Domain ppe.ddex.ms
United States
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-16 16:54
Last seen 2026-02-09 17:39
Open for 116 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60e6c4c78e25e77afe432d12bbae75ea9752fb9b1bPublic Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: GET /api/download/id/{fileId}/name/{name} GET /api/downloadProcessedFile/id/{fileId}/name/{name} GET /api/downstreamFiles GET /api/internal/canonicalSchema/{entityName} GET /api/internal/downstreamData/{downstreamConsumer} GET /api/internal/downstreamEntities GET /api/internal/downstreamSchemaMap/downstreamConsumer/{downstreamConsumer}/entity/{entity}/supplier/{supplier}/factory/{factory}/tier/{tier} GET /api/internal/entities GET /api/internal/notification/{fileId} GET /api/internal/supplier/onboard/{supplierName} GET /api/internal/supplierFiles GET /api/internal/supplierList GET /api/internal/supplierSchemaMap/entity/{entity}/supplier/{supplier} GET /api/notification/{notificationQueryId} GET /api/sasToken POST /api/internal/ValidateSupplierProdFiles POST /api/internal/crossFileValidation/downstreamConsumer/{downstreamConsumer}/supplier/{supplier}/factory/{factory}/tier/{tier} POST /api/internal/parseRules POST /api/internal/processedDataUpload/downstreamConsumer/{downstreamConsumer}/downstreamEntity/{downstreamEntity}/supplier/{supplier} POST /api/internal/processedFilesNotification/downstreamConsumer/{downstreamConsumer}/downstreamEntity/{downstreamEntity}/supplier/{supplier} POST /api/internal/rawDataUpload/correlationId/{correlationId} POST /api/internal/sampleBusinessValidator POST /api/internal/supplier/offboard/{supplierName} POST /api/upload/entity/{entity}/factory/{factory}/tier/{tier} POST /v2/eventsFound on 2026-02-09 17:39
-
-
Open service 13.107.213.44:443 · ppe.ddex.ms
2026-01-23 13:58
HTTP/1.1 404 Not Found Date: Fri, 23 Jan 2026 13:58:43 GMT Content-Length: 0 Connection: close Cache-Control: no-store, must-revalidate, no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff MS-RequestId: -GGyw8fCY0WIbXaUlrdABQ.0 x-azure-ref: 20260123T135843Z-17bcc8785fcj8hnqhC1FRArgrs0000000b4g00000000q8e2 X-Cache: CONFIG_NOCACHE
Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.107.246.38:443 · ppe.ddex.ms
2026-01-10 14:14
HTTP/1.1 404 Not Found Date: Sat, 10 Jan 2026 14:14:50 GMT Content-Length: 0 Connection: close Cache-Control: no-store, must-revalidate, no-cache Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff MS-RequestId: IXY8hdW_dEqk1qUUqC7Oag.0 x-azure-ref: 20260110T141449Z-186c7bfbcc7qmzqchC1LONqy8400000004800000000028a5 X-Cache: CONFIG_NOCACHE
Found 2026-01-10 by HttpPluginCreate report