LeakIX - Host iums-dev.tetrapak.com

Domain iums-dev.tetrapak.com

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.50.2.68
Domain: iums-dev.tetrapak.com
Port: 443
URL: https://iums-dev.tetrapak.com

First seen 2025-12-25 06:32
Last seen 2026-02-02 12:10
Open for 39 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549f4b303aaf06b2413d714d4725159b43653666188

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/device-types/v1/{deviceTypeId}/files/{fileId}
GET /api/agent/v1
GET /api/agent/v1/{id}
GET /api/agent/v1/{id}/download
GET /api/agent/v1/{platform}
GET /api/availability/v1/ping
GET /api/availability/v1/ping/apigee
GET /api/availability/v1/ping/blob/agent
GET /api/availability/v1/ping/blob/file
GET /api/availability/v1/ping/bms
GET /api/availability/v1/ping/sql
GET /api/countries/v1
GET /api/customer-sites/v1/{countryId}
GET /api/device-types/v1
GET /api/device-types/v1/{id}
GET /api/devices/v1
GET /api/devices/v1/{id}
GET /api/devices/v1/{id}/files
GET /api/devices/v1/{id}/schedule
GET /api/files/v1
GET /api/files/v1/{id}
GET /api/files/v1/{id}/download
GET /api/installer/v1/settings
GET /api/manifest
GET /api/operating-systems/v1
GET /api/update-categories/v1
PATCH /api/device-credential/v1/device/{id}/renew
PATCH /api/device-types/v1/{deviceTypeId}/files
PATCH /api/devices/v1/{id}/files/{fileId}
PATCH /api/devices/v1/{id}/heartbeat
POST /api/files/v1/GetFilesByDeviceIds

Found on 2026-02-02 12:10

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-23 04:42

Create report

Open service 20.50.2.68:443 · iums-dev.tetrapak.com

2026-01-23 04:42

HTTP/1.1 401 Unauthorized
Content-Length: 0
Connection: close
Date: Fri, 23 Jan 2026 04:43:23 GMT
Server: Kestrel
WWW-Authenticate: Bearer
Request-Context: appId=cid-v1:d809c0fc-d7c6-4bbe-ace2-0de26f34df91

Found 2026-01-23 by HttpPlugin

Create report

iums-dev.tetrapak.com

Fingerprint:

c13bdbcad18b72c7f0dcb62dcb76120bdcb6e2da01c875f9f91eb0cbce025feb

CN:

iums-dev.tetrapak.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-12-25 00:00

Not after:

2026-04-14 23:59

Domain summary

iums-dev.tetrapak.com 2

1 recorded

IP summary

20.50.2.68 2

1 recorded