LeakIX - Host mainnet-node-0.wavesenterprise.com

Domain mainnet-node-0.wavesenterprise.com

Germany

Hetzner Online GmbH

Ubuntu

Software information

nginx nginx 1.18.0

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 159.69.50.98
Domain: mainnet-node-0.wavesenterprise.com
Port: 443
URL: https://mainnet-node-0.wavesenterprise.com

First seen 2025-11-27 11:00
Last seen 2026-02-09 21:49
Open for 74 days

Severity: info
Fingerprint: 5733ddf49ff49cd110b5863cd0efce51e706599516f914c82339f131417f29d6

Public Swagger UI/API detected at path: /api-docs/swagger.json - sample paths:
DELETE /debug/rollback-to/{signature}
GET /activation/status
GET /addresses
GET /addresses/balance/details/{addressOrAlias}
GET /addresses/balance/{addressOrAlias}
GET /addresses/data/{addressOrAlias}
GET /addresses/data/{addressOrAlias}/{key}
GET /addresses/effectiveBalance/{addressOrAlias}
GET /addresses/effectiveBalance/{addressOrAlias}/{confirmations}
GET /addresses/generatingBalance/{addressOrAlias}/at/{height}
GET /addresses/info/{address}
GET /addresses/publicKey/{publicKey}
GET /addresses/scriptInfo/{addressOrAlias}
GET /addresses/seq/{from}/{to}
GET /addresses/validate/{addressOrAlias}
GET /alias/by-address/{address}
GET /alias/by-alias/{alias}
GET /anchoring/config
GET /assets/balance-v2/{addressOrAlias}
GET /assets/balance/{addressOrAlias}/{assetId}
GET /assets/balance/{address}
GET /assets/details/{assetId}
GET /assets/{assetId}/distribution/{height}/limit/{limit}
GET /blocks/address/{addressOrAlias}/{from}/{to}
GET /blocks/at/{height}
GET /blocks/child/{signature}
GET /blocks/first
GET /blocks/headers/at/{height}
GET /blocks/headers/last
GET /blocks/headers/seq/{from}/{to}
GET /blocks/height
GET /blocks/height/{signature}
GET /blocks/last
GET /blocks/seq/{from}/{to}
GET /blocks/seqext/{from}/{to}
GET /blocks/signature/{signature}
GET /confidential-contracts/tx/{executable-tx-id}
GET /confidential-contracts/{contractId}
GET /consensus/algo
GET /consensus/bannedMiners/{height}
GET /consensus/basetarget
GET /consensus/basetarget/{signature}
GET /consensus/generatingbalance/{addressOrAlias}
GET /consensus/generationsignature
GET /consensus/generationsignature/{signature}
GET /consensus/miners/{timestamp}
GET /consensus/minersAtHeight/{height}
GET /consensus/settings
GET /contracts
GET /contracts/asset-balance/{contractId}/{assetId}
GET /contracts/balance/details/{contractId}
GET /contracts/balance/{contractId}
GET /contracts/executed-tx-for/{id}
GET /contracts/info/{contractId}
GET /contracts/status/{id}
GET /contracts/{contractId}
GET /contracts/{contractId}/{key}
GET /debug/blocks/{howMany}
GET /debug/configInfo
GET /debug/historyInfo
GET /debug/info
GET /debug/minerInfo
GET /debug/portfolios/{address}
GET /debug/state
GET /debug/stateWE/{height}
GET /debug/threadDump
GET /debug/utx-rebroadcast
GET /leasing/active/{addressOrAlias}
GET /node/config
GET /node/healthcheck
GET /node/logging
GET /node/metrics
GET /node/owner
GET /node/status
GET /node/version
GET /peers/all
GET /peers/allowedNodes
GET /peers/connected
GET /peers/hostname/{address}
GET /peers/suspended
GET /permissions/contractValidators
GET /permissions/contractValidators/{height}
GET /permissions/{addressOrAlias}
GET /permissions/{addressOrAlias}/at/{timestamp}
GET /privacy/forceSync/{policyId}
GET /privacy/{policyId}/getData/{policyItemHash}
GET /privacy/{policyId}/getInfo/{policyItemHash}
GET /privacy/{policyId}/getLargeData/{policyItemHash}
GET /privacy/{policyId}/hashes
GET /privacy/{policyId}/owners
GET /privacy/{policyId}/recipients
GET /privacy/{policyId}/transactions
GET /snapshot/genesisConfig
GET /snapshot/status
GET /transactions/address/{addressOrAlias}/limit/{limit}
GET /transactions/info/{id}
GET /transactions/unconfirmed
GET /transactions/unconfirmed/info/{id}
GET /transactions/unconfirmed/size
GET /utils/time
POST /addresses/balance/details
POST /addresses/sign/{address}
POST /addresses/signText/{address}
POST /addresses/validateMany
POST /addresses/verify/{address}
POST /addresses/verifyText/{address}
POST /assets/balance
POST /confidential-contracts/call
POST /contracts/asset-balances
POST /crypto/decrypt
POST /crypto/encryptCommon
POST /crypto/encryptSeparate
POST /debug/print
POST /debug/rollback
POST /debug/validate
POST /node/stop
POST /peers/connect
POST /permissions/addresses
POST /privacy/forceSync
POST /privacy/getInfos
POST /privacy/sendData
POST /privacy/sendDataV2
POST /privacy/sendLargeData
POST /snapshot/swapState
POST /transactions/broadcast
POST /transactions/calculateFee
POST /transactions/sign
POST /transactions/signAndBroadcast
POST /utils/hash/fast
POST /utils/hash/secure
POST /utils/reload-wallet
POST /utils/script/compile
POST /utils/script/estimate

Found on 2026-02-09 21:49

Create report

Open service 159.69.50.98:443 · mainnet-node-0.wavesenterprise.com

2026-01-26 12:51

HTTP/1.1 308 Permanent Redirect
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Jan 2026 12:51:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 106
Connection: close
Location: /api-docs/index.html


The request, and all future requests should be repeated using <a href="/api-docs/index.html">this URI</a>.

Found 2026-01-26 by HttpPlugin

Create report

Open service 159.69.50.98:80 · mainnet-node-0.wavesenterprise.com

2026-01-26 12:51

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Jan 2026 12:51:24 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://mainnet-node-0.wavesenterprise.com/

Page title: 301 Moved Permanently

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 159.69.50.98:443 · mainnet-node-0.wavesenterprise.com

2026-01-22 20:40

HTTP/1.1 308 Permanent Redirect
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Jan 2026 20:40:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 106
Connection: close
Location: /api-docs/index.html


The request, and all future requests should be repeated using <a href="/api-docs/index.html">this URI</a>.

Found 2026-01-22 by HttpPlugin

Create report

mainnet-node-0.wavesenterprise.com

Fingerprint:

c14c628c3bdb813dd228467232e4c63b136d252a4604282c3f87c239991aebc6

CN:

mainnet-node-0.wavesenterprise.com

Key:

RSA-2048

Issuer:

R12

Not before:

2026-01-26 11:52

Not after:

2026-04-26 11:52

mainnet-node-0.wavesenterprise.com

Fingerprint:

610a7284b19ad046fe12400f5fc0fe55aff84100f1a1b1ff98322f8fca61df1d

CN:

mainnet-node-0.wavesenterprise.com

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-27 10:01

Not after:

2026-02-25 10:01

Domain summary

mainnet-node-0.wavesenterprise.com 3

1 recorded

IP summary

159.69.50.98 2

1 recorded