LeakIX - Host staging.wechselapi.de

Domain staging.wechselapi.de

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.105.232.38
Domain: staging.wechselapi.de
Port: 443
URL: https://staging.wechselapi.de

First seen 2025-12-02 08:39
Last seen 2026-01-23 15:49
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549454b927b01f8e45d76760ea4b60ba9b9b88c0429
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /v{version}/api/Abschluss/signupuri/{angebotId}
GET /v{version}/api/Abschluss/status
GET /v{version}/api/Angebote/{angebotsId}
GET /v{version}/api/Einsparpotenzial
GET /v{version}/api/Ortsteile
GET /v{version}/docs/Abschluss
GET /v{version}/docs/Angebote
GET /v{version}/docs/Auth
GET /v{version}/docs/Einsparpotenzial
GET /v{version}/docs/Ortsteile
POST /v{version}/api/Abschluss
POST /v{version}/api/Abschluss/preiseakzeptieren/{abschlussId}
POST /v{version}/api/Angebote
POST /v{version}/api/Auth/login
```
  Found on 2026-01-23 15:49
Create report

Open service 20.105.232.38:443 · staging.wechselapi.de

2026-01-23 15:49

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Fri, 23 Jan 2026 15:50:17 GMT
Server: Kestrel
Request-Context: appId=cid-v1:14f82a2f-a25b-4a0f-84bb-efa5e02a39b7

Found 2026-01-23 by HttpPlugin

Create report

Open service 20.105.232.38:443 · staging.wechselapi.de

2026-01-09 16:10

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Fri, 09 Jan 2026 16:11:04 GMT
Server: Kestrel
Request-Context: appId=cid-v1:14f82a2f-a25b-4a0f-84bb-efa5e02a39b7

Found 2026-01-09 by HttpPlugin

Create report

Open service 20.105.232.38:443 · staging.wechselapi.de

2025-12-23 03:58

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Tue, 23 Dec 2025 03:58:01 GMT
Server: Kestrel
Request-Context: appId=cid-v1:14f82a2f-a25b-4a0f-84bb-efa5e02a39b7

Found 2025-12-23 by HttpPlugin

Create report

staging.wechselapi.de

Fingerprint:

0d46b29a3f3041be660ee52e328f7dbed18c5532cb8418e7613b0d4747d7bdc6

CN:

staging.wechselapi.de

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-12-02 00:00

Not after:

2026-04-14 23:59

Domain summary

staging.wechselapi.de 3

1 recorded

IP summary

20.105.232.38 2

1 recorded

Domain staging.wechselapi.de

The Netherlands

Software information

Swagger API description is publicly available

Create report

Create report

Create report

staging.wechselapi.de

Domain summary

IP summary