LeakIX - Host notifications.dev.workai.cloud

Domain notifications.dev.workai.cloud

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.105.224.45
Domain: notifications.dev.workai.cloud
Port: 443
URL: https://notifications.dev.workai.cloud

First seen 2025-11-25 00:10
Last seen 2026-01-24 00:12
Open for 60 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350341583926fda45a5dbaa1c90c2841541

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /api/About/Version
GET /v1/Channels
GET /v1/{org}/Notifications/ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.Unreaded
GET /v1/{org}/Notifications/Unreaded
GET /v1/{org}/OrganizationChannels
PATCH /v1/NotificationTypeChannel
POST /v1/ApplicationRegistrations
POST /v1/Events
POST /v1/UserDeviceRegistration/Register
POST /v1/UserDeviceRegistration/Remove
POST /v1/WebPush/Subscribe
POST /v1/{organizationId}/external-email/send
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications({key})/MarkAsClicked
POST /v1/{org}/Notifications({key})/MarkAsRead
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsClicked
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsRead
POST /v1/{org}/Notifications/MarkAllAsClicked
POST /v1/{org}/Notifications/MarkAllAsRead
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications/{key}/MarkAsClicked
POST /v1/{org}/Notifications/{key}/MarkAsRead
POST /v1/{org}/OrganizationChannels/Disable/{channelId}
POST /v1/{org}/OrganizationChannels/Enable/{channelId}

Found on 2026-01-24 00:12

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b7350341583926fda45a5dbaa1c909ae55692

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /api/About/Version
GET /v1/Channels
GET /v1/{org}/Notifications/ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.ByChannel(channelName={channelName})
GET /v1/{org}/OrganizationChannels
PATCH /v1/NotificationTypeChannel
POST /v1/ApplicationRegistrations
POST /v1/Events
POST /v1/UserDeviceRegistration/Register
POST /v1/UserDeviceRegistration/Remove
POST /v1/WebPush/Subscribe
POST /v1/{organizationId}/external-email/send
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications({key})/MarkAsClicked
POST /v1/{org}/Notifications({key})/MarkAsRead
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsClicked
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsRead
POST /v1/{org}/Notifications/MarkAllAsClicked
POST /v1/{org}/Notifications/MarkAllAsRead
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications/{key}/MarkAsClicked
POST /v1/{org}/Notifications/{key}/MarkAsRead
POST /v1/{org}/OrganizationChannels/Disable/{channelId}
POST /v1/{org}/OrganizationChannels/Enable/{channelId}

Found on 2025-12-26 21:43

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354959d91597504c31bccebf4f9d0bf0847761071fce

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/About/Version
GET /v1/Channels
GET /v1/{org}/Notifications/ByChannel(channelName={channelName})
GET /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.ByChannel(channelName={channelName})
GET /v1/{org}/OrganizationChannels
PATCH /v1/NotificationTypeChannel
POST /v1/ApplicationRegistrations
POST /v1/Events
POST /v1/UserDeviceRegistration/Register
POST /v1/UserDeviceRegistration/Remove
POST /v1/WebPush/Subscribe
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications({key})/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications({key})/MarkAsClicked
POST /v1/{org}/Notifications({key})/MarkAsRead
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsClicked
POST /v1/{org}/Notifications/Elastic.Notifications.API.Dtos.MarkAllAsRead
POST /v1/{org}/Notifications/MarkAllAsClicked
POST /v1/{org}/Notifications/MarkAllAsRead
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsClicked
POST /v1/{org}/Notifications/{key}/Elastic.Notifications.API.Dtos.MarkAsRead
POST /v1/{org}/Notifications/{key}/MarkAsClicked
POST /v1/{org}/Notifications/{key}/MarkAsRead
POST /v1/{org}/OrganizationChannels/Disable/{channelId}
POST /v1/{org}/OrganizationChannels/Enable/{channelId}

Found on 2025-12-01 13:48

Create report

Open service 20.105.224.45:443 · notifications.dev.workai.cloud

2026-01-24 00:12

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Sat, 24 Jan 2026 00:12:42 GMT
Set-Cookie: TiPMix=39.30840564981097; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: ARRAffinity=ffbca59b025949de884b4d868d5979b22329f43e038fd0828f4548a11a1dec35;Path=/;HttpOnly;Secure;Domain=notifications.dev.workai.cloud
Set-Cookie: ARRAffinitySameSite=ffbca59b025949de884b4d868d5979b22329f43e038fd0828f4548a11a1dec35;Path=/;HttpOnly;SameSite=None;Secure;Domain=notifications.dev.workai.cloud
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
x-trace-id: 8265cfdb0ebfb5cdfad8538345d04604


healthy

Found 2026-01-24 by HttpPlugin

Create report

Open service 20.105.224.45:80 · notifications.dev.workai.cloud

2026-01-24 00:12

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sat, 24 Jan 2026 00:12:41 GMT
Location: https://notifications.dev.workai.cloud/

Found 2026-01-24 by HttpPlugin

Create report

Open service 20.105.224.45:443 · notifications.dev.workai.cloud

2026-01-23 00:55

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Fri, 23 Jan 2026 00:56:11 GMT
Set-Cookie: TiPMix=36.42329215500473; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: ARRAffinity=ffbca59b025949de884b4d868d5979b22329f43e038fd0828f4548a11a1dec35;Path=/;HttpOnly;Secure;Domain=notifications.dev.workai.cloud
Set-Cookie: ARRAffinitySameSite=ffbca59b025949de884b4d868d5979b22329f43e038fd0828f4548a11a1dec35;Path=/;HttpOnly;SameSite=None;Secure;Domain=notifications.dev.workai.cloud
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
x-trace-id: 62c5140406af3fd6768db6b059d5d9f6


healthy

Found 2026-01-23 by HttpPlugin

Create report

Open service 20.105.224.45:443 · notifications.dev.workai.cloud

2026-01-09 12:03

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Fri, 09 Jan 2026 12:04:48 GMT
Set-Cookie: TiPMix=86.536931474422; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: ARRAffinity=e8c3b4220b9f97cf537feeb7ca8d7ede0c132f0c307819c4775a3815213a81d8;Path=/;HttpOnly;Secure;Domain=notifications.dev.workai.cloud
Set-Cookie: ARRAffinitySameSite=e8c3b4220b9f97cf537feeb7ca8d7ede0c132f0c307819c4775a3815213a81d8;Path=/;HttpOnly;SameSite=None;Secure;Domain=notifications.dev.workai.cloud
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
x-trace-id: d1dc92ff2a9bedc3d2dd5d99a1f42673


healthy

Found 2026-01-09 by HttpPlugin

Create report

Open service 20.105.224.45:443 · notifications.dev.workai.cloud

2026-01-02 15:46

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jan 2026 15:46:39 GMT
Set-Cookie: TiPMix=87.42417039319086; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: ARRAffinity=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;Secure;Domain=notifications.dev.workai.cloud
Set-Cookie: ARRAffinitySameSite=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;SameSite=None;Secure;Domain=notifications.dev.workai.cloud
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
x-trace-id: 457e34468ea0235ec134d130e29e0c49


healthy

Found 2026-01-02 by HttpPlugin

Create report

Open service 20.105.224.45:443 · notifications.dev.workai.cloud

2025-12-22 10:19

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Mon, 22 Dec 2025 10:19:13 GMT
Set-Cookie: TiPMix=26.47440574633896; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: x-ms-routing-name=self; path=/; HttpOnly; Domain=notifications.dev.workai.cloud; Max-Age=3600; Secure; SameSite=None
Set-Cookie: ARRAffinity=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;Secure;Domain=notifications.dev.workai.cloud
Set-Cookie: ARRAffinitySameSite=c543959e5077d0986f050d1a42deca797651565c18ae97e0cfa9d81d8544de3d;Path=/;HttpOnly;SameSite=None;Secure;Domain=notifications.dev.workai.cloud
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=2592000
x-trace-id: 1c5da35918cec7c7804a4af5106922e1


healthy

Found 2025-12-22 by HttpPlugin

Create report

notifications.dev.workai.cloud

Fingerprint:

216b9035f291dcccc75099002350effbfaeb770481e3cc61bad74d3690402b60

CN:

notifications.dev.workai.cloud

Key:

RSA-2048

Issuer:

R12

Not before:

2026-01-23 23:12

Not after:

2026-04-23 23:12

notifications.dev.workai.cloud

Fingerprint:

6d1a3557bfee84719c94c06a80385023dfc50aee9b78223c5ec98ae4610d304a

CN:

notifications.dev.workai.cloud

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-24 23:11

Not after:

2026-02-22 23:11

Domain summary

notifications.dev.workai.cloud 8

1 recorded

IP summary

20.105.224.45 2

1 recorded