Domain card-payment-svc.mafrservices.com
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.16.183.86
Domain: card-payment-svc.mafrservices.com
Port: 443
URL: https://card-payment-svc.mafrservices.comFirst seen 2025-10-14 07:14
Last seen 2026-02-02 07:11
Open for 110 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec3d38aef23458f998530d6d25980626a6cf20911ePublic Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/health GET /v1/card-payments/3ds/redirect/{txnId}/failure GET /v1/card-payments/3ds/redirect/{txnId}/success GET /v1/card-payments/cardpayments/response POST /mpgs/callback/{countryCode}/pay POST /reconciliation/adcb POST /v1/card-payments/checkout/webhook/process POST /v1/card-payments/initiate POST /v3/balance POST /v3/card-points/initiate POST /v3/cards/encrypt POST /v3/cards/metadata POST /v3/credit-card/initiate POST /v3/cybersource/callback POST /v3/cybersource/response/{countryCode} POST /v3/debit-card/initiate POST /v3/otp/resend POST /v3/otp/{transactionId}/submit POST /v3/save-card/initiateFound on 2026-02-02 07:11 -
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ec3d38aef23458f998530d6d25980626a6849ad99dPublic Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/health GET /v1/card-payments/3ds/redirect/{txnId}/failure GET /v1/card-payments/3ds/redirect/{txnId}/success GET /v1/card-payments/cardpayments/response POST /reconciliation/adcb POST /v1/card-payments/checkout/webhook/process POST /v1/card-payments/initiate POST /v3/balance POST /v3/card-points/initiate POST /v3/cards/encrypt POST /v3/cards/metadata POST /v3/credit-card/initiate POST /v3/cybersource/callback POST /v3/cybersource/response/{countryCode} POST /v3/debit-card/initiate POST /v3/otp/resend POST /v3/otp/{transactionId}/submit POST /v3/save-card/initiateFound on 2025-11-08 22:55
-