LeakIX - Host dev.ext.identity-api.linde.com

Domain dev.ext.identity-api.linde.com

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.50.131.149
Domain: dev.ext.identity-api.linde.com
Port: 443
URL: https://dev.ext.identity-api.linde.com

First seen 2025-11-04 12:59
Last seen 2026-01-23 13:46
Open for 80 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035491b63726e5e305b4db0b2aea51cac560a74761c80

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/AppInfo/GetAppInfo
GET /api/Linx/GetLinxPlants
GET /api/Linx/HPSMCreateRequests
GET /api/UserRegistration/GetEntitlements/{userObjectId}
GET /api/Users/GetObjectIdByEmail/{email}
POST /api/Linx/HPSMRequestUpdates
POST /api/Linx/PatchLinxUserPlant
POST /api/UserRegistration/AssignEntitlement/{userObjectId}
POST /api/UserRegistration/CreateEmailInvite
POST /api/UserRegistration/CreateInviteURL
POST /api/UserRegistration/RemoveEntitlement/{userObjectId}
POST /api/WinkRequest/AgentRegistration

Found on 2026-01-23 13:46

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035491b63726e5e305b4db0b2aea51cac560a46077411

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/AppInfo/GetAppInfo
GET /api/Linx/GetLinxPlants
GET /api/Linx/HPSMCreateRequests
GET /api/UserRegistration/GetEntitlements/{userObjectId}
GET /api/Users/GetObjectIdByEmail/{email}
POST /api/Linx/HPSMRequestUpdates
POST /api/Linx/PatchLinxUserPlant
POST /api/UserRegistration/AssignEntitlement/{userObjectId}
POST /api/UserRegistration/CreateEmailInvite
POST /api/UserRegistration/CreateInviteURL
POST /api/UserRegistration/RemoveEntitlement/{userObjectId}

Found on 2025-11-10 13:37

Create report

Open service 23.50.131.149:443 · dev.ext.identity-api.linde.com

2026-01-23 13:46

HTTP/1.1 404 Not Found
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:28ea3906-66a3-4801-a78d-18674de8a7c2
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=86400, enforce
Date: Fri, 23 Jan 2026 13:46:26 GMT
Connection: close
Set-Cookie: ARRAffinity=da8a9afe0847d017ac4ea4e51ed3c9b87842302379ac463783f7db731a7f6e01;Path=/;HttpOnly;Secure;Domain=dev.ext.identity-api.linde.com
Set-Cookie: ARRAffinitySameSite=da8a9afe0847d017ac4ea4e51ed3c9b87842302379ac463783f7db731a7f6e01;Path=/;HttpOnly;SameSite=None;Secure;Domain=dev.ext.identity-api.linde.com

Found 2026-01-23 by HttpPlugin

Create report

Open service 23.50.131.149:443 · dev.ext.identity-api.linde.com

2026-01-09 13:55

HTTP/1.1 404 Not Found
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:28ea3906-66a3-4801-a78d-18674de8a7c2
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=86400, enforce
Date: Fri, 09 Jan 2026 13:55:29 GMT
Connection: close
Set-Cookie: ARRAffinity=1d6faa472b3a363ee606f904e95d80886b5444340a63fbb66d1c44a02ceb8013;Path=/;HttpOnly;Secure;Domain=dev.ext.identity-api.linde.com
Set-Cookie: ARRAffinitySameSite=1d6faa472b3a363ee606f904e95d80886b5444340a63fbb66d1c44a02ceb8013;Path=/;HttpOnly;SameSite=None;Secure;Domain=dev.ext.identity-api.linde.com

Found 2026-01-09 by HttpPlugin

Create report

Open service 23.50.131.149:443 · dev.ext.identity-api.linde.com

2026-01-02 13:04

HTTP/1.1 404 Not Found
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:28ea3906-66a3-4801-a78d-18674de8a7c2
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=86400, enforce
Date: Fri, 02 Jan 2026 13:04:34 GMT
Connection: close
Set-Cookie: ARRAffinity=48e56f66fd08abce79d5361a04255d6897d20b6592a7f8b3a5d0ea7ee9729bd8;Path=/;HttpOnly;Secure;Domain=dev.ext.identity-api.linde.com
Set-Cookie: ARRAffinitySameSite=48e56f66fd08abce79d5361a04255d6897d20b6592a7f8b3a5d0ea7ee9729bd8;Path=/;HttpOnly;SameSite=None;Secure;Domain=dev.ext.identity-api.linde.com

Found 2026-01-02 by HttpPlugin

Create report

Open service 23.50.131.149:443 · dev.ext.identity-api.linde.com

2025-12-24 16:37

HTTP/1.1 404 Not Found
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:28ea3906-66a3-4801-a78d-18674de8a7c2
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=86400, enforce
Date: Wed, 24 Dec 2025 16:37:38 GMT
Connection: close
Set-Cookie: ARRAffinity=48e56f66fd08abce79d5361a04255d6897d20b6592a7f8b3a5d0ea7ee9729bd8;Path=/;HttpOnly;Secure;Domain=dev.ext.identity-api.linde.com
Set-Cookie: ARRAffinitySameSite=48e56f66fd08abce79d5361a04255d6897d20b6592a7f8b3a5d0ea7ee9729bd8;Path=/;HttpOnly;SameSite=None;Secure;Domain=dev.ext.identity-api.linde.com

Found 2025-12-24 by HttpPlugin

Create report

Open service 23.50.131.149:443 · dev.ext.identity-api.linde.com

2025-12-22 18:20

HTTP/1.1 404 Not Found
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:28ea3906-66a3-4801-a78d-18674de8a7c2
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none';
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=86400, enforce
Date: Mon, 22 Dec 2025 18:20:46 GMT
Connection: close
Set-Cookie: ARRAffinity=48e56f66fd08abce79d5361a04255d6897d20b6592a7f8b3a5d0ea7ee9729bd8;Path=/;HttpOnly;Secure;Domain=dev.ext.identity-api.linde.com
Set-Cookie: ARRAffinitySameSite=48e56f66fd08abce79d5361a04255d6897d20b6592a7f8b3a5d0ea7ee9729bd8;Path=/;HttpOnly;SameSite=None;Secure;Domain=dev.ext.identity-api.linde.com

Found 2025-12-22 by HttpPlugin

Create report

2sbx.api.mobilesync.hc.linde.com2sbx.api.oneview.hc.linde.com2sbx.oneview.hc.linde.comaccura.cylinder2.lindegas.deaccuratest.cylinder.lindegas.deacms.linde.comadmin.ftp1.linde.comafroxhandigas.co.zaagent.elgas.co.nzagent.qa.elgas.co.nzapactstdmz.linde.comapi-portalhc.whitemartins.com.brapi.oneview.hc.linde.comapi.pro.lindemedicaldirect.comapiivr.linde.com.arapipayroll.linde.com.pyapplicationform.afrox.co.zaassets.linde.comatriskrgc.linde.combluesiot.linde.comcaexpress2.linde.comcatamt-admin.linde.comcatamt.linde.comcoldchain.linde.comcontactcenterin-api.linde.comcontactcenterin-ivr-api.linde.comcustomer-reply.linde.comcytravividapi.linde.comdev.coldchain.linde.comdev.ext.identity-api.linde.comdev.obcdelivery.linde.namedev.portagasmobile.linde.namedev.qspec.linde.namedev.weldwarehouse.comdev4.echannel.linde.comecoa.linde.com.mxext.identity-api.linde.comfasttagaxis-api.linde.comfxtest.linde.comint.api.pro.lindemedicaldirect.comint.pro.lindemedicaldirect.comintranetsiplhml.praxair.com.brlinde-accura.atlinde-amt.comlinde.chlinde.namelindeonline.calindesaude.ptmyhealthcareatlinde.usnitropet-api.linde.comnitropet.linde.comobcdelivery.linde.nameoneview.hc.linde.comosrsommeil.comportalhomecare.whitemartins.com.brprd.sc.cmassets.linde.namepricing.afrox.co.zapricingtst.afrox.co.zapro.lindemedicaldirect.comproveedores.linde.com.mxree-contracthub.linde.comren-contracthub.linde.comruihctq.linde.comruitq.linde.comselfservice.afrox.co.zashop.lindeonline.casidetradeintegration.linde.comspwgroup.com.austarwatchconnect.praxair.comtest.acms.praxair.comtest.proveedores.linde.com.mxtst.api.oneview.hc.linde.comtst.api.pro.lindemedicaldirect.comtst.atriskrgc.linde.comtst.ext.identity-api.linde.comtst.linde-finance.comtst.matconpmwjsr.linde.comtst.nitropet-api.linde.comtst.nitropet.linde.comtst.oneview.hc.linde.comtst.polaris-api.linde.comtst.polaris.linde.comtst.pro.lindemedicaldirect.comtst.ree-contracthub.linde.comtst.ren-contracthub.linde.comtst.ruihctq.linde.comtst.ruitq.linde.comtst.sc.cdassets.linde.nametst.sc.cmassets.linde.namevisitor.afrox.co.zawesternwelding.com.auwww.afroxhandigas.co.zawww.linde-accura.atwww.linde-amt.comwww.linde.chwww.linde.namewww.lindeonline.cawww.osrsommeil.comwww.partnernet.afrox.co.zawww.spwgroup.com.au

Fingerprint:

8d8354d50474838617d3522294bc859826bead2b2981a542e1a7b21c33d7dbc5

CN:

nitropet.linde.com

Key:

RSA-2048

Issuer:

R12

Not before:

2026-01-16 04:12

Not after:

2026-04-16 04:12

2sbx.api.mobilesync.hc.linde.com2sbx.api.oneview.hc.linde.com2sbx.oneview.hc.linde.comaccura.cylinder2.lindegas.deaccuratest.cylinder.lindegas.deacms.linde.comadmin.ftp1.linde.comafroxhandigas.co.zaagent.elgas.co.nzagent.qa.elgas.co.nzapactstdmz.linde.comapi-portalhc.whitemartins.com.brapi.oneview.hc.linde.comapi.pro.lindemedicaldirect.comapiivr.linde.com.arapipayroll.linde.com.pyapplicationform.afrox.co.zaassets.linde.comatriskrgc.linde.combluesiot.linde.comcaexpress2.linde.comcatamt-admin.linde.comcatamt.linde.comcoldchain.linde.comcontactcenterin-api.linde.comcontactcenterin-ivr-api.linde.comcustomer-reply.linde.comcytravividapi.linde.comdev.coldchain.linde.comdev.ext.identity-api.linde.comdev.obcdelivery.linde.namedev.portagasmobile.linde.namedev.qspec.linde.namedev.weldwarehouse.comdev4.echannel.linde.comecoa.linde.com.mxext.identity-api.linde.comfasttagaxis-api.linde.comfxtest.linde.comint.api.pro.lindemedicaldirect.comint.pro.lindemedicaldirect.comintranetsiplhml.praxair.com.brlinde-accura.atlinde-amt.comlinde.chlinde.namelindeonline.calindesaude.ptmyhealthcareatlinde.usnitropet-api.linde.comnitropet.linde.comobcdelivery.linde.nameoneview.hc.linde.comosrsommeil.comportalhomecare.whitemartins.com.brprd.sc.cmassets.linde.namepricing.afrox.co.zapricingtst.afrox.co.zapro.lindemedicaldirect.comproveedores.linde.com.mxree-contracthub.linde.comren-contracthub.linde.comruihctq.linde.comruitq.linde.comselfservice.afrox.co.zashop.lindeonline.casidetradeintegration.linde.comspwgroup.com.austarwatchconnect.praxair.comtest.acms.praxair.comtest.proveedores.linde.com.mxtst.api.oneview.hc.linde.comtst.api.pro.lindemedicaldirect.comtst.atriskrgc.linde.comtst.ext.identity-api.linde.comtst.linde-finance.comtst.matconpmwjsr.linde.comtst.nitropet-api.linde.comtst.nitropet.linde.comtst.oneview.hc.linde.comtst.polaris-api.linde.comtst.polaris.linde.comtst.pro.lindemedicaldirect.comtst.ree-contracthub.linde.comtst.ren-contracthub.linde.comtst.ruihctq.linde.comtst.ruitq.linde.comtst.sc.cdassets.linde.nametst.sc.cmassets.linde.namevisitor.afrox.co.zawesternwelding.com.auwww.afroxhandigas.co.zawww.linde-accura.atwww.linde-amt.comwww.linde.chwww.linde.namewww.lindeonline.cawww.osrsommeil.comwww.partnernet.afrox.co.zawww.spwgroup.com.au

Fingerprint:

be5a34afa52cbc156295163613f187355e9c824992201e4a231c53720090871e

CN:

nitropet.linde.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-04 12:00

Not after:

2026-02-02 12:00

Domain summary

dev.ext.identity-api.linde.com 6

1 recorded

IP summary

23.50.131.149 2

1 recorded

© 2026 LeakIX v2.0.49
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice