Domain auth.dev.bellfg.com.au
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-20 10:27
Last seen 2025-11-12 10:11
Open for 22 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354967364ab4b877937600a4c819823924047b147eb0Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /.well-known/jwks GET /Credentials/search GET /Credentials/{id} GET /Identities/{id} GET /authorize GET /cognito/callback GET /entitlements/get-entitlements GET /entitlements/is-entitled GET /health GET /health/debug GET /health/full GET /login GET /logout GET /logout/complete GET /test-harness GET /test-harness/echo-token GET /test-harness/feature-enabled GET /test-harness/give-me-a-client-token GET /test-harness/give-me-a-cognito-client-token GET /test-harness/give-me-a-user-token GET /test-harness/give-me-an-emulated-cognito-client-token GET /who-am-i POST /provisioning/admin-user POST /provisioning/initialize POST /provisioning/upgrade-credentials POST /provisioning/v1/association POST /provisioning/v1/cognito-user-temp POST /provisioning/v1/identity POST /provisioning/v1/oauth-client POST /provisioning/v1/update-client-properties POST /test-harness/create-oauth-client POST /test-harness/create-oauth-client-pki POST /test-harness/create-oauth-user POST /test-harness/sign-jwt POST /tokenFound on 2025-11-12 10:11
-
-
Open service 2.16.204.93:443 · auth.dev.bellfg.com.au
2026-01-09 01:18
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 382 Expires: Fri, 09 Jan 2026 01:18:11 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 01:18:11 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1767921491585_34610525_136958756_18_16240_11_83_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://auth.dev.bellfg.com.au/" on this server.<P> Reference #18.5d1d1002.1767921491.829d324 <P>https://errors.edgesuite.net/18.5d1d1002.1767921491.829d324</P> </BODY> </HTML>
Found 2026-01-09 by HttpPluginCreate report
-
Open service 2.16.204.93:443 · auth.dev.bellfg.com.au
2026-01-02 01:22
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Fri, 02 Jan 2026 01:22:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 02 Jan 2026 01:22:51 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1767316971601_34610525_3111529355_14_4971_17_21_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://auth.dev.bellfg.com.au/" on this server.<P> Reference #18.5d1d1002.1767316971.b9762b8b <P>https://errors.edgesuite.net/18.5d1d1002.1767316971.b9762b8b</P> </BODY> </HTML>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2.16.204.93:443 · auth.dev.bellfg.com.au
2025-12-30 08:59
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Tue, 30 Dec 2025 08:59:23 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 30 Dec 2025 08:59:23 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1767085162867_34610525_2521513014_17_4846_171_175_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://auth.dev.bellfg.com.au/" on this server.<P> Reference #18.5d1d1002.1767085162.964b3c36 <P>https://errors.edgesuite.net/18.5d1d1002.1767085162.964b3c36</P> </BODY> </HTML>
Found 2025-12-30 by HttpPluginCreate report
-
Open service 2.16.204.93:443 · auth.dev.bellfg.com.au
2025-12-22 09:44
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Mon, 22 Dec 2025 09:44:22 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 09:44:22 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1766396662526_34610516_1019545387_18_5248_151_156_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://auth.dev.bellfg.com.au/" on this server.<P> Reference #18.541d1002.1766396662.3cc5072b <P>https://errors.edgesuite.net/18.541d1002.1766396662.3cc5072b</P> </BODY> </HTML>
Found 2025-12-22 by HttpPluginCreate report
-
Open service 2.16.204.93:443 · auth.dev.bellfg.com.au
2025-12-20 10:11
HTTP/1.1 403 Forbidden Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Sat, 20 Dec 2025 10:11:21 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 20 Dec 2025 10:11:21 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1766225480976_34610516_662370332_19_5488_17_23_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://auth.dev.bellfg.com.au/" on this server.<P> Reference #18.541d1002.1766225480.277af81c <P>https://errors.edgesuite.net/18.541d1002.1766225480.277af81c</P> </BODY> </HTML>
Found 2025-12-20 by HttpPluginCreate report