Host 34.107.181.171
United States
Software information
Apache
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-23 06:54
Last seen 2025-11-28 21:12
Open for 36 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656Public Swagger UI/API detected at path: /swagger-ui.html
Found on 2025-11-28 21:12
-
-
Open service 34.107.181.171:443 · wwwnewgds.hk.gskapp.com
2026-01-08 20:05
HTTP/1.1 500 Internal Server Error Date: Thu, 08 Jan 2026 20:05:25 GMT Server: Apache X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-policy: same-origin X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000 Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers Content-Type: application/json Via: 1.1 google Set-Cookie: GCLB=CJL_76G9hOHHRBAD; path=/; HttpOnly; expires=Fri, 09-Jan-2026 20:05:25 GMT Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close Transfer-Encoding: chunked {"timestamp":1767902726166,"status":500,"error":"Internal Server Error","path":"/"}Found 2026-01-08 by HttpPluginCreate report
-
Open service 34.107.181.171:443 · wwwnewgds.hk.gskapp.com
2026-01-01 20:34
HTTP/1.1 500 Internal Server Error Date: Thu, 01 Jan 2026 20:34:21 GMT Server: Apache X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-policy: same-origin X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000 Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers Content-Type: application/json Via: 1.1 google Set-Cookie: GCLB=CPnG0q_t8M37AxAD; path=/; HttpOnly; expires=Fri, 02-Jan-2026 20:34:21 GMT Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close Transfer-Encoding: chunked {"timestamp":1767299661649,"status":500,"error":"Internal Server Error","path":"/"}Found 2026-01-01 by HttpPluginCreate report
-
Open service 34.107.181.171:443 · tomcat-prd.ao.gskinternet.com
2025-12-31 23:15
HTTP/1.1 302 Found Date: Wed, 31 Dec 2025 23:15:41 GMT Server: Apache X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Referrer-policy: same-origin X-XSS-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000 Location: https://parked.gsk.com Content-Length: 206 Content-Type: text/html; charset=iso-8859-1 Via: 1.1 google Set-Cookie: GCLB=CO36kOzf6uD33AEQAw; path=/; HttpOnly; expires=Thu, 01-Jan-2026 23:15:41 GMT Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close Page title: 302 Found <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://parked.gsk.com">here</a>.</p> </body></html>
Found 2025-12-31 by HttpPluginCreate report
-
Open service 34.107.181.171:80 · tomcat-prd.ao.gskinternet.com
2025-12-31 23:15
HTTP/1.1 301 Moved Permanently Cache-Control: private Location: https://tomcat-prd.ao.gskinternet.com:443/ Content-Length: 0 Date: Wed, 31 Dec 2025 23:15:41 GMT Content-Type: text/html; charset=UTF-8 Connection: close
Found 2025-12-31 by HttpPluginCreate report