Domain credentials-staging.traxia.cloud
Singapore
Software information
Microsoft-IIS 10.0
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.67.63.90
Domain: credentials-staging.traxia.cloud
Port: 80
URL: http://credentials-staging.traxia.cloudFirst seen 2025-12-24 04:20
Last seen 2026-02-09 12:15
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549671c816d3efd44918f726939dd94571391021bf1Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/asset/health-status GET /api/asset/share GET /api/authentication/authenticate-api-access GET /api/authentication/authenticate-application-access GET /api/authentication/authenticate-user-access GET /api/authentication/authenticate-user-with-google GET /api/authentication/return-token-status GET /api/authentication/{scheme} GET /api/user/change-password GET /api/user/reset-password POST /api/asset/assign-operator POST /api/asset/delete POST /api/asset/info POST /api/asset/list POST /api/asset/register POST /api/asset/update POST /api/asset/update-extra POST /api/asset/update-gps POST /api/authentication/logout POST /api/device/disable POST /api/device/enable POST /api/device/info POST /api/device/list POST /api/device/register POST /api/device/update POST /api/simcard/disable POST /api/simcard/enable POST /api/simcard/info POST /api/simcard/list POST /api/simcard/register POST /api/simcard/update POST /api/subscriber/disable POST /api/subscriber/enable POST /api/subscriber/info POST /api/subscriber/register POST /api/subscriber/signup POST /api/subscriber/update POST /api/user/authenticate POST /api/user/authenticate-otp POST /api/user/challenge-otp POST /api/user/disable POST /api/user/enable POST /api/user/info POST /api/user/list POST /api/user/register POST /api/user/updateFound on 2026-02-09 12:15
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.67.63.90
Domain: credentials-staging.traxia.cloud
Port: 443
URL: https://credentials-staging.traxia.cloudFirst seen 2025-12-24 04:20
Last seen 2026-02-09 21:39
Open for 47 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549671c816d3efd44918f726939dd94571391021bf1Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/asset/health-status GET /api/asset/share GET /api/authentication/authenticate-api-access GET /api/authentication/authenticate-application-access GET /api/authentication/authenticate-user-access GET /api/authentication/authenticate-user-with-google GET /api/authentication/return-token-status GET /api/authentication/{scheme} GET /api/user/change-password GET /api/user/reset-password POST /api/asset/assign-operator POST /api/asset/delete POST /api/asset/info POST /api/asset/list POST /api/asset/register POST /api/asset/update POST /api/asset/update-extra POST /api/asset/update-gps POST /api/authentication/logout POST /api/device/disable POST /api/device/enable POST /api/device/info POST /api/device/list POST /api/device/register POST /api/device/update POST /api/simcard/disable POST /api/simcard/enable POST /api/simcard/info POST /api/simcard/list POST /api/simcard/register POST /api/simcard/update POST /api/subscriber/disable POST /api/subscriber/enable POST /api/subscriber/info POST /api/subscriber/register POST /api/subscriber/signup POST /api/subscriber/update POST /api/user/authenticate POST /api/user/authenticate-otp POST /api/user/challenge-otp POST /api/user/disable POST /api/user/enable POST /api/user/info POST /api/user/list POST /api/user/register POST /api/user/updateFound on 2026-02-09 21:39
-
-
Open service 13.67.63.90:80 · credentials-staging.traxia.cloud
2026-01-23 15:54
HTTP/1.1 307 Temporary Redirect Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 15:55:18 GMT Server: Microsoft-IIS/10.0 Location: https://credentials-staging.traxia.cloud/ Set-Cookie: ARRAffinity=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;Domain=credentials-staging.traxia.cloud X-Powered-By: ASP.NET
Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.67.63.90:443 · credentials-staging.traxia.cloud
2026-01-23 00:47
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 23 Jan 2026 00:47:47 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;Secure;Domain=credentials-staging.traxia.cloud Set-Cookie: ARRAffinitySameSite=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;SameSite=None;Secure;Domain=credentials-staging.traxia.cloud X-Powered-By: ASP.NET
Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.67.63.90:443 · credentials-staging.traxia.cloud
2026-01-10 01:09
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Sat, 10 Jan 2026 01:10:57 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;Secure;Domain=credentials-staging.traxia.cloud Set-Cookie: ARRAffinitySameSite=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;SameSite=None;Secure;Domain=credentials-staging.traxia.cloud X-Powered-By: ASP.NET
Found 2026-01-10 by HttpPluginCreate report
-
Open service 13.67.63.90:80 · credentials-staging.traxia.cloud
2026-01-09 01:42
HTTP/1.1 307 Temporary Redirect Content-Length: 0 Connection: close Date: Fri, 09 Jan 2026 01:43:56 GMT Server: Microsoft-IIS/10.0 Location: https://credentials-staging.traxia.cloud/ Set-Cookie: ARRAffinity=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;Domain=credentials-staging.traxia.cloud X-Powered-By: ASP.NET
Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.67.63.90:443 · credentials-staging.traxia.cloud
2026-01-02 18:27
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 02 Jan 2026 18:27:56 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;Secure;Domain=credentials-staging.traxia.cloud Set-Cookie: ARRAffinitySameSite=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;SameSite=None;Secure;Domain=credentials-staging.traxia.cloud X-Powered-By: ASP.NET
Found 2026-01-02 by HttpPluginCreate report
-
Open service 13.67.63.90:80 · credentials-staging.traxia.cloud
2026-01-01 19:53
HTTP/1.1 307 Temporary Redirect Content-Length: 0 Connection: close Date: Thu, 01 Jan 2026 19:53:31 GMT Server: Microsoft-IIS/10.0 Location: https://credentials-staging.traxia.cloud/ Set-Cookie: ARRAffinity=db8b43a1f74b7929a21f90db2f7543bf89a63261ba47d2dc4da530aec375a3a1;Path=/;HttpOnly;Domain=credentials-staging.traxia.cloud X-Powered-By: ASP.NET
Found 2026-01-01 by HttpPluginCreate report