LeakIX - Host equinor.test.arnleanexar.com

Domain equinor.test.arnleanexar.com

United Kingdom

MICROSOFT-CORP-MSN-AS-BLOCK

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.90.134.10
Domain: equinor.test.arnleanexar.com
Port: 443
URL: https://equinor.test.arnleanexar.com

First seen 2026-01-11 07:11
Last seen 2026-02-09 18:15
Open for 29 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549d6e5b37747e249be1ac1c9c9b3ca5c5201778341
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /integration/report/File/getfile/{id}
GET /integration/{siteName}/AdHocInspection/Get
GET /integration/{siteName}/WorkOrder/Get
GET /integration/{siteName}/WorkOrder/Get/{id}
GET /integration/{siteName}/WorkOrder/GetWithInspections/{id}
GET /integration/{siteName}/WorkOrder/Inspections/{id}
POST /integration/{siteName}/Tag/Post
POST /integration/{siteName}/WorkOrder/Post
PUT /integration/{siteName}/Tag/Put/{id}
PUT /integration/{siteName}/WorkOrder/Status/{id}
```
  Found on 2026-02-09 18:15
Create report

Open service 20.90.134.10:443 · equinor.test.arnleanexar.com

2026-01-23 13:12

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Fri, 23 Jan 2026 13:12:47 GMT
Location: https://equinor.test.arnleanexar.com/Identity/Account/Login?ReturnUrl=%2F
Set-Cookie: ARRAffinity=babe2069f196879f7e2f839630fbb69bb1d7369544283dc5264a203d5730c7a6;Path=/;HttpOnly;Secure;Domain=equinor.test.arnleanexar.com
Set-Cookie: ARRAffinitySameSite=babe2069f196879f7e2f839630fbb69bb1d7369544283dc5264a203d5730c7a6;Path=/;HttpOnly;SameSite=None;Secure;Domain=equinor.test.arnleanexar.com
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:d763273c-68ea-447e-a22c-6384391e20dc
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Content-Security-Policy: font-src 'self' data: default-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.aspnetcdn.com cdnjs.cloudflare.com cdnjs.com kendo.cdn.telerik.com fonts.googleapis.com fonts.gstatic.com;
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=*, payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=*, xr-spatial-tracking=(), clipboard-read=(), clipboard-write=*, gamepad=(), speaker-selection=()

Found 2026-01-23 by HttpPlugin

Create report

Open service 20.90.134.10:443 · equinor.test.arnleanexar.com

2026-01-11 07:11

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Sun, 11 Jan 2026 07:12:29 GMT
Location: https://equinor.test.arnleanexar.com/Identity/Account/Login?ReturnUrl=%2F
Set-Cookie: ARRAffinity=6dcccf48e1ac1b9c7a3b05f3f64b3f51fd3013e3ed9297db4de33fb121681ecb;Path=/;HttpOnly;Secure;Domain=equinor.test.arnleanexar.com
Set-Cookie: ARRAffinitySameSite=6dcccf48e1ac1b9c7a3b05f3f64b3f51fd3013e3ed9297db4de33fb121681ecb;Path=/;HttpOnly;SameSite=None;Secure;Domain=equinor.test.arnleanexar.com
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:d763273c-68ea-447e-a22c-6384391e20dc
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Content-Security-Policy: font-src 'self' data: default-src 'self' 'unsafe-inline' 'unsafe-eval' ajax.aspnetcdn.com cdnjs.cloudflare.com cdnjs.com kendo.cdn.telerik.com fonts.googleapis.com fonts.gstatic.com;
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=*, payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=*, xr-spatial-tracking=(), clipboard-read=(), clipboard-write=*, gamepad=(), speaker-selection=()

Found 2026-01-11 by HttpPlugin

Create report

Open service 20.90.134.10:80 · equinor.test.arnleanexar.com

2026-01-11 07:11

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sun, 11 Jan 2026 07:12:27 GMT
Location: https://equinor.test.arnleanexar.com/

Found 2026-01-11 by HttpPlugin

Create report

equinor.test.arnleanexar.com

Fingerprint:

844a8b74edef6f37e86fd1dfc56505ad26f769c5c301a194e22f48bca84a213b

CN:

equinor.test.arnleanexar.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2026-01-11 00:00

Not after:

2026-04-14 23:59

equinor.test.arnleanexar.com

Fingerprint:

dbdf2a2309db48738897782014f7d586a844cb5d01697b411935b04f564067f2

CN:

equinor.test.arnleanexar.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-08-23 00:00

Not after:

2026-02-23 23:59

Domain summary

equinor.test.arnleanexar.com 3

1 recorded

IP summary

20.90.134.10 2

1 recorded

Domain equinor.test.arnleanexar.com

United Kingdom

Swagger API description is publicly available

Create report

Create report

Create report

equinor.test.arnleanexar.com

equinor.test.arnleanexar.com

Domain summary

IP summary