LeakIX - Host cryospeed.boc.com

Domain cryospeed.boc.com

Czechia

Akamai International B.V.

Software information

AkamaiGHost

tcp/443

Microsoft-IIS 10.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 104.126.37.131
Domain: cryospeed.boc.com
Port: 443
URL: https://cryospeed.boc.com

First seen 2025-11-25 10:54
Last seen 2026-02-05 15:01
Open for 72 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43395e71390adb04ab2a8cd035cc08962fbe4edbb7

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /api/branches
GET /api/branches/count
GET /api/branches/page
GET /api/branches/{id}
GET /api/callplans
GET /api/callplans/count
GET /api/callplans/page
GET /api/callplans/{id}
GET /api/cesreport
GET /api/cesreport/count
GET /api/cesreport/page
GET /api/cesreport/{id}
GET /api/deliveries
GET /api/deliveries/count
GET /api/deliveries/csv
GET /api/deliveries/page
GET /api/deliveries/{id}
GET /api/fillings
GET /api/fillings/count
GET /api/fillings/page
GET /api/fillings/{id}
GET /api/logout
GET /api/manualnote
GET /api/manualnote/count
GET /api/manualnote/countremaining
GET /api/manualnote/page
GET /api/manualnote/{id}
GET /api/materials
GET /api/materials/count
GET /api/materials/page
GET /api/materials/{id}
GET /api/ppmreport
GET /api/ppmreport/count
GET /api/ppmreport/page
GET /api/ppmreport/{id}
GET /api/repcodes
GET /api/repcodes/count
GET /api/repcodes/page
GET /api/repcodes/{id}
GET /api/reset
GET /api/reset/count
GET /api/reset/page
GET /api/reset/{id}
GET /api/servicecategories
GET /api/servicecategories/count
GET /api/servicecategories/page
GET /api/servicecategories/{id}
GET /api/services
GET /api/services/count
GET /api/services/page
GET /api/services/{id}
GET /api/servicetypes
GET /api/servicetypes/count
GET /api/servicetypes/page
GET /api/servicetypes/{id}
GET /api/users
GET /api/users/count
GET /api/users/coverdetails
GET /api/users/page
GET /api/users/rtdReport
GET /api/users/{id}
GET /api/vehicles
GET /api/vehicles/count
GET /api/vehicles/initvolumes/{id}
GET /api/vehicles/page
GET /api/vehicles/{id}
GET /api/vessels
GET /api/vessels/count
GET /api/vessels/page
GET /api/vessels/{id}
GET /api/vesseltypes
GET /api/vesseltypes/count
GET /api/vesseltypes/page
GET /api/vesseltypes/{id}
GET /api/waypoints
GET /api/waypoints/count
GET /api/waypoints/csv
GET /api/waypoints/page
GET /api/waypoints/{id}
PATCH /api/deliveries/full/{id}
PATCH /api/repcodes/{id}/productcodes
PATCH /api/vehicles/{id}/materials
PATCH /api/waypoints/{id}/ownership
POST /api/callplans/generate
POST /api/callplans/generate/{id}
POST /api/callplans/tmtsync
POST /api/deliveries/full
POST /api/forgot
POST /api/login
POST /api/manualnote/addinterval
POST /api/reset/upsert
POST /api/users/{id}/coverage
POST /password-reset/{token}
PUT /api/deliveries/{id}/action/{action}

Found on 2026-02-05 15:01

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.212.110.121
Domain: tst.cryospeed.boc.com
Port: 443
URL: https://tst.cryospeed.boc.com

First seen 2025-11-29 08:20
Last seen 2026-01-23 12:34
Open for 55 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43395e71390adb04ab2a8cd035cc08962fbe4edbb7

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /api/branches
GET /api/branches/count
GET /api/branches/page
GET /api/branches/{id}
GET /api/callplans
GET /api/callplans/count
GET /api/callplans/page
GET /api/callplans/{id}
GET /api/cesreport
GET /api/cesreport/count
GET /api/cesreport/page
GET /api/cesreport/{id}
GET /api/deliveries
GET /api/deliveries/count
GET /api/deliveries/csv
GET /api/deliveries/page
GET /api/deliveries/{id}
GET /api/fillings
GET /api/fillings/count
GET /api/fillings/page
GET /api/fillings/{id}
GET /api/logout
GET /api/manualnote
GET /api/manualnote/count
GET /api/manualnote/countremaining
GET /api/manualnote/page
GET /api/manualnote/{id}
GET /api/materials
GET /api/materials/count
GET /api/materials/page
GET /api/materials/{id}
GET /api/ppmreport
GET /api/ppmreport/count
GET /api/ppmreport/page
GET /api/ppmreport/{id}
GET /api/repcodes
GET /api/repcodes/count
GET /api/repcodes/page
GET /api/repcodes/{id}
GET /api/reset
GET /api/reset/count
GET /api/reset/page
GET /api/reset/{id}
GET /api/servicecategories
GET /api/servicecategories/count
GET /api/servicecategories/page
GET /api/servicecategories/{id}
GET /api/services
GET /api/services/count
GET /api/services/page
GET /api/services/{id}
GET /api/servicetypes
GET /api/servicetypes/count
GET /api/servicetypes/page
GET /api/servicetypes/{id}
GET /api/users
GET /api/users/count
GET /api/users/coverdetails
GET /api/users/page
GET /api/users/rtdReport
GET /api/users/{id}
GET /api/vehicles
GET /api/vehicles/count
GET /api/vehicles/initvolumes/{id}
GET /api/vehicles/page
GET /api/vehicles/{id}
GET /api/vessels
GET /api/vessels/count
GET /api/vessels/page
GET /api/vessels/{id}
GET /api/vesseltypes
GET /api/vesseltypes/count
GET /api/vesseltypes/page
GET /api/vesseltypes/{id}
GET /api/waypoints
GET /api/waypoints/count
GET /api/waypoints/csv
GET /api/waypoints/page
GET /api/waypoints/{id}
PATCH /api/deliveries/full/{id}
PATCH /api/repcodes/{id}/productcodes
PATCH /api/vehicles/{id}/materials
PATCH /api/waypoints/{id}/ownership
POST /api/callplans/generate
POST /api/callplans/generate/{id}
POST /api/callplans/tmtsync
POST /api/deliveries/full
POST /api/forgot
POST /api/login
POST /api/manualnote/addinterval
POST /api/reset/upsert
POST /api/users/{id}/coverage
POST /password-reset/{token}
PUT /api/deliveries/{id}/action/{action}

Found on 2026-01-23 12:34

Create report

Open service 23.212.110.121:443 · tst.cryospeed.boc.com

2026-01-23 12:34

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b33d47fd-9864-4f9f-9fd2-a98d78ed9d2f
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Fri, 23 Jan 2026 12:34:22 GMT
Content-Length: 59
Connection: close
Set-Cookie: ARRAffinity=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;Secure;Domain=tst.cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2026-01-23 by HttpPlugin

Create report

Open service 104.126.37.131:443 · cryospeed.boc.com

2026-01-23 12:34

HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 371
Expires: Fri, 23 Jan 2026 12:34:21 GMT
Date: Fri, 23 Jan 2026 12:34:21 GMT
Connection: close

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;cryospeed&#46;boc&#46;com&#47;" on this server.<P>
Reference&#32;&#35;18&#46;7f257e68&#46;1769171661&#46;527f4853
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;7f257e68&#46;1769171661&#46;527f4853</P>
</BODY>
</HTML>

Found 2026-01-23 by HttpPlugin

Create report

Open service 104.126.37.131:443 · cryospeed.boc.com

2026-01-09 18:23

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b1f3e628-f9bd-42f8-bc77-58e57e381bce
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Fri, 09 Jan 2026 18:23:26 GMT
Content-Length: 59
Connection: close
Set-Cookie: ARRAffinity=598398f699164bd835807b9558b17f7d905a3ea3ac63d22af928aef1668690a3;Path=/;HttpOnly;Secure;Domain=cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=598398f699164bd835807b9558b17f7d905a3ea3ac63d22af928aef1668690a3;Path=/;HttpOnly;SameSite=None;Secure;Domain=cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.212.110.121:443 · tst.cryospeed.boc.com

2026-01-09 18:23

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b33d47fd-9864-4f9f-9fd2-a98d78ed9d2f
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Fri, 09 Jan 2026 18:23:27 GMT
Content-Length: 59
Connection: close
Set-Cookie: ARRAffinity=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;Secure;Domain=tst.cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.212.110.121:443 · tst.cryospeed.boc.com

2026-01-02 06:46

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b33d47fd-9864-4f9f-9fd2-a98d78ed9d2f
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Fri, 02 Jan 2026 06:46:05 GMT
Content-Length: 59
Connection: close
Set-Cookie: ARRAffinity=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;Secure;Domain=tst.cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2026-01-02 by HttpPlugin

Create report

Open service 104.126.37.131:443 · cryospeed.boc.com

2026-01-02 06:46

HTTP/1.1 200 OK
Content-Length: 59
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b1f3e628-f9bd-42f8-bc77-58e57e381bce
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Fri, 02 Jan 2026 06:46:05 GMT
Connection: close
Set-Cookie: ARRAffinity=658fd3863f8ba212655039ba614793012871f5743b0c837940918cabde235405;Path=/;HttpOnly;Secure;Domain=cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=658fd3863f8ba212655039ba614793012871f5743b0c837940918cabde235405;Path=/;HttpOnly;SameSite=None;Secure;Domain=cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2026-01-02 by HttpPlugin

Create report

Open service 104.126.37.131:443 · cryospeed.boc.com

2025-12-22 14:10

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b1f3e628-f9bd-42f8-bc77-58e57e381bce
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Mon, 22 Dec 2025 14:10:45 GMT
Content-Length: 59
Connection: close
Set-Cookie: ARRAffinity=658fd3863f8ba212655039ba614793012871f5743b0c837940918cabde235405;Path=/;HttpOnly;Secure;Domain=cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=658fd3863f8ba212655039ba614793012871f5743b0c837940918cabde235405;Path=/;HttpOnly;SameSite=None;Secure;Domain=cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2025-12-22 by HttpPlugin

Create report

Open service 23.212.110.121:443 · tst.cryospeed.boc.com

2025-12-22 14:10

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
ETag: W/"3b-dDbejPBQVwx85eMaXi+7q8wsx4o"
request-context: appId=cid-v1:b33d47fd-9864-4f9f-9fd2-a98d78ed9d2f
X-Powered-By: Express
X-Powered-By: ASP.NET
Date: Mon, 22 Dec 2025 14:10:47 GMT
Content-Length: 59
Connection: close
Set-Cookie: ARRAffinity=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;Secure;Domain=tst.cryospeed.boc.com
Set-Cookie: ARRAffinitySameSite=d3d05c556974089e6b10a53f90a836f35a73bb3fdfc4fc86550a3ec99b3783aa;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.cryospeed.boc.com


Cryospeed API server running fine. Thanks for your concern.

Found 2025-12-22 by HttpPlugin

Create report

abellolinde.esacetylen.dkagahealthcare.dkapaclead.linde.comapacsafetyangel.linde.comapex.linde.comapexq.linde.comaqvia.dkboc-gas-png.comboc-gas.co.nzboc-gas.com.auboc-healthcare.co.nzboc-healthcare.com.auboc-limited.co.nzboc-limited.com.aucryospeed-admin.linde.comcryospeed-tmt.linde.comcryospeed.boc.comcryospeed.linde.comdev.drivercompanion-admin.linde.comdev.drivercompanion-api.linde.comdev.drivercompanion.linde.comdrivercompanion-admin.linde.comdrivercompanion-api.linde.comdrivercompanion.linde.comgasandmore.chgasandmore.degasguide.dkgasser.dkhelium.dkhiq.linde-gas.comilt.dkind-weld.co.ukkuldioxid.dkkulsyrepatron.dklasercalculator.lindemobile.cnleamericas.comlinde-cryo.nllinde-gas.czlinde-gas.frlinde-gas.ptlinde-gas.tnlinde-gaz.pllinde-healthcare.belinde-healthcare.comlinde-healthcare.dklinde-healthcare.eslinde-healthcare.frlinde-healthcare.hulinde-healthcare.nllinde-healthcare.ptlinde-healthcare.tnlinde-homecare.comlinde-homecare.nllinde-worldwide.comlinde.belinde.delinde.eslinde.frlinde.nllinde.ptlinde.tnlindedrivers.comlindegas.hulindehr.lindemobile.cnlivopan.commatconpmwjsr.linde.comns.rewprint.linde.comocap.nlpangas-healthcare.chpkgopskanban.lindemobile.cnpositivethoughts.linde.comprd.echannel.linde.comprd2.echannel.linde.comprdlite.echannel.linde.comprovisis.atqldpricing.bocapps.comrel2.echannel.linde.comrewprint.linde.comsapqas.whitemartins.com.brspecify.linde.comsrmle.linde.comstatic.prd.echannel.linde.comstatic.prd2.echannel.linde.comstatic.rel.echannel.linde.comstatic.rel2.echannel.linde.comtest.lindehr.lindemobile.cntst.apaclead.linde.comtst.apacsafetyangel.linde.comtst.cryospeed-admin.linde.comtst.cryospeed-tmt.linde.comtst.cryospeed.boc.comtst.cryospeed.linde.comtst.drivercompanion-admin.linde.comtst.drivercompanion-api.linde.comtst.drivercompanion.linde.comtst.ebilling.boconline.co.uktst.ebilling.boconline.ietst.specify.linde.comwww.linde-homecare.de

Fingerprint:

f81720ade0948e0438c92a25c61ca447840538c170e2bfbb68dd6cec1bd54b0b

CN:

srmle.linde.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-25 09:56

Not after:

2026-02-23 09:56

Domain summary

tst.cryospeed.boc.com 4 cryospeed.boc.com 4

2 recorded

IP summary

23.212.110.121 2 104.126.37.131 2

2 recorded