LeakIX - Host tst.gptemailorder.linde.com

Domain tst.gptemailorder.linde.com

Germany

Akamai International B.V.

Software information

Microsoft-IIS 10.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 2.18.64.16
Domain: tst.gptemailorder.linde.com
Port: 443
URL: https://tst.gptemailorder.linde.com

First seen 2025-11-24 21:10
Last seen 2026-01-09 13:04
Open for 45 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-09 13:04
Create report

Open service 2a02:26f0:3500:18::1724:a28c:443 · tst.gptemailorder.linde.com

2026-02-04 22:00

HTTP/1.1 403 Forbidden
Content-Length: 1148
Content-Type: text/html
Date: Wed, 04 Feb 2026 22:00:22 GMT
Connection: close

Page title: Web App - Unavailable

<!DOCTYPE html><html><head><title>Web App - Unavailable</title><style type="text/css">html{height:100%;width:100%;}#feature{width:960px;margin:95px auto 0 auto;overflow:auto;}#content{font-family:"Segoe UI";font-weight:normal;font-size:22px;color:#fff;float:left;width:460px;margin-top:68px;margin-left:0px;vertical-align:middle;}#content h1{font-family:"Segoe UI Light";color:#fff;font-weight:normal;font-size:60px;line-height:48pt;width:800px;}p a,p a:visited,p a:active,p a:hover{color:#fff;}</style></head><body bgcolor="#00abec"><div id="feature"><div id="content"><h1 id="unavailable">Error 403 - This web app is stopped.</h1><p id="tryAgain">The web app you have attempted to reach is currently stopped and does not accept any requests. Please try to reload the page or visit it again soon.</p><p id="toAdmin">If you are the web app administrator, please find the common 403 error scenarios and resolution <a href="https://go.microsoft.com/fwlink/?linkid=2095007" target="_blank">here</a>. For further troubleshooting tools and recommendations, please visit <a href="https://portal.azure.com/">Azure Portal</a>.</p></div></div></body></html>

Found 3 days ago by HttpPlugin

Create report

Open service 2.18.64.16:443 · tst.gptemailorder.linde.com

2026-01-23 00:01

HTTP/1.1 403 Forbidden
Content-Length: 1148
Content-Type: text/html
Date: Fri, 23 Jan 2026 00:01:24 GMT
Connection: close

Page title: Web App - Unavailable

<!DOCTYPE html><html><head><title>Web App - Unavailable</title><style type="text/css">html{height:100%;width:100%;}#feature{width:960px;margin:95px auto 0 auto;overflow:auto;}#content{font-family:"Segoe UI";font-weight:normal;font-size:22px;color:#fff;float:left;width:460px;margin-top:68px;margin-left:0px;vertical-align:middle;}#content h1{font-family:"Segoe UI Light";color:#fff;font-weight:normal;font-size:60px;line-height:48pt;width:800px;}p a,p a:visited,p a:active,p a:hover{color:#fff;}</style></head><body bgcolor="#00abec"><div id="feature"><div id="content"><h1 id="unavailable">Error 403 - This web app is stopped.</h1><p id="tryAgain">The web app you have attempted to reach is currently stopped and does not accept any requests. Please try to reload the page or visit it again soon.</p><p id="toAdmin">If you are the web app administrator, please find the common 403 error scenarios and resolution <a href="https://go.microsoft.com/fwlink/?linkid=2095007" target="_blank">here</a>. For further troubleshooting tools and recommendations, please visit <a href="https://portal.azure.com/">Azure Portal</a>.</p></div></div></body></html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 2.18.64.16:443 · tst.gptemailorder.linde.com

2026-01-09 13:04

HTTP/1.1 200 OK
Content-Type: text/html
Server: Microsoft-IIS/10.0
ETag: "1dc0119671c7327"
Last-Modified: Wed, 30 Jul 2025 06:15:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src *; object-src *; frame-src *; frame-ancestors *; worker-src *;
X-Frame-Options: DENY
Permissions-Policy: geolocation=()
X-Powered-By: ASP.NET
Date: Fri, 09 Jan 2026 13:04:26 GMT
Content-Length: 423
Connection: close
Set-Cookie: ARRAffinity=f036f938e68ccb4f358ac61cb733c1d7f9b0cd5689c33ac6a88f81092c8499fd;Path=/;HttpOnly;Secure;Domain=tst.gptemailorder.linde.com
Set-Cookie: ARRAffinitySameSite=f036f938e68ccb4f358ac61cb733c1d7f9b0cd5689c33ac6a88f81092c8499fd;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.gptemailorder.linde.com


<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<link rel="shortcut icon" href="/favicon.ico">
<link rel="stylesheet" href="/umi.9b7fdb4e.css">
</head>
<body>
<div id="root"></div>
<script src="/umi.3f77c04f.js"></script>
</body>
</html>

Found 2026-01-09 by HttpPlugin

Create report

Open service 2.18.64.16:443 · tst.gptemailorder.linde.com

2026-01-02 15:03

HTTP/1.1 200 OK
Content-Type: text/html
Server: Microsoft-IIS/10.0
ETag: "1dc0119671c7327"
Last-Modified: Wed, 30 Jul 2025 06:15:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src *; object-src *; frame-src *; frame-ancestors *; worker-src *;
X-Frame-Options: DENY
Permissions-Policy: geolocation=()
X-Powered-By: ASP.NET
Date: Fri, 02 Jan 2026 15:03:26 GMT
Content-Length: 423
Connection: close
Set-Cookie: ARRAffinity=f036f938e68ccb4f358ac61cb733c1d7f9b0cd5689c33ac6a88f81092c8499fd;Path=/;HttpOnly;Secure;Domain=tst.gptemailorder.linde.com
Set-Cookie: ARRAffinitySameSite=f036f938e68ccb4f358ac61cb733c1d7f9b0cd5689c33ac6a88f81092c8499fd;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.gptemailorder.linde.com


<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<link rel="shortcut icon" href="/favicon.ico">
<link rel="stylesheet" href="/umi.9b7fdb4e.css">
</head>
<body>
<div id="root"></div>
<script src="/umi.3f77c04f.js"></script>
</body>
</html>

Found 2026-01-02 by HttpPlugin

Create report

Open service 2.18.64.16:443 · tst.gptemailorder.linde.com

2025-12-22 21:35

HTTP/1.1 200 OK
Content-Type: text/html
Server: Microsoft-IIS/10.0
ETag: "1dc0119671c7327"
Last-Modified: Wed, 30 Jul 2025 06:15:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Content-Security-Policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src *; object-src *; frame-src *; frame-ancestors *; worker-src *;
X-Frame-Options: DENY
Permissions-Policy: geolocation=()
X-Powered-By: ASP.NET
Date: Mon, 22 Dec 2025 21:35:12 GMT
Content-Length: 423
Connection: close
Set-Cookie: ARRAffinity=f036f938e68ccb4f358ac61cb733c1d7f9b0cd5689c33ac6a88f81092c8499fd;Path=/;HttpOnly;Secure;Domain=tst.gptemailorder.linde.com
Set-Cookie: ARRAffinitySameSite=f036f938e68ccb4f358ac61cb733c1d7f9b0cd5689c33ac6a88f81092c8499fd;Path=/;HttpOnly;SameSite=None;Secure;Domain=tst.gptemailorder.linde.com


<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<link rel="shortcut icon" href="/favicon.ico">
<link rel="stylesheet" href="/umi.9b7fdb4e.css">
</head>
<body>
<div id="root"></div>
<script src="/umi.3f77c04f.js"></script>
</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

agent.qa.elgas.com.auai.linde.comannova-api.linde.comapi.xiaozhi.linde.comapimylinde-release.linde.nameapitelemetria.whitemartins.com.brapp.linde.nameapp.praxair.com.brapp.whitemartins.com.brassets-test.linde-le.cnbackend-api.dev.nitro.linde.combdesk.whitemartins.com.brcareers.sc10prd.linde.comcd.tst.assets.linde.comcm.assets.linde.comcm.tst.assets.linde.comcomexosgtprd.whitemartins.com.brcomexosgtqas.whitemartins.com.brcompenza.linde.com.mxconcur.whitemartins.com.brconsole.xiaozhi.linde.comcontent-api.identity.linde.comcustomer-response.linde.comde.lindecareers.comdev.nitro.linde.comdev.orders.linde-amt.comdevdcx.linde.czdevdcx.linde.hudevdcx.linde.rodevv7.weldingsupply.come-learning.linde.comecg3.linde.comembed.dev.nitro.linde.comeqc-ext-tst.lindemobile.cneqc-ext.lindemobile.cnes.dev.nitro.linde.comfascinating-gases.comfield-services-api.lsi.linde.comfield-services.lsi.linde.comforms.linde.comfx.linde.comgptemailorder.linde.comh2toltoallomas.linde.comintranetsipl.praxair.com.brkb.dev.nitro.linde.comlima.linde.namelinde.bolindecareers.comm.fascinating-gases.commp2.lindemobile.cnmytickets.noxboxltd.comnewobc.linde.comnoxboxltd.compagos.linde.compedidos.linde.complatinum-dev.elgas.com.auproveedores.linde-gas.comqa.dev.nitro.linde.comqa.ecg3.linde.comrac.whitemartins.com.brren.selfservicegreen.linde.comrskcsm-survey-townhall.linde.comrskcsm-survey.linde.comrskcsm.linde.comrsksqm.linde.comrsksqmdev.linde.comsearch-api.dev.nitro.linde.comseccurus.linde.comsecure.elgas.co.nzsecure.elgas.com.ausolman.whitemartins.com.brspotranslator.linde.comstgdcx.boconline.co.ukstgdcx.linde.czstgdcx.linde.hustgdcx.linde.rotanktelemetryth.linde.comtest.weldingsupply.comtestlima.linde.nametimes.lindemobile.cntimes.uat.lindemobile.cntimesapp.lindemobile.cntimesapp.uat.lindemobile.cntst.ai.linde.comtst.apacmanagementreporting.linde.comtst.api.atriskrgc.linde.comtst.content-api.identity.linde.comtst.field-services-api.lsi.linde.comtst.field-services.lsi.linde.comtst.forms.linde.comtst.gptemailorder.linde.comtst.rskcsm-survey-townhall.linde.comtst.rskcsm-survey.linde.comtst.rskcsm.linde.comuatdcx.linde.plus.lindecareers.comwww.fascinating-gases.comwww.noxboxltd.comwww3.lincare.comxiaozhi.linde.com

Fingerprint:

596a87cb2559a25d1fc44695466d15dbbd7d968245bb5c224f33852d5982376b

CN:

seccurus.linde.com

Key:

RSA-2048

Issuer:

R13

Not before:

2026-02-03 04:50

Not after:

2026-05-04 04:50

agent.qa.elgas.com.auai.linde.comannova-api.linde.comapi.xiaozhi.linde.comapimylinde-release.linde.nameapitelemetria.whitemartins.com.brapp.linde.nameapp.praxair.com.brapp.whitemartins.com.brassets-test.linde-le.cnbackend-api.dev.nitro.linde.combdesk.whitemartins.com.brcareers.sc10prd.linde.comcd.tst.assets.linde.comcm.assets.linde.comcm.tst.assets.linde.comcomexosgtprd.whitemartins.com.brcomexosgtqas.whitemartins.com.brcompenza.linde.com.mxconcur.whitemartins.com.brconsole.xiaozhi.linde.comcontent-api.identity.linde.comcustomer-response.linde.comde.lindecareers.comdev.nitro.linde.comdev.orders.linde-amt.comdevdcx.linde.czdevdcx.linde.hudevdcx.linde.rodevv7.weldingsupply.come-learning.linde.comecg3.linde.comembed.dev.nitro.linde.comeqc-ext-tst.lindemobile.cneqc-ext.lindemobile.cnes.dev.nitro.linde.comfascinating-gases.comfield-services-api.lsi.linde.comfield-services.lsi.linde.comforms.linde.comfx.linde.comgptemailorder.linde.comh2toltoallomas.linde.comintranetsipl.praxair.com.brkb.dev.nitro.linde.comlima.linde.namelinde.bolindecareers.comm.fascinating-gases.commp2.lindemobile.cnmytickets.noxboxltd.comnewobc.linde.comnoxboxltd.compagos.linde.compedidos.linde.complatinum-dev.elgas.com.auproveedores.linde-gas.comqa.dev.nitro.linde.comqa.ecg3.linde.comrac.whitemartins.com.brren.selfservicegreen.linde.comrskcsm-survey-townhall.linde.comrskcsm-survey.linde.comrskcsm.linde.comrsksqm.linde.comrsksqmdev.linde.comsearch-api.dev.nitro.linde.comseccurus.linde.comsecure.elgas.co.nzsecure.elgas.com.ausolman.whitemartins.com.brspotranslator.linde.comstgdcx.boconline.co.ukstgdcx.linde.czstgdcx.linde.hustgdcx.linde.rotanktelemetryth.linde.comtest.weldingsupply.comtestlima.linde.nametimes.lindemobile.cntimes.uat.lindemobile.cntimesapp.lindemobile.cntimesapp.uat.lindemobile.cntst.ai.linde.comtst.apacmanagementreporting.linde.comtst.api.atriskrgc.linde.comtst.content-api.identity.linde.comtst.field-services-api.lsi.linde.comtst.field-services.lsi.linde.comtst.forms.linde.comtst.gptemailorder.linde.comtst.rskcsm-survey-townhall.linde.comtst.rskcsm-survey.linde.comtst.rskcsm.linde.comuatdcx.linde.plus.lindecareers.comwww.fascinating-gases.comwww.noxboxltd.comwww3.lincare.comxiaozhi.linde.com

Fingerprint:

27b3fb3f58e5a4a1c508969b0b95de037b6a202eb6064156b5460dd69f9bb0d8

CN:

seccurus.linde.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-24 20:11

Not after:

2026-02-22 20:11

Domain summary

tst.gptemailorder.linde.com 5

1 recorded

IP summary

2a02:26f0:3500:18::1724:a28c 1 2.18.64.16 1

2 recorded

Domain tst.gptemailorder.linde.com

Germany

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

Domain summary

IP summary