LeakIX - Host auth.nolas.team

Domain auth.nolas.team

United States

AMAZON-02

Software information

AmazonS3

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 3.174.46.95
Domain: auth.nolas.team
Port: 443
URL: https://auth.nolas.team

First seen 2025-11-23 02:47
Last seen 2026-01-09 20:45
Open for 47 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb46a6c490ddf826d9b63963ef215aafbd9e78df794

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
DELETE /api/email-accounts/{emailAccountId}
DELETE /api/scim/{workspaceId}/Users/{userId}
GET /api/authorize
GET /api/customers/check/email
GET /api/customers/data/{token}
GET /api/customers/verify/account
GET /api/customers/verify/email
GET /api/email-accounts
GET /api/email-accounts/exchange/callback
GET /api/email-accounts/fetch-initiate
GET /api/email-accounts/imap-host
GET /api/flow/logout
GET /api/flow/password
GET /api/flow/verify
GET /api/flow/verify/new
GET /api/scim/{workspaceId}
GET /api/scim/{workspaceId}/Users
GET /api/session/me
GET /api/sp/{workspaceId}
GET /api/sp/{workspaceId}/metadata.xml
GET /api/workspaces/{workspaceId}
PATCH /api/user/{workspaceId}/setup-account-email
POST /api/customers/register
POST /api/customers/verify/email/resend
POST /api/domains/{workspaceId}
POST /api/email-accounts/exchange/login
POST /api/email-accounts/imap
POST /api/flow/login
POST /api/flow/register
POST /api/flow/saml
POST /api/sp/{workspaceId}/assert
POST /api/token
PUT /api/customers/me/mailbox
PUT /api/domains
PUT /api/flow/change/email
PUT /api/flow/change/password
PUT /api/me/preferences
PUT /api/sp/{workspaceId}/status
PUT /api/workspaces/{workspaceId}/members/{userId}
PUT /api/workspaces/{workspaceId}/members/{userId}/role
PUT /api/workspaces/{workspaceId}/settings

Found on 2026-01-09 20:45

Create report

Open service 3.174.46.95:443 · auth.nolas.team

2026-01-09 20:45

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Content-Length: 427
Connection: close
X-Amz-Cf-Pop: FRA56-P14
Date: Fri, 09 Jan 2026 20:45:18 GMT
Last-Modified: Wed, 29 Oct 2025 12:47:01 GMT
ETag: "32dfb67750566ff6dd234a238a444841"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=0,no-cache,no-store,must-revalidate
x-amz-version-id: JWlMb0YUfuOX0GjGj7iqutSCzGg8ocBL
Accept-Ranges: bytes
Server: AmazonS3
Via: 1.1 fa5fdff0565bac70f31c39c016fef732.cloudfront.net (CloudFront), 1.1 40a69b6ad68a14e6cabe1065cfa2dc82.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA60-P12
X-Amz-Cf-Id: ZgNinAJxc8N0ZY5V5Oz0XC7vV2cd626jWEK6DFFX2gm5GhrsgUN_QA==


<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <link rel="icon" type="image/svg+xml" href="/logo.svg" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <script type="module" crossorigin src="/assets/index-X7iCUBza.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-DYWEYYJI.css">
  </head>
  <body>
    <div id="app"></div>

  </body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 3.174.46.95:443 · auth.nolas.team

2026-01-02 16:55

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Content-Length: 427
Connection: close
X-Amz-Cf-Pop: FRA56-P14
Date: Fri, 02 Jan 2026 16:55:25 GMT
Last-Modified: Wed, 29 Oct 2025 12:47:01 GMT
ETag: "32dfb67750566ff6dd234a238a444841"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=0,no-cache,no-store,must-revalidate
x-amz-version-id: JWlMb0YUfuOX0GjGj7iqutSCzGg8ocBL
Accept-Ranges: bytes
Server: AmazonS3
Via: 1.1 e9a2119419258b95d7e2b6ceb32fa340.cloudfront.net (CloudFront), 1.1 c69902ded6396eee37d12b61d86f4414.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA60-P12
X-Amz-Cf-Id: I0z4mpAyG4cZARTPFhHQ5gMfaNO6UtWQgJ-LZseciPWngDANRbfTIg==


<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <link rel="icon" type="image/svg+xml" href="/logo.svg" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <script type="module" crossorigin src="/assets/index-X7iCUBza.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-DYWEYYJI.css">
  </head>
  <body>
    <div id="app"></div>

  </body>
</html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 3.174.46.95:443 · auth.nolas.team

2025-12-23 02:16

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Content-Length: 427
Connection: close
X-Amz-Cf-Pop: FRA56-P14
Date: Tue, 23 Dec 2025 02:16:14 GMT
Last-Modified: Wed, 29 Oct 2025 12:47:01 GMT
ETag: "32dfb67750566ff6dd234a238a444841"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=0,no-cache,no-store,must-revalidate
x-amz-version-id: JWlMb0YUfuOX0GjGj7iqutSCzGg8ocBL
Accept-Ranges: bytes
Server: AmazonS3
Via: 1.1 332c8b686017192eedcbc407d81ebe28.cloudfront.net (CloudFront), 1.1 6a979963b4bbad2eae71dd7856d44c8c.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA60-P12
X-Amz-Cf-Id: QEayfH_Laihkmj2k6eG1fwjvIbU7maVdrip9A2jpVOeubgxrFKZxow==


<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <link rel="icon" type="image/svg+xml" href="/logo.svg" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <script type="module" crossorigin src="/assets/index-X7iCUBza.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-DYWEYYJI.css">
  </head>
  <body>
    <div id="app"></div>

  </body>
</html>

Found 2025-12-23 by HttpPlugin

Create report

Open service 3.174.46.95:443 · auth.nolas.team

2025-12-20 14:31

HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Content-Length: 427
Connection: close
X-Amz-Cf-Pop: FRA56-P14
Date: Sat, 20 Dec 2025 14:31:41 GMT
Last-Modified: Wed, 29 Oct 2025 12:47:01 GMT
ETag: "32dfb67750566ff6dd234a238a444841"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=0,no-cache,no-store,must-revalidate
x-amz-version-id: JWlMb0YUfuOX0GjGj7iqutSCzGg8ocBL
Accept-Ranges: bytes
Server: AmazonS3
Via: 1.1 d65c51c078cfd9159d89608b305ffa06.cloudfront.net (CloudFront), 1.1 a95e3ddc09a8118950740e900d11ffc8.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: FRA60-P12
X-Amz-Cf-Id: 9MR4LnLU24iv92T4TdgZjzEOc6C1V8lKfkNc2ySMimntvBd7PECMdQ==


<!doctype html>
<html lang="en">
  <head>
    <meta charset="UTF-8" />
    <link rel="icon" type="image/svg+xml" href="/logo.svg" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <script type="module" crossorigin src="/assets/index-X7iCUBza.js"></script>
    <link rel="stylesheet" crossorigin href="/assets/index-DYWEYYJI.css">
  </head>
  <body>
    <div id="app"></div>

  </body>
</html>

Found 2025-12-20 by HttpPlugin

Create report

auth.nolas.team

Fingerprint:

cb1a86468c20f993a678aa2409daefae501a8b10f898ff23c7bdb3a9bbd816b8

CN:

auth.nolas.team

Key:

RSA-2048

Issuer:

Amazon RSA 2048 M04

Not before:

2025-11-23 00:00

Not after:

2026-12-22 23:59

Domain summary

auth.nolas.team 4

1 recorded

IP summary

3.174.46.95 2

1 recorded