginCreate report
-
Open service 216.150.16.129:443 · app.payplanet.pl
2025-12-20 13:35
HTTP/1.1 307 Temporary Redirect Cache-Control: public, max-age=0, must-revalidate Content-Type: text/plain Date: Sat, 20 Dec 2025 13:35:53 GMT Location: /login Referrer-Policy: origin-when-cross-origin Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Dns-Prefetch-Control: on X-Frame-Options: SAMEORIGIN X-Vercel-Id: iad1::lpxtn-1766237752332-9f578e9139bc X-Xss-Protection: 1; mode=block Connection: close Transfer-Encoding: chunked Redirecting...
Found 2025-12-20 by HttpPluginCreate report