Domain api.acc.weauction.nl
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-30 11:03
Last seen 2026-01-22 23:02
Open for 23 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549067cd57ebc8baf8728663dd02f4021e98dfb18abPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /auctions GET /auctions/{id} GET /auctions/{id}/logs GET /clients GET /clients/item-custom-field-definitions GET /clients/{id} GET /countries GET /items GET /items/{id} GET /items/{id}/ascending/winner GET /items/{id}/bids GET /items/{id}/descending/winner GET /items/{id}/logs GET /users GET /users/loginLink GET /webhooks POST /bids POST /clerk/floor-bid POST /clerk/{itemId}/bids/{bidId}/override POST /clerk/{itemId}/bids/{bidId}/undo POST /clerk/{itemId}/going-once POST /clerk/{itemId}/going-twice POST /clerk/{itemId}/next POST /clerk/{itemId}/sold POST /connect/token POST /items/{id}/changeDescendingStartAmount/{amount} POST /items/{id}/outOfSale PUT /auctions/{auctionId}/close PUT /auctions/{id}/publish PUT /auctions/{id}/reorder PUT /auctions/{id}/unpublishFound on 2026-01-22 23:02
-
-
Open service 20.105.232.29:443 · api.acc.weauction.nl
2026-01-22 23:02
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 23:02:53 GMT Cache-Control: no-store Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:852bc69c-32d5-464c-951d-b504261cae66 Content-Security-Policy: default-src 'none'; frame-ancestors 'none' X-Frame-Options: DENY X-Content-Type-Options: nosniff Feature-Policy: 'none' Referrer-Policy: no-referrer
Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.105.232.29:443 · api.acc.weauction.nl
2026-01-09 22:57
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 09 Jan 2026 22:58:31 GMT Cache-Control: no-store Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:852bc69c-32d5-464c-951d-b504261cae66 Content-Security-Policy: default-src 'none'; frame-ancestors 'none' X-Frame-Options: DENY X-Content-Type-Options: nosniff Feature-Policy: 'none' Referrer-Policy: no-referrer
Found 2026-01-09 by HttpPluginCreate report
-
Open service 20.105.232.29:80 · api.acc.weauction.nl
2026-01-04 23:15
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sun, 04 Jan 2026 23:15:18 GMT Location: https://api.acc.weauction.nl/
Found 2026-01-04 by HttpPluginCreate report
-
Open service 20.105.232.29:443 · api.acc.weauction.nl
2026-01-04 23:15
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Sun, 04 Jan 2026 23:15:18 GMT Cache-Control: no-store Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:852bc69c-32d5-464c-951d-b504261cae66 Content-Security-Policy: default-src 'none'; frame-ancestors 'none' X-Frame-Options: DENY X-Content-Type-Options: nosniff Feature-Policy: 'none' Referrer-Policy: no-referrer
Found 2026-01-04 by HttpPluginCreate report
-
Open service 20.105.232.29:443 · api.acc.weauction.nl
2026-01-02 03:43
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Fri, 02 Jan 2026 03:43:09 GMT Cache-Control: no-store Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:852bc69c-32d5-464c-951d-b504261cae66 Content-Security-Policy: default-src 'none'; frame-ancestors 'none' X-Frame-Options: DENY X-Content-Type-Options: nosniff Feature-Policy: 'none' Referrer-Policy: no-referrer
Found 2026-01-02 by HttpPluginCreate report