Host 2.16.183.85
Germany
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-11-13 19:33
Last seen 2026-02-09 18:14
Open for 87 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa333717a0d3fa57d2f005dd163dde447761a4b1b0dGraphQL introspection enabled at /graphql Types: 721 (by kind: ENUM: 38, INPUT_OBJECT: 78, INTERFACE: 3, OBJECT: 589, SCALAR: 10, UNION: 3) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2026-02-09 18:141.0 MBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa36c0e8a10a53defd4f9f4863e3eba0e3fa0649537GraphQL introspection enabled at /graphql Types: 718 (by kind: ENUM: 38, INPUT_OBJECT: 78, INTERFACE: 3, OBJECT: 587, SCALAR: 10, UNION: 2) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2026-01-23 07:271.0 MBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3edba241efabd150e70ee57fc1e248a293e029e6dGraphQL introspection enabled at /graphql Types: 714 (by kind: ENUM: 37, INPUT_OBJECT: 78, INTERFACE: 3, OBJECT: 584, SCALAR: 10, UNION: 2) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2026-01-20 15:431.0 MBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ff9246961cacf34601be8d344cb1ad21514a19f5GraphQL introspection enabled at /graphql Types: 699 (by kind: ENUM: 35, INPUT_OBJECT: 77, INTERFACE: 3, OBJECT: 572, SCALAR: 10, UNION: 2) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2026-01-02 09:58982.2 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3853a9710dde79ed40cc29b3ea56f9b3f4a8d9437GraphQL introspection enabled at /graphql Types: 689 (by kind: ENUM: 35, INPUT_OBJECT: 77, INTERFACE: 2, OBJECT: 564, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2025-12-26 20:24973.6 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3a02d8ad27efac022daa6a768cfd3a2d59208e0e1GraphQL introspection enabled at /graphql Types: 688 (by kind: ENUM: 35, INPUT_OBJECT: 76, INTERFACE: 2, OBJECT: 564, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2025-12-20 12:42972.2 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ea37a79e335f6b8e3528677cac384da9e4d2ecedGraphQL introspection enabled at /graphql Types: 682 (by kind: ENUM: 35, INPUT_OBJECT: 71, INTERFACE: 2, OBJECT: 563, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2025-12-18 15:09964.8 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3de36c6f4930d69f87496e00a8809a41b7cab078bGraphQL introspection enabled at /graphql Types: 681 (by kind: ENUM: 35, INPUT_OBJECT: 71, INTERFACE: 2, OBJECT: 562, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10) Detected: Magento
Found on 2025-12-16 12:10967.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa33a70657a5e29602aa9666350099e5bfdcdaac4eaGraphQL introspection enabled at /graphql Types: 676 (by kind: ENUM: 35, INPUT_OBJECT: 71, INTERFACE: 2, OBJECT: 557, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2025-12-12 15:25958.4 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa322da923ec8fa5dee476b2bdced387849f8275baeGraphQL introspection enabled at /graphql Types: 674 (by kind: ENUM: 35, INPUT_OBJECT: 71, INTERFACE: 2, OBJECT: 555, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2025-12-10 19:29955.5 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31cb556a17e0d6663c9640e0fe8638652099b61c1GraphQL introspection enabled at /graphql Types: 669 (by kind: ENUM: 34, INPUT_OBJECT: 70, INTERFACE: 2, OBJECT: 552, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2025-12-01 20:28948.4 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3ba4705471b7b2e75fa984c3d90caca3c7e0261e7GraphQL introspection enabled at /graphql Types: 653 (by kind: ENUM: 33, INPUT_OBJECT: 68, INTERFACE: 2, OBJECT: 539, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2025-11-21 08:10936.1 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa329506ae754998fd5ac71f59d7b7c3fdcb38b6947GraphQL introspection enabled at /graphql Types: 650 (by kind: ENUM: 33, INPUT_OBJECT: 68, INTERFACE: 2, OBJECT: 536, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2025-11-18 06:38935.5 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3079cd9a850a46c8cf2fd577604dd11376c27d788GraphQL introspection enabled at /graphql Types: 649 (by kind: ENUM: 33, INPUT_OBJECT: 68, INTERFACE: 2, OBJECT: 535, SCALAR: 10, UNION: 1) Operations: - Query: Query | fields: addresses, commonAnalyticsData, coverageChecks, deliverableAddresses, pwpolicy - Mutation: Mutation | fields: checkUidExistence, createAddress, createAddressV2, removeAddress, updateAddress Directives: apiSet, cacheControl, constraint, deprecated, forbidAnonymous, include, oneOf, requireToken, skip, specifiedBy (total: 10)
Found on 2025-11-13 19:33934.3 kBytes
-
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-22 10:30
Last seen 2026-02-09 11:30
Open for 110 days-
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d62337d3d62337d3d62337d3d62337d3d62337d3d6GraphQL introspection enabled at /api/graphql
Found on 2026-02-09 11:30 -
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d603073f8703073f8703073f8703073f8703073f87GraphQL introspection enabled at /api/graphql Detected: GitLab
Found on 2026-01-22 18:37 -
Severity: medium
Fingerprint: c2db3a1c40d490db2337d3d6fa8f57cf1f8f335de3915213dc94b0cbd146c80eGraphQL introspection enabled at /api/graphql Types: 1600 (by kind: ENUM: 183, INPUT_OBJECT: 305, INTERFACE: 26, OBJECT: 961, SCALAR: 117, UNION: 8) Operations: - Query: Query | fields: abuseReport, abuseReportLabels, adminGroups, adminProjects, auditEventDefinitions - Mutation: Mutation | fields: abuseReportLabelCreate, achievementsAward, achievementsCreate, achievementsDelete, achievementsRevoke - Subscription: Subscription | fields: ciJobProcessed, ciJobStatusUpdated, ciPipelineScheduleStatusUpdated, ciPipelineStatusUpdated, issuableAssigneesUpdated Directives: deprecated, gl_introduced, include, oneOf, skip, specifiedBy (total: 6)
Found on 2025-11-22 03:562.7 MBytes
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-15 10:58
Last seen 2026-01-21 06:25
Open for 97 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549892d5d4c35e97a7f1464cb6b1464cb6b1464cb6bPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /v1/data/duns/{Duns} POST /ditx/qb.jsp POST /v1/tokenFound on 2026-01-21 06:25
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-07 18:07
Last seen 2025-11-29 02:24
Open for 21 days-
Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf71e5a502a6c373bc86c373bc86c373bc86c373bc8Public Swagger UI/API detected at path: /swagger-ui.html - sample paths: GET /support/ping POST /support/saml
Found on 2025-11-29 02:24
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-07 18:07
Last seen 2025-11-29 02:24
Open for 21 days-
Severity: info
Fingerprint: 5733ddf49ff49cd18553ecf75c9351aed1788bb631dde2f46f2441bfd149ed6aPublic Swagger UI/API detected at path: /swagger-ui.html - sample paths: DELETE /vendors/{vendorId}/users/{userId}/{owner}/{broker} GET /document/file/download GET /document/folder/exists/{vendorId} GET /document/vendor/files/{vendorId} GET /document/vendor/files/{vendorId}/folder/{folderId} GET /requests GET /requests/validate GET /requests/{requestId} GET /support/ping GET /vendor/all GET /vendor/{vendorId} GET /vendors/lclAdmins GET /vendors/user-type/{email} GET /vendors/{vendorId}/users POST /auth/token POST /document/file/delete POST /document/file/delete-from-cloud POST /document/file/new POST /document/file/reports POST /document/file/save POST /document/mass-upload/save POST /document/vendor/files/move POST /document/vendor/pin POST /document/vendor/unpin POST /documents/folder/delete POST /documents/folder/new POST /documents/subfolder/delete/{folderId} POST /documents/subfolder/new POST /requests/edit-request POST /requests/reports POST /support/inquiries POST /vendors/reports PUT /document/file/accept PUT /document/file/archive PUT /document/files/mass-archive-unarchive PUT /document/files/mass-delete PUT /documents/subfolder/rename PUT /vendor PUT /vendors/{vendorId}/users/{userId} PUT /vendors/{vendorId}/users/{userId}/consentFound on 2025-11-29 02:24
-