Domain dps.choreograph.com
Germany
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-22 11:38
Last seen 2026-01-09 22:37
Open for 79 days-
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b538a35318d076649ac922871aa12a6d0a5eac0aaPublic Swagger UI/API detected at path: /v3/api-docs - sample paths: DELETE /dps/admin/dsar/{id} GET /actuator GET /actuator/env GET /actuator/env/{toMatch} GET /actuator/health GET /actuator/health/** GET /actuator/info GET /actuator/metrics GET /actuator/metrics/{requiredMetricName} GET /dps/about/docu GET /dps/admin/country GET /dps/admin/dmp GET /dps/admin/dmp/review GET /dps/admin/dsar/bulk-audit GET /dps/admin/dsar/bulk-download/{updateId} GET /dps/admin/dsar/{id}/ecrypted-links GET /dps/admin/user GET /dps/admin/user-role GET /dps/admin/user/{name} GET /dps/app/configs GET /dps/dmp/dsar/{dmpId}/{id}/pii GET /dps/dmp/dsar/{dsarId}/utility-bill GET /dps/dmp/encrypted-Id/{encryptedId}/dsar-id GET /dps/ds/dsar/gpc/status GET /dps/ds/dsar/{email} GET /dps/ds/dsar/{encryptedId}/json GET /dps/ds/dsar/{encryptedId}/zip-download GET /dps/ds/dsar/{encryptedId}/zip-download/multiple GET /dps/ds/region-info GET /dps/email/dsar/{encryptedId}/confirm GET /dps/email/dsar/{encryptedId}/data-access GET /dps/mobile GET /dps/report/count GET /dps/report/dsar/{id} GET /dps/report/find GET /dps/report/pgp/dashboard GET /dps/report/pgp/data GET /dps/report/pgp/states GET /dps/tokenid POST /dps/admin/dsar/bulk-update POST /dps/dmp/dsar/create POST /dps/dmp/dsar/{id}/utility-bill/verification POST /dps/dmp/{dmpId}/dsar/encryptedId/{encryptedId}/{recordStatus} POST /dps/dmp/{dmpId}/dsar/{dsarId}/complete POST /dps/dmp/{dmpRevId}/dsar/{dsarId}/review POST /dps/ds/dsar POST /dps/ds/dsar/pii PUT /dps/admin/dsar/resolve/{dsarId} PUT /dps/ds/dsar/{dsarId}Found on 2026-01-09 22:37 -
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b538a35318d076649ac922871aa12a6d096abfbd8Public Swagger UI/API detected at path: /v3/api-docs - sample paths: DELETE /dps/admin/dsar/{id} GET /actuator GET /actuator/env GET /actuator/env/{toMatch} GET /actuator/health GET /actuator/health/** GET /actuator/info GET /actuator/metrics GET /actuator/metrics/{requiredMetricName} GET /dps/about/docu GET /dps/admin/country GET /dps/admin/dmp GET /dps/admin/dmp/review GET /dps/admin/dsar/bulk-audit GET /dps/admin/dsar/bulk-download/{updateId} GET /dps/admin/dsar/{id}/ecrypted-links GET /dps/admin/user GET /dps/admin/user-role GET /dps/admin/user/{name} GET /dps/app/configs GET /dps/dmp/dsar/{dmpId}/{id}/pii GET /dps/dmp/dsar/{dsarId}/utility-bill GET /dps/dmp/encrypted-Id/{encryptedId}/dsar-id GET /dps/ds/dsar/gpc/status GET /dps/ds/dsar/{email} GET /dps/ds/dsar/{encryptedId}/json GET /dps/ds/dsar/{encryptedId}/zip-download GET /dps/ds/dsar/{encryptedId}/zip-download/multiple GET /dps/ds/region-info GET /dps/email/dsar/{encryptedId}/confirm GET /dps/email/dsar/{encryptedId}/data-access GET /dps/mobile GET /dps/report/count GET /dps/report/dsar/{id} GET /dps/report/find GET /dps/report/pgp/dashboard GET /dps/tokenid POST /dps/admin/dsar/bulk-update POST /dps/dmp/dsar/create POST /dps/dmp/dsar/{id}/utility-bill/verification POST /dps/dmp/{dmpId}/dsar/encryptedId/{encryptedId}/{recordStatus} POST /dps/dmp/{dmpId}/dsar/{dsarId}/complete POST /dps/dmp/{dmpRevId}/dsar/{dsarId}/review POST /dps/ds/dsar POST /dps/ds/dsar/pii PUT /dps/admin/dsar/resolve/{dsarId} PUT /dps/ds/dsar/{dsarId}Found on 2025-11-01 17:43
-
-
Open service 2.16.204.95:443 · dps.choreograph.com
2026-01-09 22:37
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Fri, 09 Jan 2026 22:37:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 22:37:46 GMT Connection: close Set-Cookie: JSESSIONID=6DF5B7B630DFE7199EEC74D46D309794; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=148 Server-Timing: origin; dur=86 Server-Timing: ak_p; desc="1767998265749_34610524_890541390_23348_7666_15_23_-";dur=1 {"timestamp":"2026-01-09T22:37:45.868+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2026-01-09 by HttpPluginCreate report
-
Open service 2a02:26f0:f700:11::210:10d0:443 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Mon, 05 Jan 2026 13:54:39 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:39 GMT Connection: close Set-Cookie: JSESSIONID=937348B3353FAB3A828157AC765A7D10; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=95 Server-Timing: origin; dur=37 Server-Timing: ak_p; desc="1767621278876_388397381_2595682505_13231_16515_99_159_-";dur=1 {"timestamp":"2026-01-05T13:54:39.116+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2026-01-05 by HttpPluginCreate report
-
Open service 2.16.183.19:80 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 503 Service Unavailable Mime-Version: 1.0 Content-Type: text/html Content-Length: 376 Expires: Mon, 05 Jan 2026 13:54:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:41 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=289 Server-Timing: origin; dur=0 Server-Timing: ak_p; desc="1767621281481_34610643_4027947915_28806_4506_15_0_-";dur=1 Page title: Service Unavailable <HTML><HEAD> <TITLE>Service Unavailable</TITLE> </HEAD><BODY> <H1>Service Unavailable - Zero size object</H1> The server is temporarily unable to service your request. Please try again later.<P> Reference #15.d872c17.1767621281.3eed2bec <P>https://errors.edgesuite.net/15.d872c17.1767621281.3eed2bec</P> </BODY></HTML>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 2.16.183.19:443 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Mon, 05 Jan 2026 13:54:38 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:38 GMT Connection: close Set-Cookie: JSESSIONID=77E370A27A4A90A6E94A431D053FC962; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=79 Server-Timing: origin; dur=84 Server-Timing: ak_p; desc="1767621278321_34610634_3692735752_16235_4572_17_19_-";dur=1 {"timestamp":"2026-01-05T13:54:38.429+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2026-01-05 by HttpPluginCreate report
-
Open service 2a02:26f0:f700:11::210:10c5:80 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 503 Service Unavailable Mime-Version: 1.0 Content-Type: text/html Content-Length: 378 Expires: Mon, 05 Jan 2026 13:54:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:41 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=369 Server-Timing: origin; dur=0 Server-Timing: ak_p; desc="1767621281520_388397381_2595688163_36899_11983_25_0_-";dur=1 Page title: Service Unavailable <HTML><HEAD> <TITLE>Service Unavailable</TITLE> </HEAD><BODY> <H1>Service Unavailable - Zero size object</H1> The server is temporarily unable to service your request. Please try again later.<P> Reference #15.b159c817.1767621281.1497b675 <P>https://errors.edgesuite.net/15.b159c817.1767621281.1497b675</P> </BODY></HTML>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 2a02:26f0:f700:11::210:10d0:80 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 503 Service Unavailable Mime-Version: 1.0 Content-Type: text/html Content-Length: 378 Expires: Mon, 05 Jan 2026 13:54:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:41 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=382 Server-Timing: origin; dur=0 Server-Timing: ak_p; desc="1767621281464_388397392_2370472305_38204_12732_11_0_-";dur=1 Page title: Service Unavailable <HTML><HEAD> <TITLE>Service Unavailable</TITLE> </HEAD><BODY> <H1>Service Unavailable - Zero size object</H1> The server is temporarily unable to service your request. Please try again later.<P> Reference #15.b159c817.1767621281.1497b63d <P>https://errors.edgesuite.net/15.b159c817.1767621281.1497b63d</P> </BODY></HTML>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 2.16.183.10:443 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Mon, 05 Jan 2026 13:54:38 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:38 GMT Connection: close Set-Cookie: JSESSIONID=1C2EF26A0F3E0D28745D42B9303B9EB7; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=80 Server-Timing: origin; dur=86 Server-Timing: ak_p; desc="1767621278224_34610634_3692735493_16556_4571_12_14_-";dur=1 {"timestamp":"2026-01-05T13:54:38.328+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2026-01-05 by HttpPluginCreate report
-
Open service 2a02:26f0:f700:11::210:10c5:443 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Mon, 05 Jan 2026 13:54:39 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:39 GMT Connection: close Set-Cookie: JSESSIONID=5E1F848732277D100D5CED001F6DA113; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=100 Server-Timing: origin; dur=120 Server-Timing: ak_p; desc="1767621278800_388397381_2595682039_22056_10154_20_28_-";dur=1 {"timestamp":"2026-01-05T13:54:38.957+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2026-01-05 by HttpPluginCreate report
-
Open service 2.16.183.10:80 · dps.choreograph.com
2026-01-05 13:54
HTTP/1.1 500 Internal Server Error Mime-Version: 1.0 Content-Type: text/html Content-Length: 385 Expires: Mon, 05 Jan 2026 13:54:41 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 05 Jan 2026 13:54:41 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=285 Server-Timing: origin; dur=0 Server-Timing: ak_p; desc="1767621281275_34610634_3692743709_28411_3442_14_0_-";dur=1 Page title: Internal Server Error <HTML><HEAD> <TITLE>Internal Server Error</TITLE> </HEAD><BODY> <H1>Internal Server Error - Read</H1> The server encountered an internal error or misconfiguration and was unable to complete your request.<P> Reference #3.d872c17.1767621281.3eed2b6d <P>https://errors.edgesuite.net/3.d872c17.1767621281.3eed2b6d</P> </BODY></HTML>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 2.16.204.95:443 · dps.choreograph.com
2026-01-02 12:46
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Fri, 02 Jan 2026 12:46:07 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 02 Jan 2026 12:46:07 GMT Connection: close Set-Cookie: JSESSIONID=9955B42E987BECDC374231BECA94F056; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=81 Server-Timing: origin; dur=84 Server-Timing: ak_p; desc="1767357967755_34610527_3974685132_16549_7993_11_22_-";dur=1 {"timestamp":"2026-01-02T12:46:07.873+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 2.16.204.95:443 · dps.choreograph.com
2025-12-30 11:20
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Tue, 30 Dec 2025 11:20:10 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 30 Dec 2025 11:20:10 GMT Connection: close Set-Cookie: JSESSIONID=0F5D91BBC6B2E2C846FA742C94CA93BD; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=81 Server-Timing: origin; dur=86 Server-Timing: ak_p; desc="1767093610243_34610524_2909349142_16689_7669_17_21_-";dur=1 {"timestamp":"2025-12-30T11:20:10.356+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2025-12-30 by HttpPluginCreate report
-
Open service 2.16.204.95:443 · dps.choreograph.com
2025-12-22 12:36
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Mon, 22 Dec 2025 12:36:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 12:36:46 GMT Connection: close Set-Cookie: JSESSIONID=3CA4F4DDDCA944834420E77F19899F5F; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=390 Server-Timing: origin; dur=24 Server-Timing: ak_p; desc="1766407005125_34610524_1198040625_41439_14095_151_447_-";dur=1 {"timestamp":"2025-12-22T12:36:45.951+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2025-12-22 by HttpPluginCreate report
-
Open service 2.16.204.95:443 · dps.choreograph.com
2025-12-20 09:51
HTTP/1.1 401 Unauthorized Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers WWW-Authenticate: Basic realm="Realm" X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY Referrer-Policy: unsafe-url Cross-Origin-Opener-Policy: unsafe-none Cross-Origin-Embedder-Policy: unsafe-none Cross-Origin-Resource-Policy: cross-origin Content-Type: application/json Content-Length: 92 Expires: Sat, 20 Dec 2025 09:52:01 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 20 Dec 2025 09:52:01 GMT Connection: close Set-Cookie: JSESSIONID=22AA9D4E8B02ED82682EC88543FAAFDF; Path=/; HttpOnly Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=278 Server-Timing: origin; dur=204 Server-Timing: ak_p; desc="1766224319906_34610524_773912376_48245_19858_230_610_-";dur=1 {"timestamp":"2025-12-20T09:52:00.891+00:00","status":401,"error":"Unauthorized","path":"/"}Found 2025-12-20 by HttpPluginCreate report