Domain mfe.cortex-dev.roche.com
Software information
cloudflare
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-30 20:34
Last seen 2026-01-09 21:46
Open for 71 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1a8bcc6e5b42e1c4a5d5dd07ec58db5631c08f13e8ea19d1aPublic Swagger UI/API detected at path: /webjars/swagger-ui/index.html - sample paths: GET /api/v1/feeds GET /api/v1/feeds/{feed} GET /api/v1/pilets GET /api/v1/pilets/files/{feed}/{name}/{version}/{filename} GET /api/v1/pilets/{feed}Found on 2026-01-09 21:46 -
Severity: info
Fingerprint: 5733ddf49ff49cd1926e27d0926e27d0926e27d0926e27d0926e27d0926e27d0Public Swagger UI/API detected at path: /webjars/swagger-ui/index.html
Found on 2025-11-28 18:35
-
-
Open service 104.18.7.192:443 · mfe.cortex-dev.roche.com
2026-01-09 21:46
HTTP/1.1 403 Forbidden Date: Fri, 09 Jan 2026 21:46:31 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9bb720b7cbcafff9-AMS x-envoy-upstream-service-time: 1 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=ENrZSLJ1dWM065lHGTAWxY7sA45GJQRHBrgHTqTuLLE-1767995191-1.0.1.1-XYJNPrMHsujItSQ8Od3VQBWN8yoy0IiRyMA6sLqGxSbVNaDPbMvDlL6WFG7beJfVCDjE6Oy7Zi8MyGgAl9EhbKZCR0VnE_AOwGa1.ug41CI; path=/; expires=Fri, 09-Jan-26 22:16:31 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=3d07e15e440e7fd582578d4b21c944bceb01c687-1767995191; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=OLHnIyy43uZVikn3zPS0j4pBdaZtOQtQydb7XoqjqqM-1767995191086-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2026-01-09 by HttpPluginCreate report
-
Open service 2606:4700::6812:6c0:443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 403 Forbidden Date: Fri, 02 Jan 2026 16:42:03 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b7bb5151ed49ba2-SIN x-envoy-upstream-service-time: 0 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=WYUFtsYMNkJtV_ttWQNhLKppZznQcDo8xEh9UMx8xEg-1767372123-1.0.1.1-3rbG0VToTkbXfgItfMtqK1.RdncvOo67DdLvI2wHNrKWv3by7epO.SnI4B1lXg_wyG7QZH6u.4zey8bugwXJhGRKLHOTMMZymi7Q0YhqwSg; path=/; expires=Fri, 02-Jan-26 17:12:03 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=0f87d24fcdf3e92206799be0ffd84c48cc1509b3-1767372123; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=TuxAMDRRz5ng.9t6QXsac0tRuHqZnHehJI7o5NRUU.k-1767372123155-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.7.192:8443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.7.192:80 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 301 Moved Permanently Date: Fri, 02 Jan 2026 16:42:01 GMT Content-Type: text/html Content-Length: 167 Connection: close Cache-Control: max-age=3600 Expires: Fri, 02 Jan 2026 17:42:01 GMT Location: https://mfe.cortex-dev.roche.com/ Set-Cookie: __cf_bm=7Y6bjlMYzo07w0MlHhcRXUA9dJoEJ8qEybl6HUqan2k-1767372121-1.0.1.1-fH6ADM3WAoZG5qaubjbsQueXCwwaZsPnr_OcAqJrfN6_qiilKpfUEUuHPGDqV.iVghyuI297FVzLCvjuvpqajxn225HoikCm_gd7E2GT8Kk; path=/; expires=Fri, 02-Jan-26 17:12:01 GMT; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: __cfruid=9b11f666f183f42d078fa0165c2cd9381086918d-1767372121; path=/; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: _cfuvid=fPIWIPwBaVO0LcDGpEqxbnWagD_1Gm8wi28Agzl7sBM-1767372121119-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly Server: cloudflare CF-RAY: 9b7bb50cb95e4f4e-EWR Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>cloudflare</center> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2606:4700::6812:7c0:80 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 301 Moved Permanently Date: Fri, 02 Jan 2026 16:42:01 GMT Content-Type: text/html Content-Length: 167 Connection: close Cache-Control: max-age=3600 Expires: Fri, 02 Jan 2026 17:42:01 GMT Location: https://mfe.cortex-dev.roche.com/ Set-Cookie: __cf_bm=VN4_bhWkuDRqCpLCktz84HSIJGhYKDWPtIpfh7ewdnM-1767372121-1.0.1.1-AlB3izV9NQf_A8CtzbuyUHrpZwqJmUbxp1NEXh4HsLEI5r4UPiJ.O6cCNDA6u3oOkxbYWCLd.RC4_ANm5G5isZw2BrPQDkN_5PRMdOEgdY4; path=/; expires=Fri, 02-Jan-26 17:12:01 GMT; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: __cfruid=02e6da3e4cb534acee2cf0698c3111d98b4af1df-1767372121; path=/; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: _cfuvid=PMuKCfIEYg2Sxsi_X4aY1aBKl6gF4RjAvT7WXG0SmdY-1767372121172-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly Server: cloudflare CF-RAY: 9b7bb50cbdd888a1-LHR Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>cloudflare</center> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2606:4700::6812:7c0:443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 403 Forbidden Date: Fri, 02 Jan 2026 16:42:02 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b7bb5100af1f9e4-SJC x-envoy-upstream-service-time: 0 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=rAw2LKJsA_aGIM8dOiLlaseaQoG_0wbMyARmQFD2U6E-1767372122-1.0.1.1-DcKIr3TfKPU53Na_PeZNj3y.Dbe_Vht_pxE_QMqVDXIdf6_YVBI4vWscrpJzXioAXBwDPQpANw9enpR2lEr_8NXmtVMoQzpLGAmayznwwWI; path=/; expires=Fri, 02-Jan-26 17:12:02 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=7ac5933ff7eeaa8264e41c9743f31cffd8782f7b-1767372122; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=Pck2HsXSKREZbb.WdJX6pZtTs1g.iVrGBwAbuiYHeLs-1767372122403-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2606:4700::6812:6c0:80 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 301 Moved Permanently Date: Fri, 02 Jan 2026 16:42:01 GMT Content-Type: text/html Content-Length: 167 Connection: close Cache-Control: max-age=3600 Expires: Fri, 02 Jan 2026 17:42:01 GMT Location: https://mfe.cortex-dev.roche.com/ Set-Cookie: __cf_bm=ff9gn02OyoPWAKTcvCjcDpKUrXYPg5URrxz520GUXj0-1767372121-1.0.1.1-FK0hhP6Qcmp5wWFTL.og10bYnbmiAqQs20CnAiNIX1UnXg36SpQQzeq4n8OCgN1LpOWcCBRO_ayV45aa2tSnfDGP0oGcmxMTK.oZ56lhvjo; path=/; expires=Fri, 02-Jan-26 17:12:01 GMT; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: __cfruid=38f591ff24d615fe2ac5753610e76c25ff0e2297-1767372121; path=/; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: _cfuvid=nGpSShqlguOcRk3Kh1xgflp6.n_8WA25jma0tXms6yw-1767372121062-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly Server: cloudflare CF-RAY: 9b7bb50c5bff3859-LHR Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>cloudflare</center> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2606:4700::6812:7c0:8443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.7.192:443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 403 Forbidden Date: Fri, 02 Jan 2026 16:42:01 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b7bb50e7decade0-YYZ x-envoy-upstream-service-time: 1 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=wFOTaXJyaC_t0thgoy1AvSi_oAE41B7PU4Ds9MGbenI-1767372121-1.0.1.1-P6UyKwUWmrNWcx7oi95NEzgLYZ77iHpADPvMtRsDcXUEdVkShGpXgPkSMTreKwjN3X86WFP0tY0wzP7tLlXZ9GGR23Xg_q3DOYSzi_Q_hEs; path=/; expires=Fri, 02-Jan-26 17:12:01 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=c8f59ccdd5bd222817cc2ec9af628d74c61ac6c2-1767372121; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=1c_iySaQbec.8cEjrkD9ObYsdx.htLPmVsCgMk6Q_zQ-1767372121490-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.6.192:443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 403 Forbidden Date: Fri, 02 Jan 2026 16:42:01 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b7bb50c2ead0e9c-AMS x-envoy-upstream-service-time: 1 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=O5L3BWxgLeHT7oMVLOaoTV9amahoUMU5ReXST8evZeU-1767372121-1.0.1.1-X89EiMKITZb2F84Z8U.r1bjH2O0rjtiMnRVXoxTcMfQCUsCikvC2rCniPwR4Ug8eboHdK8oIgVTX_wHtXTpkNCGukQOd7I20HFGAZ7Mc8_I; path=/; expires=Fri, 02-Jan-26 17:12:01 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=fb4bb83291c55610d3e3428d22b2bf2c0d23f39d-1767372121; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=2dc4p7SS3T3Psutg3envKWeN.DJQwwIAenxENC9sBjU-1767372121097-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2026-01-02 by HttpPluginCreate report
-
Open service 2606:4700::6812:6c0:8443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.6.192:80 · mfe.cortex-dev.roche.com
2026-01-02 16:42
HTTP/1.1 301 Moved Permanently Date: Fri, 02 Jan 2026 16:42:00 GMT Content-Type: text/html Content-Length: 167 Connection: close Cache-Control: max-age=3600 Expires: Fri, 02 Jan 2026 17:42:00 GMT Location: https://mfe.cortex-dev.roche.com/ Set-Cookie: __cf_bm=HwIqujRO0SXvbO6IWAJ_UkWbKr020ZA5mt9Ea_Ja7Kc-1767372120-1.0.1.1-HwbtKFWP1GFIJjChkf_.cYdsMM78AbYacGjn26WwCv1Q3zK7Y.Ydh5SRcSeks_Mk6ODh0_n926QrgId4i3ZxLSpyfAPFo_rLi6dgBO.dm_o; path=/; expires=Fri, 02-Jan-26 17:12:00 GMT; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: __cfruid=fd09c031d59ce9e3210f7a60b161bb0497fb33df-1767372120; path=/; domain=.cortex-dev.roche.com; HttpOnly Set-Cookie: _cfuvid=0rql5uK1QuzfIS0K.VURAHVqj.iUKvxbzHHyNcq.7NE-1767372120968-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly Server: cloudflare CF-RAY: 9b7bb50bcf42fb99-AMS Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>cloudflare</center> </body> </html>
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.6.192:8443 · mfe.cortex-dev.roche.com
2026-01-02 16:42
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.7.192:443 · mfe.cortex-dev.roche.com
2026-01-02 07:37
HTTP/1.1 403 Forbidden Date: Fri, 02 Jan 2026 07:37:49 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b7897e64ff1d266-FRA x-envoy-upstream-service-time: 0 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=Hx6OTLFbs1t9Vkj5SD49diZJI1cI52JqrAnwD4PdsXA-1767339469-1.0.1.1-29.geFkf4liSNuMRZJYz202fM.uUkFP7xp7lv0QYFQf.O5.vicICpenKMP6UALQ4z0W96n63PCKojoJGVvfqzZL49w4Iqtg9iHbMyomZ3uw; path=/; expires=Fri, 02-Jan-26 08:07:49 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=c2227f4934a93f74f5702a896b6f2a5dd81584c0-1767339469; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=Zfls6KWtSXKxuioJN9iSQvh.qWjcPlTh209VrrWvgXs-1767339469833-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.7.192:443 · mfe.cortex-dev.roche.com
2025-12-23 08:16
HTTP/1.1 403 Forbidden Date: Tue, 23 Dec 2025 08:16:19 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b266a8a4dda6696-AMS x-envoy-upstream-service-time: 1 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=RCXVk9YUagpayUbWAWRzk_O.1lRjgCmtNWYOgjpAEmg-1766477779-1.0.1.1-6zHEWHtTwVafYpAZ3ZWC2ycYlGJ630DwsVmTbnGlzRax3ylb1FpXyd5ofJx4BzcY2yiJCNaK8ziRfK3jcyw0iCeSECUudYkNP6hTIhfpegw; path=/; expires=Tue, 23-Dec-25 08:46:19 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=6f2336ef4e7e5412b3efc9407c290b6431f17631-1766477779; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=G1QSi60i9wWTciyMCPyG0D8_h5FDr1mEo3Jrz9U97vU-1766477779679-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2025-12-23 by HttpPluginCreate report
-
Open service 104.18.7.192:443 · mfe.cortex-dev.roche.com
2025-12-21 07:04
HTTP/1.1 403 Forbidden Date: Sun, 21 Dec 2025 07:04:44 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b1586eceff3131e-AMS x-envoy-upstream-service-time: 1 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=daE3W7WW.BcfALV.bE.SvHYUSBF3VCqTLzBCFEe_etk-1766300684-1.0.1.1-_exsQ12hOAZokQvHovniejAUVfO.PnltG.3MaQEO4RTFrOasTM837xDp.j4XRGnwW5YmtrsXwd9ej3JDU9.XO0LzSipDvVN7HqanE2obFuY; path=/; expires=Sun, 21-Dec-25 07:34:44 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=6d423bcfdad1d04f9fc43f1ac3540df9739feff4-1766300684; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=fLkQFdg7zTDKApGLrbTqhXi0s04w4CvmLUMrGS7AihM-1766300684406-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2025-12-21 by HttpPluginCreate report
-
Open service 104.18.7.192:443 · mfe.cortex-dev.roche.com
2025-12-19 01:12
HTTP/1.1 403 Forbidden Date: Fri, 19 Dec 2025 01:12:14 GMT Content-Type: text/plain Content-Length: 19 Connection: close CF-RAY: 9b0307ce4b01f8c6-SIN x-envoy-upstream-service-time: 0 Cache-Control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=x2nswQ7t3FvfKhjsg6QIDlTzHkiQJXHGvK8NmPLepsE-1766106734-1.0.1.1-c24.r.QsxehXsOoNmbSNLIK6K0gAtwRpsCyzU4v.7lRjnt_xm9T8d2N8DoK9ByTqlzYfUwMDMlQL44gqZsye4qnU9abEo7iDqM_UprHB5Ug; path=/; expires=Fri, 19-Dec-25 01:42:14 GMT; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: __cfruid=335a77e6ec1a91f7034efc9ada978b12cff69175-1766106734; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Set-Cookie: _cfuvid=7_FG.jCh14V_R6FET0ymN38FX92VaUF6.Iffmz1CuQ4-1766106734516-0.0.1.1-604800000; path=/; domain=.cortex-dev.roche.com; HttpOnly; Secure; SameSite=None Server: cloudflare RBAC: access denied
Found 2025-12-19 by HttpPluginCreate report