LeakIX - Host backend.hanfcn.com

Domain backend.hanfcn.com

Germany

Zhejiang Taobao Network Co.,Ltd

Software information

Tengine

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 155.102.51.3
Domain: backend.hanfcn.com
Port: 80
URL: http://backend.hanfcn.com

First seen 2025-10-25 15:19
Last seen 2025-11-14 22:06
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-14 22:06
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 155.102.51.3
Domain: backend.hanfcn.com
Port: 443
URL: https://backend.hanfcn.com

First seen 2025-10-25 15:19
Last seen 2025-11-14 21:38
Open for 20 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2025-11-14 21:38
Create report

Open service 155.102.51.3:443 · backend.hanfcn.com

2026-01-09 01:13

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Fri, 09 Jan 2026 01:13:38 GMT
Content-Type: text/html
Content-Length: 263
Connection: close
Via: ens-cache8.de7[,0]
EagleId: 0000000017679212184571652e

Page title: 400 The plain HTTP request was sent to HTTPS port

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<h1>400 Bad Request</h1>
<p>The plain HTTP request was sent to HTTPS port.<hr/>Powered by Tengine</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 155.102.51.3:80 · backend.hanfcn.com

2026-01-08 19:06

HTTP/1.1 403 Forbidden
Server: Tengine
Date: Thu, 08 Jan 2026 19:06:23 GMT
Content-Type: text/html
Content-Length: 238
Connection: close
X-Tengine-Error: non-existent domain
Via: ens-cache1.de7[,0]
Timing-Allow-Origin: *
EagleId: a3b5839517678991839586021e

Page title: 403 Forbidden

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>403 Forbidden</title></head>
<body>
<h1>403 Forbidden</h1>
<p>You don't have permission to access the URL on this server.<hr/>Powered by Tengine</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 155.102.51.3:443 · backend.hanfcn.com

2026-01-02 01:18

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Fri, 02 Jan 2026 01:18:03 GMT
Content-Type: text/html
Content-Length: 263
Connection: close
Via: ens-cache1.de7[,0]
EagleId: 0000000017673166837312125e

Page title: 400 The plain HTTP request was sent to HTTPS port

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<h1>400 Bad Request</h1>
<p>The plain HTTP request was sent to HTTPS port.<hr/>Powered by Tengine</body>
</html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 155.102.51.3:80 · backend.hanfcn.com

2026-01-01 19:58

HTTP/1.1 403 Forbidden
Server: Tengine
Date: Thu, 01 Jan 2026 19:58:30 GMT
Content-Type: text/html
Content-Length: 238
Connection: close
X-Tengine-Error: non-existent domain
Via: ens-cache8.de7[,0]
Timing-Allow-Origin: *
EagleId: a3b5839c17672975104667252e

Page title: 403 Forbidden

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>403 Forbidden</title></head>
<body>
<h1>403 Forbidden</h1>
<p>You don't have permission to access the URL on this server.<hr/>Powered by Tengine</body>
</html>

Found 2026-01-01 by HttpPlugin

Create report

Open service 155.102.51.3:443 · backend.hanfcn.com

2025-12-30 08:54

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Tue, 30 Dec 2025 08:54:57 GMT
Content-Type: text/html
Content-Length: 263
Connection: close
Via: ens-cache3.de7[,0]
EagleId: 0000000017670848970137123e

Page title: 400 The plain HTTP request was sent to HTTPS port

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<h1>400 Bad Request</h1>
<p>The plain HTTP request was sent to HTTPS port.<hr/>Powered by Tengine</body>
</html>

Found 2025-12-30 by HttpPlugin

Create report

Open service 155.102.51.3:80 · backend.hanfcn.com

2025-12-30 04:05

HTTP/1.1 403 Forbidden
Server: Tengine
Date: Tue, 30 Dec 2025 04:05:11 GMT
Content-Type: text/html
Content-Length: 238
Connection: close
X-Tengine-Error: non-existent domain
Via: ens-cache2.de7[,0]
Timing-Allow-Origin: *
EagleId: a3b5839617670675113965003e

Page title: 403 Forbidden

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>403 Forbidden</title></head>
<body>
<h1>403 Forbidden</h1>
<p>You don't have permission to access the URL on this server.<hr/>Powered by Tengine</body>
</html>

Found 2025-12-30 by HttpPlugin

Create report

Open service 155.102.51.3:443 · backend.hanfcn.com

2025-12-22 09:37

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Mon, 22 Dec 2025 09:37:26 GMT
Content-Type: text/html
Content-Length: 263
Connection: close
Via: ens-cache2.de7[,0]
EagleId: 0000000017663962463365937e

Page title: 400 The plain HTTP request was sent to HTTPS port

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<h1>400 Bad Request</h1>
<p>The plain HTTP request was sent to HTTPS port.<hr/>Powered by Tengine</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

Open service 155.102.51.3:443 · backend.hanfcn.com

2025-12-20 10:07

HTTP/1.1 400 Bad Request
Server: Tengine
Date: Sat, 20 Dec 2025 10:07:25 GMT
Content-Type: text/html
Content-Length: 263
Connection: close
Via: ens-cache8.de7[,0]
EagleId: 0000000017662252450406874e

Page title: 400 The plain HTTP request was sent to HTTPS port

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<h1>400 Bad Request</h1>
<p>The plain HTTP request was sent to HTTPS port.<hr/>Powered by Tengine</body>
</html>

Found 2025-12-20 by HttpPlugin

Create report

Open service 155.102.51.3:80 · backend.hanfcn.com

2025-12-20 04:47

HTTP/1.1 403 Forbidden
Server: Tengine
Date: Sat, 20 Dec 2025 04:47:12 GMT
Content-Type: text/html
Content-Length: 238
Connection: close
X-Tengine-Error: non-existent domain
Via: ens-cache5.de7[,0]
Timing-Allow-Origin: *
EagleId: a3b5839917662060320026896e

Page title: 403 Forbidden

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html>
<head><title>403 Forbidden</title></head>
<body>
<h1>403 Forbidden</h1>
<p>You don't have permission to access the URL on this server.<hr/>Powered by Tengine</body>
</html>

Found 2025-12-20 by HttpPlugin

Create report

Domain summary

backend.hanfcn.com 10

1 recorded

IP summary

155.102.51.3 2

1 recorded

Domain backend.hanfcn.com

Germany

Software information

Swagger API description is publicly available

Swagger API description is publicly available

Domain summary

IP summary