LeakIX - Host nativeappsdk.pa.playlive.com

Domain nativeappsdk.pa.playlive.com

The Netherlands

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 104.110.240.89
Domain: nativeappsdk.pa.playlive.com
Port: 443
URL: https://nativeappsdk.pa.playlive.com

First seen 2025-10-29 12:42
Last seen 2026-02-09 00:58
Open for 102 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60e0777c23850e5f650110d022ca460509f13943cb

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /api/metadata/currentServerTime
GET /api/players/{id}/favoriteGames
GET /api/statistics/topWinners
GET /api/v1/certificates/public-keys
GET /api/v1/configurations
GET /api/v1/metadata/currentServerTime
GET /api/v1/players/{id}/configurations
GET /api/v1/players/{id}/documentVerification/settings
GET /api/v1/players/{id}/favoriteGames
GET /api/v1/players/{id}/geoLocations
GET /api/v1/players/{id}/loyaltyPoints
GET /api/v1/players/{id}/payments/apple-pay/client-token
GET /api/v1/players/{id}/wallet
GET /api/v1/statistics/topWinners
PATCH /api/v1/sessions
POST /api/v1/logs
POST /api/v1/players/{id}/documentVerification/documents
POST /api/v1/sessions/logout

Found on 2026-02-09 00:58

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b3cde7047228433831cf194f4072699c3cbdcbfb

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/metadata/currentServerTime
GET /api/players/{id}/favoriteGames
GET /api/statistics/topWinners
GET /api/v1/certificates/public-keys
GET /api/v1/configurations
GET /api/v1/metadata/currentServerTime
GET /api/v1/players/{id}/configurations
GET /api/v1/players/{id}/favoriteGames
GET /api/v1/players/{id}/geoLocations
GET /api/v1/players/{id}/loyaltyPoints
GET /api/v1/players/{id}/payments/apple-pay/client-token
GET /api/v1/players/{id}/wallet
GET /api/v1/statistics/topWinners
PATCH /api/v1/sessions
POST /api/v1/logs
POST /api/v1/sessions/logout

Found on 2026-01-22 12:06

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b3cde7047228433831cf194f4bfe8a906a170816

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/metadata/currentServerTime
GET /api/players/{id}/favoriteGames
GET /api/statistics/topWinners
GET /api/v1/configurations
GET /api/v1/metadata/currentServerTime
GET /api/v1/players/{id}/configurations
GET /api/v1/players/{id}/favoriteGames
GET /api/v1/players/{id}/geoLocations
GET /api/v1/players/{id}/loyaltyPoints
GET /api/v1/players/{id}/payments/apple-pay/client-token
GET /api/v1/players/{id}/wallet
GET /api/v1/statistics/topWinners
PATCH /api/v1/sessions
POST /api/v1/logs
POST /api/v1/sessions/logout

Found on 2026-01-02 19:42

Create report

Open service 104.110.240.89:443 · nativeappsdk.pa.playlive.com

2026-01-22 12:06

HTTP/1.1 404 Not Found
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 0
Expires: Thu, 22 Jan 2026 12:06:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 22 Jan 2026 12:06:34 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=79
Server-Timing: origin; dur=9
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1769083594691_1752100949_223422663_8767_10309_12_82_-";dur=1

Found 2026-01-22 by HttpPlugin

Create report

Open service 104.110.240.89:443 · nativeappsdk.pa.playlive.com

2026-01-10 02:07

HTTP/1.1 404 Not Found
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 0
Expires: Sat, 10 Jan 2026 02:07:51 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 10 Jan 2026 02:07:51 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=140
Server-Timing: origin; dur=16
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1768010871735_1752100940_688640471_15599_7341_94_99_-";dur=1

Found 2026-01-10 by HttpPlugin

Create report

Open service 104.110.240.80:443 · nativeappsdk.pa.playlive.com

2026-01-07 11:50

HTTP/1.1 404 Not Found
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 07 Jan 2026 11:50:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 07 Jan 2026 11:50:59 GMT
Content-Length: 0
Connection: close
Server-Timing: edge; dur=19
Server-Timing: origin; dur=386
Server-Timing: cdn-cache; desc=MISS
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767786658490_1752100940_495040984_40515_12205_88_99_-";dur=1

Found 2026-01-07 by HttpPlugin

Create report

Open service 104.110.240.89:443 · nativeappsdk.pa.playlive.com

2026-01-07 11:50

HTTP/1.1 404 Not Found
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 0
Expires: Wed, 07 Jan 2026 11:50:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 07 Jan 2026 11:50:58 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=209
Server-Timing: origin; dur=101
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767786658278_1752100949_484246933_30999_8889_10_16_-";dur=1

Found 2026-01-07 by HttpPlugin

Create report

Open service 23.36.162.71:443 · nativeappsdk.pa.playlive.com

2026-01-02 19:42

HTTP/1.1 404 Not Found
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 0
Expires: Fri, 02 Jan 2026 19:42:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 02 Jan 2026 19:42:38 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=151
Server-Timing: origin; dur=338
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1767382958246_388276231_2211132517_48944_8326_93_100_-";dur=1

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.36.162.71:443 · nativeappsdk.pa.playlive.com

2025-12-23 00:47

HTTP/1.1 404 Not Found
Content-Security-Policy: frame-ancestors 'none'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Length: 0
Expires: Tue, 23 Dec 2025 00:47:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 23 Dec 2025 00:47:22 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=332
Server-Timing: origin; dur=34
Alt-Svc: h3=":443"; ma=93600
Server-Timing: ak_p; desc="1766450841630_388276241_571786933_36603_10272_101_138_-";dur=1

Found 2025-12-23 by HttpPlugin

Create report

asg-webapi.pa.playlive.comasgusa-restapi.pa.playlive.comexternalservices.pa.playlive.comfileservices.pa.playlive.comgamesrv1.pa.playlive.cominfo.pa.playlive.comnativeappsdk.pa.playlive.compa.playlive.compaymentprocessorswebapi.pa.playlive.comwebapi.pa.playlive.comwww.pa.playlive.com

Fingerprint:

e6dc9a76afb8e8843b03fb8a35846f5d70c266f537879734a11bf05a03097e62

CN:

pa.playlive.com

Key:

RSA-2048

Issuer:

R13

Not before:

2026-01-07 10:52

Not after:

2026-04-07 10:52

asg-webapi.pa.playlive.comasgusa-restapi.pa.playlive.comexternalservices.pa.playlive.comfileservices.pa.playlive.comgamesrv1.pa.playlive.cominfo.pa.playlive.comnativeappsdk.pa.playlive.compa.playlive.compaymentprocessorswebapi.pa.playlive.comwebapi.pa.playlive.comwww.pa.playlive.com

Fingerprint:

97e5875fd9699a90baa36c11e342e7042a409b486cd04b43f9a38f0dd309cffb

CN:

pa.playlive.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-10-29 11:43

Not after:

2026-01-27 11:43

Domain summary

nativeappsdk.pa.playlive.com 8

1 recorded

IP summary

104.110.240.89 2 104.110.240.80 1 23.36.162.71 1

3 recorded