Domain pay.tradelo.com
United Kingdom
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-13 22:10-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2025-12-13 22:10
-
-
Open service 51.104.28.88:443 · pay.tradelo.com
2026-01-22 21:26
HTTP/1.1 200 OK Content-Length: 11 Connection: close Content-Type: application/json; charset=utf-8 Date: Thu, 22 Jan 2026 21:26:43 GMT Access-Control-Allow-Credentials: true ETag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys" Set-Cookie: ARRAffinity=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;Secure;Domain=pay.tradelo.com Set-Cookie: ARRAffinitySameSite=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;SameSite=None;Secure;Domain=pay.tradelo.com Vary: Origin request-context: appId=cid-v1: X-Powered-By: Express {"ok":true}Found 2026-01-22 by HttpPluginCreate report
-
Open service 51.104.28.88:443 · pay.tradelo.com
2026-01-09 02:57
HTTP/1.1 200 OK Content-Length: 11 Connection: close Content-Type: application/json; charset=utf-8 Date: Fri, 09 Jan 2026 02:58:01 GMT Access-Control-Allow-Credentials: true ETag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys" Set-Cookie: ARRAffinity=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;Secure;Domain=pay.tradelo.com Set-Cookie: ARRAffinitySameSite=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;SameSite=None;Secure;Domain=pay.tradelo.com Vary: Origin request-context: appId=cid-v1: X-Powered-By: Express {"ok":true}Found 2026-01-09 by HttpPluginCreate report
-
Open service 51.104.28.88:443 · pay.tradelo.com
2026-01-02 03:35
HTTP/1.1 200 OK Content-Length: 11 Connection: close Content-Type: application/json; charset=utf-8 Date: Fri, 02 Jan 2026 03:35:52 GMT Access-Control-Allow-Credentials: true ETag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys" Set-Cookie: ARRAffinity=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;Secure;Domain=pay.tradelo.com Set-Cookie: ARRAffinitySameSite=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;SameSite=None;Secure;Domain=pay.tradelo.com Vary: Origin request-context: appId=cid-v1: X-Powered-By: Express {"ok":true}Found 2026-01-02 by HttpPluginCreate report
-
Open service 51.104.28.88:443 · pay.tradelo.com
2025-12-22 14:22
HTTP/1.1 200 OK Content-Length: 11 Connection: close Content-Type: application/json; charset=utf-8 Date: Mon, 22 Dec 2025 14:22:18 GMT Access-Control-Allow-Credentials: true ETag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys" Set-Cookie: ARRAffinity=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;Secure;Domain=pay.tradelo.com Set-Cookie: ARRAffinitySameSite=803e132ccfbdbe0eec34210845cbd51cde1b6b7a8f7ff60935a4da01dfc38328;Path=/;HttpOnly;SameSite=None;Secure;Domain=pay.tradelo.com Vary: Origin request-context: appId=cid-v1: X-Powered-By: Express {"ok":true}Found 2025-12-22 by HttpPluginCreate report