LeakIX - Host securitypost-dev.tengizchevroil.com

Domain securitypost-dev.tengizchevroil.com

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Microsoft-IIS 10.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 52.232.33.202
Domain: securitypost-dev.tengizchevroil.com
Port: 443
URL: https://securitypost-dev.tengizchevroil.com

First seen 2025-12-26 08:13
Last seen 2026-01-23 04:55
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d6090555f8106f739d10ae690008e9432b602dd58af

Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
GET /account/SignIn
GET /account/SignOut
GET /account/SignOut/Second
GET /account/me/identity
GET /account/ping
GET /api/AuthorizedPerson/getAuthorizedPersonSignature
GET /api/AuthorizedPerson/getAuthorizedPersons
GET /api/BusinessPartner/company/{companyFullName}
GET /api/BusinessPartner/materialpass/{materialPassId}
GET /api/DestinationMaterialCheck/GetStatuses
GET /api/File/Thumbnail/{id}
GET /api/File/{id}
GET /api/Geolocation/actions/search
GET /api/Geolocation/actions/search/{name}
GET /api/GeolocationType
GET /api/MaterialPass/gatesecurity
GET /api/MaterialPass/getHistory/{materialPassId}
GET /api/MaterialPass/{materialPassId}
GET /api/MaterialPassComment/{materialPassId}
GET /api/MaterialPassRecallReason
GET /api/MaterialPassStatus
GET /api/Mobile/MobileBusinessPartner/company/{companyFullName}
GET /api/Mobile/MobileBusinessPartner/materialpass/{materialPassId}
GET /api/Mobile/MobileGeolocation/actions/searchPost/{name}
GET /api/Mobile/MobileGeolocationType
GET /api/Mobile/MobileMaterialPassRecallReason
GET /api/Mobile/MobileMaterialPassStatus
GET /api/Mobile/MobilePersonInformation/actions/DetailPersonInformation/{badgeNumber}
GET /api/Mobile/MobilePersonInformation/actions/FullTextSearch
GET /api/Mobile/MobilePersonInformation/actions/PersonsPhoto/{badgeNumber}
GET /api/Mobile/MobileVehicle/actions/search/{registrationNumber}
GET /api/Mobile/MobileVehicle/actions/whoisinvehicle
GET /api/Mobile/MobileVehicle/{vehicleId}
GET /api/Mobile/User/{userId}/MobileAuthorizedPerson/getAuthorizedPersonSignature
GET /api/Mobile/User/{userId}/MobileAuthorizedPerson/getAuthorizedPersons
GET /api/Mobile/User/{userId}/MobileDestinationMaterialCheck/GetStatuses
GET /api/Mobile/User/{userId}/MobileFile/Thumbnail/{id}
GET /api/Mobile/User/{userId}/MobileFile/getusermanuals/{currentLang}
GET /api/Mobile/User/{userId}/MobileFile/{id}
GET /api/Mobile/User/{userId}/MobileMaterialPass/gatesecurity
GET /api/Mobile/User/{userId}/MobileMaterialPass/gatesecurity/{materialPassId}
GET /api/Mobile/User/{userId}/MobileMaterialPass/get-detail-materials/{materialPassId}
GET /api/Mobile/User/{userId}/MobileMaterialPass/getHistory/{materialPassId}
GET /api/Mobile/User/{userId}/MobileMaterialPassComment/{materialPassId}
GET /api/Mobile/User/{userId}/MobileSecurityShift
GET /api/Mobile/User/{userId}/MobileSecurityShift/{securityPostId}
GET /api/PersonInformation/actions/DetailPersonInformation/{badgeNumber}
GET /api/PersonInformation/actions/FullTextSearch
GET /api/PersonInformation/actions/PersonsPhoto/{badgeNumber}
GET /api/SecurityShift
GET /api/SecurityShift/{securityPostId}
GET /api/Vehicle/actions/search/{registrationNumber}
GET /api/Vehicle/{vehicleId}
GET /app/info
POST /account/SignIn/Second/{badge}
POST /api/MaterialPassComment/actions/add
POST /api/Mobile/MobileAccount
POST /api/Mobile/MobileAccount/Ensure/ByBadge/{badge}
POST /api/Mobile/MobileGeolocation/actions/searchPost
POST /api/Mobile/User/{userId}/MobileFile/Upload
POST /api/Mobile/User/{userId}/MobileMaterialComment/create-material-comment
POST /api/Mobile/User/{userId}/MobileMaterialComment/edit-material-comment
POST /api/Mobile/User/{userId}/MobileMaterialPassComment/actions/add
POST /api/Mobile/User/{userId}/MobileSecurityShift/create/{emailB2C}
POST /api/SecurityShift/create
PUT /api/DestinationMaterialCheck/actions/confirm/quantity
PUT /api/MaterialPass/actions/start/tracking
PUT /api/Mobile/User/{userId}/MobileDestinationMaterialCheck/actions/confirm/quantity
PUT /api/Mobile/User/{userId}/MobileFile/Detach/{id}
PUT /api/Mobile/User/{userId}/MobileMaterialPass/actions/start/tracking
PUT /api/Mobile/User/{userId}/MobileSecurityShift/end/{id}
PUT /api/SecurityShift/end/{id}

Found on 2026-01-23 04:55

Create report

Open service 52.232.33.202:443 · securitypost-dev.tengizchevroil.com

2026-01-23 04:55

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Fri, 23 Jan 2026 04:55:43 GMT
Server: Microsoft-IIS/10.0
Location: https://login.microsoftonline.com/fd799da1-bfc1-4234-a91c-72b3a1cb9e26/oauth2/v2.0/authorize?client_id=45c8ea3b-aad6-454a-9969-42596ffda581&redirect_uri=https%3A%2F%2Fsecuritypost-dev.tengizchevroil.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20email%20offline_access&response_mode=form_post&nonce=639047409436165074.YTcwNTI2OGItNDQ4My00MzlmLTgwMDQtYzI4MTg2NmRkNGQyNmJiMmE1YTMtNzMwNS00MDAwLTkzZmMtN2U2ZTZjYWVlODVl&domain_hint=chevron.com&state=CfDJ8PkAXpQLZNBGq9mSqNfWbrI-xNexxg_p6pel8HKbrd-cbLTZnU4aoyM5ck1_G0cVk4zACy6M0V1CssQOFyS7jeUFMJfj9Yl8XUINOX-pDSy04OaNmFuF3yZEdU0UcHgeakimQPHdaNHUkkTpwN4lKN6sIiyX1shKnjIIsYNE3GtibO-QpQUah_y_8mtjZkeVHcHUQOxFn-Abe3mkEj0_i7In1JH5_jfK7QFrriUM8aUlKEDVREfC-SpJijBlcF_4nFG14upVBqOwfuaXzfGqx_YJ977YNL1NIfdudN3aQT0I4Hz_Y7H05OJAobTH2nxz82z0ILjJP5_4-qOQZWG10OeyGAMJ6WKipPmx7mhLc7dNYEmvQ09uC9QmYx5_23Rgag&x-client-SKU=ID_NET6_0&x-client-ver=6.24.0.0
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8PkAXpQLZNBGq9mSqNfWbrJsvkkLjf_-5YJTC_Cezc2mf31lqx3f3zaUtfSLGXhMdxRJw9zGod1SA_G9j_573V0Hc7-WUOOMiVHXp_gQC6XBiCD_Fmln-SKgLTyYas6x8OOTM-V3l1ZWRpIwjmqd4QKSJmeB--ipngcsF-NsINiIrzDJak7DfpRbIn3QoSzjVbqLSpzT_cTN5B5uGU3TQmH_oSArYtfrO44yUsOfl56PelKc7l6COp4piLFXsA4UNmSfzrKxQ8lAuYne0Q3_VTM=N; expires=Fri, 23 Jan 2026 05:10:43 GMT; path=/signin-oidc; secure; samesite=none; httponly
Set-Cookie: .AspNetCore.Correlation.DV0rQ6WOTiMEY6ucXZ-BsWeKQKOApHGBUHw3IR96xKk=N; expires=Fri, 23 Jan 2026 05:10:43 GMT; path=/signin-oidc; secure; samesite=none; httponly
Set-Cookie: ARRAffinity=251713a3670669a2347c83bc0d84771de48ec74a2bdedef060afe0819af03e24;Path=/;HttpOnly;Secure;Domain=securitypost-dev.tengizchevroil.com
Set-Cookie: ARRAffinitySameSite=251713a3670669a2347c83bc0d84771de48ec74a2bdedef060afe0819af03e24;Path=/;HttpOnly;SameSite=None;Secure;Domain=securitypost-dev.tengizchevroil.com
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:3c3026f6-a4c6-44e8-9f7e-2bc1008d856a
X-Powered-By: ASP.NET

Found 2026-01-23 by HttpPlugin

Create report

securitypost-dev.tengizchevroil.com

Fingerprint:

20c9fb225dcb82c330e84523c324c22b7d50d7a452aafbc1325741efe3468707

CN:

securitypost-dev.tengizchevroil.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-12-26 00:00

Not after:

2026-04-14 23:59

Domain summary

securitypost-dev.tengizchevroil.com 1

1 recorded

IP summary

52.232.33.202 2

1 recorded