Domain user-access-dev-5b.testfaz.net
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.18.64.211
Domain: user-access-dev-5b.testfaz.net
Port: 80
URL: http://user-access-dev-5b.testfaz.netFirst seen 2025-12-04 09:13
Last seen 2026-02-09 10:26
Open for 67 days-
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b60fee5cf8d9eff4c93b7cadc802742641c741763Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /authorize GET /oauth/entitlement-check GET /sessions GET /spotify/init GET /spotify/link GET /user-access GET /user/auth GET /user/sessions GET /user/setCookie POST /session/{sessionId} POST /user/login POST /user/loginExternal POST /user/logout POST /user/logoutExternal POST /user/register POST /user/resendValidationMail POST /user/restorePassword POST /user/session POST /user/session/{sessionId} POST /webhook/frisbiiFound on 2026-02-09 10:26 -
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b60fee5cf8d9eff4c93b7cadc80274264e6e1d65ePublic Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /authorize GET /oauth/entitlement-check GET /sessions GET /spotify/init GET /spotify/link GET /user-access GET /user/auth GET /user/sessions GET /user/setCookie POST /session/{sessionId} POST /user/login POST /user/loginExternal POST /user/logout POST /user/logoutExternal POST /user/register POST /user/resendValidationMail POST /user/restorePassword POST /user/session POST /user/session/{sessionId}Found on 2026-01-23 05:34 -
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b60fee5cf8d9eff4c93b7cadc6bfaced94f7a3e54Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /authorize GET /oauth/entitlement-check GET /sessions GET /user-access GET /user/auth GET /user/sessions GET /user/setCookie POST /session/{sessionId} POST /user/login POST /user/loginExternal POST /user/logout POST /user/logoutExternal POST /user/register POST /user/resendValidationMail POST /user/restorePassword POST /user/session POST /user/session/{sessionId}Found on 2026-01-02 03:57
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 2.18.64.211
Domain: user-access-dev-5b.testfaz.net
Port: 443
URL: https://user-access-dev-5b.testfaz.netFirst seen 2025-12-04 09:14
Last seen 2026-02-01 22:21
Open for 59 days-
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b60fee5cf8d9eff4c93b7cadc802742641c741763Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /authorize GET /oauth/entitlement-check GET /sessions GET /spotify/init GET /spotify/link GET /user-access GET /user/auth GET /user/sessions GET /user/setCookie POST /session/{sessionId} POST /user/login POST /user/loginExternal POST /user/logout POST /user/logoutExternal POST /user/register POST /user/resendValidationMail POST /user/restorePassword POST /user/session POST /user/session/{sessionId} POST /webhook/frisbiiFound on 2026-02-01 22:21 -
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b60fee5cf8d9eff4c93b7cadc80274264e6e1d65ePublic Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /authorize GET /oauth/entitlement-check GET /sessions GET /spotify/init GET /spotify/link GET /user-access GET /user/auth GET /user/sessions GET /user/setCookie POST /session/{sessionId} POST /user/login POST /user/loginExternal POST /user/logout POST /user/logoutExternal POST /user/register POST /user/resendValidationMail POST /user/restorePassword POST /user/session POST /user/session/{sessionId}Found on 2026-01-23 09:22 -
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b60fee5cf8d9eff4c93b7cadc6bfaced94f7a3e54Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /authorize GET /oauth/entitlement-check GET /sessions GET /user-access GET /user/auth GET /user/sessions GET /user/setCookie POST /session/{sessionId} POST /user/login POST /user/loginExternal POST /user/logout POST /user/logoutExternal POST /user/register POST /user/resendValidationMail POST /user/restorePassword POST /user/session POST /user/session/{sessionId}Found on 2026-01-02 16:20
-
-
Open service 2.18.64.211:443 · user-access-dev-5b.testfaz.net
2026-01-23 09:22
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: 3d630e2dadfd6525e3899b2fdd27ea87 X-Content-Type-Options: nosniff X-XSS-Protection: 0 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: DENY Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Fri, 23 Jan 2026 09:22:59 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2026-01-23T09:22:59.885+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.18.64.211:80 · user-access-dev-5b.testfaz.net
2026-01-23 05:34
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: 87e1fa6fcd9a789d73cacba78aa63e70 X-Content-Type-Options: nosniff X-XSS-Protection: 0 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Fri, 23 Jan 2026 05:34:24 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2026-01-23T05:34:24.316+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.18.64.211:80 · user-access-dev-5b.testfaz.net
2026-01-09 19:08
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: be49fd13dd2c63d07f168c8cec401773 X-Content-Type-Options: nosniff X-XSS-Protection: 0 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Fri, 09 Jan 2026 19:08:49 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2026-01-09T19:08:49.290+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 2.18.64.211:443 · user-access-dev-5b.testfaz.net
2026-01-09 09:30
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: 895621ef19907f927688427c183887d1 X-Content-Type-Options: nosniff X-XSS-Protection: 0 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: DENY Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Fri, 09 Jan 2026 09:30:11 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2026-01-09T09:30:11.709+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 2.18.64.211:443 · user-access-dev-5b.testfaz.net
2026-01-02 16:20
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: 146e16ff1c31e1acb5c18dfe736ee312 Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Fri, 02 Jan 2026 16:20:30 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2026-01-02T16:20:30.932+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 2.18.64.211:80 · user-access-dev-5b.testfaz.net
2026-01-02 03:57
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: cdf791afbe103907e6814455da3c801b Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Fri, 02 Jan 2026 03:57:23 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2026-01-02T03:57:23.370+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 2.18.64.211:443 · user-access-dev-5b.testfaz.net
2025-12-23 06:41
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: 1bf0bd9c2b5f089a5a621a1f44b53d04 Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Tue, 23 Dec 2025 06:41:02 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2025-12-23T06:41:02.910+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2025-12-23 by HttpPluginCreate report
-
Open service 2.18.64.211:80 · user-access-dev-5b.testfaz.net
2025-12-22 10:21
HTTP/1.1 404 Not Found Content-Type: application/json X-Request-ID: abee7f57ee8c9ec649cdc12c7dc122d2 Vary: origin Vary: access-control-request-method Vary: access-control-request-headers Date: Mon, 22 Dec 2025 10:21:44 GMT Content-Length: 122 Connection: close X-Debug-A-Serial: 313-1669027486 X-Debug-A-Add-Debug-Headers: true {"timestamp":"2025-12-22T10:21:44.341+00:00","status":404,"error":"Not Found","message":"No static resource .","path":"/"}Found 2025-12-22 by HttpPluginCreate report