Domain matchingmaterials.com
The Netherlands
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-13 00:45
Last seen 2026-02-05 07:51
Open for 84 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498b7250f311d901a568df0a3dd5ed8ae0699274fdPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/BuildingMaterialRequest GET /api/BuildingMaterialRequest/{id} GET /api/BuildingMaterialRequest/{id}/certificate/{fileId} GET /api/BuildingMaterialRequest/{id}/certificatepublic/{fileId} GET /api/BuildingMaterialRequest/{id}/photo/{fileId} GET /api/BuildingMaterialRequest/{id}/photopublic/{fileId} GET /api/BuildingMaterialRequest/{id}/transactions GET /api/BuildingMaterialRequest/{id}/warranty/{fileId} GET /api/BuildingMaterialRequest/{id}/warrantypublic/{fileId} GET /api/EnvironmentalCategory GET /api/Request GET /api/Request/{id} GET /api/Request/{id}/attachment/{fileId} GET /api/Request/{id}/transactions GET /api/RequestCategory GET /api/RequestInterest GET /api/RequestInterest/getforuser GET /api/RequestInterest/{requestId} GET /api/RequestView GET /api/RequestView/{requestId} GET /api/Search/getAddress GET /api/Search/getGeolocation GET /api/User GET /api/accessibility GET /api/buildingphysicsperformance GET /api/company GET /api/company/{id} GET /api/companyType GET /api/condition GET /api/connection GET /api/constructive GET /api/environmentalperformance GET /api/firesafety GET /api/material GET /api/producer GET /api/productclassification POST /api/BuildingMaterialRequest/getByFilter POST /api/BuildingMaterialRequest/modify POST /api/BuildingMaterialRequest/remove POST /api/BuildingMaterialRequest/{id}/publish POST /api/Request/getByFilter POST /api/Request/modify POST /api/Request/remove POST /api/Request/{id}/publish POST /api/RequestInterest/buildingmaterialcontacts POST /api/RequestInterest/contacts POST /api/RequestView/{requestId}/interest POST /api/RequestView/{requestId}/view POST /api/company/addChangeRequest POST /api/company/getByFilterFound on 2026-02-05 07:51 -
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2025-12-10 14:15
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-27 12:06
Last seen 2026-02-09 22:25
Open for 74 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498b7250f311d901a568df0a3dd5ed8ae0699274fdPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /api/BuildingMaterialRequest GET /api/BuildingMaterialRequest/{id} GET /api/BuildingMaterialRequest/{id}/certificate/{fileId} GET /api/BuildingMaterialRequest/{id}/certificatepublic/{fileId} GET /api/BuildingMaterialRequest/{id}/photo/{fileId} GET /api/BuildingMaterialRequest/{id}/photopublic/{fileId} GET /api/BuildingMaterialRequest/{id}/transactions GET /api/BuildingMaterialRequest/{id}/warranty/{fileId} GET /api/BuildingMaterialRequest/{id}/warrantypublic/{fileId} GET /api/EnvironmentalCategory GET /api/Request GET /api/Request/{id} GET /api/Request/{id}/attachment/{fileId} GET /api/Request/{id}/transactions GET /api/RequestCategory GET /api/RequestInterest GET /api/RequestInterest/getforuser GET /api/RequestInterest/{requestId} GET /api/RequestView GET /api/RequestView/{requestId} GET /api/Search/getAddress GET /api/Search/getGeolocation GET /api/User GET /api/accessibility GET /api/buildingphysicsperformance GET /api/company GET /api/company/{id} GET /api/companyType GET /api/condition GET /api/connection GET /api/constructive GET /api/environmentalperformance GET /api/firesafety GET /api/material GET /api/producer GET /api/productclassification POST /api/BuildingMaterialRequest/getByFilter POST /api/BuildingMaterialRequest/modify POST /api/BuildingMaterialRequest/remove POST /api/BuildingMaterialRequest/{id}/publish POST /api/Request/getByFilter POST /api/Request/modify POST /api/Request/remove POST /api/Request/{id}/publish POST /api/RequestInterest/buildingmaterialcontacts POST /api/RequestInterest/contacts POST /api/RequestView/{requestId}/interest POST /api/RequestView/{requestId}/view POST /api/company/addChangeRequest POST /api/company/getByFilterFound on 2026-02-09 22:25
-
-
Open service 52.174.35.5:443 · www.matchingmaterials.com
2026-01-23 13:10
HTTP/1.1 200 OK Content-Length: 2275 Connection: close Content-Type: text/html Date: Fri, 23 Jan 2026 13:10:37 GMT Accept-Ranges: bytes ETag: "1d9f0595dc3a2e3" Last-Modified: Tue, 26 Sep 2023 09:11:00 GMT Set-Cookie: ARRAffinity=17561a7eed926249a732b1cf2151b75adbc05d782c9cc97434843dfcae6f09b0;Path=/;HttpOnly;Secure;Domain=www.matchingmaterials.com Set-Cookie: ARRAffinitySameSite=17561a7eed926249a732b1cf2151b75adbc05d782c9cc97434843dfcae6f09b0;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.matchingmaterials.com Strict-Transport-Security: max-age=2592000 X-Frame-Options: SAMEORIGIN Page title: Matching Materials <!DOCTYPE html> <html lang="nl"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=no"> <meta name="google-site-verification" content="5oNjLwwfCnFnkKn_VYNS4hXTPthsV3CQ9BB2TN-qDx4" /> <meta name="keywords" content="Matching Materials, Matching, Materials" /> <meta name="description" content="Matching Materials is hét platform dat zich richt op efficiënt en duurzaam hergebruiken en inzetten van bouwstoffen" /> <link rel="icon" href="favicon.ico"> <link rel="apple-touch-icon" href="mm-logo.png"> <title>Matching Materials</title> <link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css" rel="stylesheet"> <script type="module" crossorigin src="/assets/index-6681fdd2.js"></script> <link rel="stylesheet" href="/assets/index-30d6a541.css"> </head> <body> <noscript> <strong>We're sorry but Matching Materials doesn't work properly without JavaScript enabled. Please enable it to continue.</strong> </noscript> <div id="app">loading...</div> <script> const clientIds = { test: '3e72e1dd-ea79-43b8-a201-1a6173385e48', production: '9f19861b-a1a3-4764-a452-b2d257fd980c', development: '5c4a705c-80bb-4b65-8a65-3b56c8c0f4e6' } const hosts = { "localhost": { clientId: clientIds.test }, "tradingrawmaterial-web-test.azurewebsites.net": { clientId: clientIds.test }, "matchingmaterials.com": { clientId: clientIds.production }, "tradingrawmaterial-web.azurewebsites.net": { clientId: clientIds.production } } window.$config = { endpoints: { api: "/api" }, clientId: clientIds.production, ...hosts[location.hostname] } </script> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 52.174.35.5:80 · www.matchingmaterials.com
2026-01-11 03:37
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sun, 11 Jan 2026 03:38:10 GMT Location: https://www.matchingmaterials.com/
Found 2026-01-11 by HttpPluginCreate report
-
Open service 52.174.35.5:443 · www.matchingmaterials.com
2026-01-11 03:37
HTTP/1.1 200 OK Content-Length: 2275 Connection: close Content-Type: text/html Date: Sun, 11 Jan 2026 03:38:11 GMT Accept-Ranges: bytes ETag: "1d9f0595dc3a2e3" Last-Modified: Tue, 26 Sep 2023 09:11:00 GMT Set-Cookie: ARRAffinity=17561a7eed926249a732b1cf2151b75adbc05d782c9cc97434843dfcae6f09b0;Path=/;HttpOnly;Secure;Domain=www.matchingmaterials.com Set-Cookie: ARRAffinitySameSite=17561a7eed926249a732b1cf2151b75adbc05d782c9cc97434843dfcae6f09b0;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.matchingmaterials.com Strict-Transport-Security: max-age=2592000 X-Frame-Options: SAMEORIGIN Page title: Matching Materials <!DOCTYPE html> <html lang="nl"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=no"> <meta name="google-site-verification" content="5oNjLwwfCnFnkKn_VYNS4hXTPthsV3CQ9BB2TN-qDx4" /> <meta name="keywords" content="Matching Materials, Matching, Materials" /> <meta name="description" content="Matching Materials is hét platform dat zich richt op efficiënt en duurzaam hergebruiken en inzetten van bouwstoffen" /> <link rel="icon" href="favicon.ico"> <link rel="apple-touch-icon" href="mm-logo.png"> <title>Matching Materials</title> <link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css" rel="stylesheet"> <script type="module" crossorigin src="/assets/index-6681fdd2.js"></script> <link rel="stylesheet" href="/assets/index-30d6a541.css"> </head> <body> <noscript> <strong>We're sorry but Matching Materials doesn't work properly without JavaScript enabled. Please enable it to continue.</strong> </noscript> <div id="app">loading...</div> <script> const clientIds = { test: '3e72e1dd-ea79-43b8-a201-1a6173385e48', production: '9f19861b-a1a3-4764-a452-b2d257fd980c', development: '5c4a705c-80bb-4b65-8a65-3b56c8c0f4e6' } const hosts = { "localhost": { clientId: clientIds.test }, "tradingrawmaterial-web-test.azurewebsites.net": { clientId: clientIds.test }, "matchingmaterials.com": { clientId: clientIds.production }, "tradingrawmaterial-web.azurewebsites.net": { clientId: clientIds.production } } window.$config = { endpoints: { api: "/api" }, clientId: clientIds.production, ...hosts[location.hostname] } </script> </body> </html>Found 2026-01-11 by HttpPluginCreate report
-
Open service 52.174.35.5:80 · matchingmaterials.com
2026-01-11 03:36
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sun, 11 Jan 2026 03:37:21 GMT Location: https://matchingmaterials.com/
Found 2026-01-11 by HttpPluginCreate report
-
Open service 52.174.35.5:443 · matchingmaterials.com
2026-01-11 03:36
HTTP/1.1 200 OK Content-Length: 2275 Connection: close Content-Type: text/html Date: Sun, 11 Jan 2026 03:37:20 GMT Accept-Ranges: bytes ETag: "1d9f0595dc3a2e3" Last-Modified: Tue, 26 Sep 2023 09:11:00 GMT Set-Cookie: ARRAffinity=17561a7eed926249a732b1cf2151b75adbc05d782c9cc97434843dfcae6f09b0;Path=/;HttpOnly;Secure;Domain=matchingmaterials.com Set-Cookie: ARRAffinitySameSite=17561a7eed926249a732b1cf2151b75adbc05d782c9cc97434843dfcae6f09b0;Path=/;HttpOnly;SameSite=None;Secure;Domain=matchingmaterials.com Strict-Transport-Security: max-age=2592000 X-Frame-Options: SAMEORIGIN Page title: Matching Materials <!DOCTYPE html> <html lang="nl"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=no"> <meta name="google-site-verification" content="5oNjLwwfCnFnkKn_VYNS4hXTPthsV3CQ9BB2TN-qDx4" /> <meta name="keywords" content="Matching Materials, Matching, Materials" /> <meta name="description" content="Matching Materials is hét platform dat zich richt op efficiënt en duurzaam hergebruiken en inzetten van bouwstoffen" /> <link rel="icon" href="favicon.ico"> <link rel="apple-touch-icon" href="mm-logo.png"> <title>Matching Materials</title> <link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css" rel="stylesheet"> <script type="module" crossorigin src="/assets/index-6681fdd2.js"></script> <link rel="stylesheet" href="/assets/index-30d6a541.css"> </head> <body> <noscript> <strong>We're sorry but Matching Materials doesn't work properly without JavaScript enabled. Please enable it to continue.</strong> </noscript> <div id="app">loading...</div> <script> const clientIds = { test: '3e72e1dd-ea79-43b8-a201-1a6173385e48', production: '9f19861b-a1a3-4764-a452-b2d257fd980c', development: '5c4a705c-80bb-4b65-8a65-3b56c8c0f4e6' } const hosts = { "localhost": { clientId: clientIds.test }, "tradingrawmaterial-web-test.azurewebsites.net": { clientId: clientIds.test }, "matchingmaterials.com": { clientId: clientIds.production }, "tradingrawmaterial-web.azurewebsites.net": { clientId: clientIds.production } } window.$config = { endpoints: { api: "/api" }, clientId: clientIds.production, ...hosts[location.hostname] } </script> </body> </html>Found 2026-01-11 by HttpPluginCreate report