LeakIX - Host test.bbitssurveys.com

Domain test.bbitssurveys.com

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 65.52.128.33
Domain: test.bbitssurveys.com
Port: 443
URL: https://test.bbitssurveys.com

First seen 2025-12-10 03:23
Last seen 2026-01-09 04:15
Open for 30 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549c22034d1b921bd67db6d1b1edb6d1b1edb6d1b1e
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Request/exportablequestionnaires
GET /api/Request/exportdata
POST /api/Request/login
```
  Found on 2026-01-09 04:15
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-12-13 03:14
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 65.52.128.33
Domain: test.bbitssurveys.com
Port: 80
URL: http://test.bbitssurveys.com

First seen 2025-12-10 03:23
Last seen 2026-01-09 20:06
Open for 30 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549c22034d1b921bd67db6d1b1edb6d1b1edb6d1b1e
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Request/exportablequestionnaires
GET /api/Request/exportdata
POST /api/Request/login
```
  Found on 2026-01-09 20:06
Create report

Open service 65.52.128.33:80 · test.bbitssurveys.com

2026-01-09 20:06

HTTP/1.1 307 Temporary Redirect
Content-Length: 0
Connection: close
Date: Fri, 09 Jan 2026 20:07:33 GMT
Location: https://test.bbitssurveys.com:44326/
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Domain=test.bbitssurveys.com

Found 2026-01-09 by HttpPlugin

Create report

Open service 65.52.128.33:443 · test.bbitssurveys.com

2026-01-09 04:15

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Fri, 09 Jan 2026 04:16:08 GMT
Cache-Control: no-cache
Location: https://test.bbitssurveys.com/Account/Login?ReturnUrl=%2F
Pragma: no-cache
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Secure;Domain=test.bbitssurveys.com
Set-Cookie: ARRAffinitySameSite=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;SameSite=None;Secure;Domain=test.bbitssurveys.com
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' maps.googleapis.com/maps/api/geocode/ maxcdn.bootstrapcdn.com/bootswatch/ fonts.gstatic.com/;script-src 'self' use.fontawesome.com/releases/v5.0.2/js/ maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ ajax.googleapis.com/ajax/libs/jquery/3.1.1/ code.jquery.com/ui/1.12.1/ cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/ cdnjs.cloudflare.com/ajax/libs/moment.js/2.21.0/ cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ requirejs.org/docs/release/2.3.6/minified/ www.gstatic.com/charts/ maps.googleapis.com/ chart.apis.google.com/ 'unsafe-eval' 'unsafe-inline';style-src 'self' cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ code.jquery.com/ui/1.12.1/themes/base/ maxcdn.bootstrapcdn.com/bootswatch/3.3.7/superhero/ code.jquery.com/ maps.gstatic.com/ www.gstatic.com/charts/46.2/css/core/ www.gstatic.com/charts/46.2/css/util/ www.gstatic.com/charts/46.2/css/table/ fonts.googleapis.com/ chart.apis.google.com/ 'unsafe-inline';img-src 'self' data: bbitssurveylive.blob.core.windows.net/ mediaklikstoragedev.blob.core.windows.net/ maps.gstatic.com/ maps.googleapis.com/ code.jquery.com/ui/1.12.1/themes/base/images/ chart.apis.google.com/

Found 2026-01-09 by HttpPlugin

Create report

Open service 65.52.128.33:80 · test.bbitssurveys.com

2026-01-02 17:51

HTTP/1.1 307 Temporary Redirect
Content-Length: 0
Connection: close
Date: Fri, 02 Jan 2026 17:51:03 GMT
Location: https://test.bbitssurveys.com:44326/
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Domain=test.bbitssurveys.com

Found 2026-01-02 by HttpPlugin

Create report

Open service 65.52.128.33:443 · test.bbitssurveys.com

2026-01-02 05:19

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Fri, 02 Jan 2026 05:19:11 GMT
Cache-Control: no-cache
Location: https://test.bbitssurveys.com/Account/Login?ReturnUrl=%2F
Pragma: no-cache
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Secure;Domain=test.bbitssurveys.com
Set-Cookie: ARRAffinitySameSite=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;SameSite=None;Secure;Domain=test.bbitssurveys.com
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' maps.googleapis.com/maps/api/geocode/ maxcdn.bootstrapcdn.com/bootswatch/ fonts.gstatic.com/;script-src 'self' use.fontawesome.com/releases/v5.0.2/js/ maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ ajax.googleapis.com/ajax/libs/jquery/3.1.1/ code.jquery.com/ui/1.12.1/ cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/ cdnjs.cloudflare.com/ajax/libs/moment.js/2.21.0/ cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ requirejs.org/docs/release/2.3.6/minified/ www.gstatic.com/charts/ maps.googleapis.com/ chart.apis.google.com/ 'unsafe-eval' 'unsafe-inline';style-src 'self' cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ code.jquery.com/ui/1.12.1/themes/base/ maxcdn.bootstrapcdn.com/bootswatch/3.3.7/superhero/ code.jquery.com/ maps.gstatic.com/ www.gstatic.com/charts/46.2/css/core/ www.gstatic.com/charts/46.2/css/util/ www.gstatic.com/charts/46.2/css/table/ fonts.googleapis.com/ chart.apis.google.com/ 'unsafe-inline';img-src 'self' data: bbitssurveylive.blob.core.windows.net/ mediaklikstoragedev.blob.core.windows.net/ maps.gstatic.com/ maps.googleapis.com/ code.jquery.com/ui/1.12.1/themes/base/images/ chart.apis.google.com/

Found 2026-01-02 by HttpPlugin

Create report

Open service 65.52.128.33:80 · test.bbitssurveys.com

2025-12-23 03:34

HTTP/1.1 307 Temporary Redirect
Content-Length: 0
Connection: close
Date: Tue, 23 Dec 2025 03:35:00 GMT
Location: https://test.bbitssurveys.com:44326/
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Domain=test.bbitssurveys.com

Found 2025-12-23 by HttpPlugin

Create report

Open service 65.52.128.33:443 · test.bbitssurveys.com

2025-12-22 13:38

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Mon, 22 Dec 2025 13:38:41 GMT
Cache-Control: no-cache
Location: https://test.bbitssurveys.com/Account/Login?ReturnUrl=%2F
Pragma: no-cache
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Secure;Domain=test.bbitssurveys.com
Set-Cookie: ARRAffinitySameSite=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;SameSite=None;Secure;Domain=test.bbitssurveys.com
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' maps.googleapis.com/maps/api/geocode/ maxcdn.bootstrapcdn.com/bootswatch/ fonts.gstatic.com/;script-src 'self' use.fontawesome.com/releases/v5.0.2/js/ maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ ajax.googleapis.com/ajax/libs/jquery/3.1.1/ code.jquery.com/ui/1.12.1/ cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/ cdnjs.cloudflare.com/ajax/libs/moment.js/2.21.0/ cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ requirejs.org/docs/release/2.3.6/minified/ www.gstatic.com/charts/ maps.googleapis.com/ chart.apis.google.com/ 'unsafe-eval' 'unsafe-inline';style-src 'self' cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ code.jquery.com/ui/1.12.1/themes/base/ maxcdn.bootstrapcdn.com/bootswatch/3.3.7/superhero/ code.jquery.com/ maps.gstatic.com/ www.gstatic.com/charts/46.2/css/core/ www.gstatic.com/charts/46.2/css/util/ www.gstatic.com/charts/46.2/css/table/ fonts.googleapis.com/ chart.apis.google.com/ 'unsafe-inline';img-src 'self' data: bbitssurveylive.blob.core.windows.net/ mediaklikstoragedev.blob.core.windows.net/ maps.gstatic.com/ maps.googleapis.com/ code.jquery.com/ui/1.12.1/themes/base/images/ chart.apis.google.com/

Found 2025-12-22 by HttpPlugin

Create report

Open service 65.52.128.33:443 · test.bbitssurveys.com

2025-12-20 13:42

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Sat, 20 Dec 2025 13:42:14 GMT
Cache-Control: no-cache
Location: https://test.bbitssurveys.com/Account/Login?ReturnUrl=%2F
Pragma: no-cache
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Secure;Domain=test.bbitssurveys.com
Set-Cookie: ARRAffinitySameSite=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;SameSite=None;Secure;Domain=test.bbitssurveys.com
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self' maps.googleapis.com/maps/api/geocode/ maxcdn.bootstrapcdn.com/bootswatch/ fonts.gstatic.com/;script-src 'self' use.fontawesome.com/releases/v5.0.2/js/ maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ ajax.googleapis.com/ajax/libs/jquery/3.1.1/ code.jquery.com/ui/1.12.1/ cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/ cdnjs.cloudflare.com/ajax/libs/moment.js/2.21.0/ cdnjs.cloudflare.com/ajax/libs/knockout/3.4.2/ requirejs.org/docs/release/2.3.6/minified/ www.gstatic.com/charts/ maps.googleapis.com/ chart.apis.google.com/ 'unsafe-eval' 'unsafe-inline';style-src 'self' cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ code.jquery.com/ui/1.12.1/themes/base/ maxcdn.bootstrapcdn.com/bootswatch/3.3.7/superhero/ code.jquery.com/ maps.gstatic.com/ www.gstatic.com/charts/46.2/css/core/ www.gstatic.com/charts/46.2/css/util/ www.gstatic.com/charts/46.2/css/table/ fonts.googleapis.com/ chart.apis.google.com/ 'unsafe-inline';img-src 'self' data: bbitssurveylive.blob.core.windows.net/ mediaklikstoragedev.blob.core.windows.net/ maps.gstatic.com/ maps.googleapis.com/ code.jquery.com/ui/1.12.1/themes/base/images/ chart.apis.google.com/

Found 2025-12-20 by HttpPlugin

Create report

Open service 65.52.128.33:80 · test.bbitssurveys.com

2025-12-20 09:28

HTTP/1.1 307 Temporary Redirect
Content-Length: 0
Connection: close
Date: Sat, 20 Dec 2025 09:28:12 GMT
Location: https://test.bbitssurveys.com:44326/
Set-Cookie: ARRAffinity=86231b83c1763987e06580cb0c971c6cd9a36c20926dc2a683f69f1a69b39a66;Path=/;HttpOnly;Domain=test.bbitssurveys.com

Found 2025-12-20 by HttpPlugin

Create report

test.bbitssurveys.com

Fingerprint:

692308600865eeb408da119b0a140384af20344b00668950037d855e21da5fb7

CN:

test.bbitssurveys.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-12-10 00:00

Not after:

2026-04-14 23:59

Domain summary

test.bbitssurveys.com 10

1 recorded

IP summary

65.52.128.33 2

1 recorded

Domain test.bbitssurveys.com

The Netherlands

Swagger API description is publicly available

Swagger API description is publicly available

test.bbitssurveys.com

Domain summary

IP summary