LeakIX - Host api.migesplus.ch

Domain api.migesplus.ch

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 15.197.129.158
Domain: api.migesplus.ch
Port: 80
URL: http://api.migesplus.ch

First seen 2025-11-19 00:31
Last seen 2026-01-08 23:10
Open for 50 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fe

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /search/reindex
GET /{locale}/access-channels
GET /{locale}/access-channels/{slug}
GET /{locale}/adviceCenters
GET /{locale}/adviceCenters/{slug}
GET /{locale}/audiences
GET /{locale}/audiences/{slug}
GET /{locale}/blogs
GET /{locale}/blogs/{slug}
GET /{locale}/featuredBlogs
GET /{locale}/good-practices
GET /{locale}/good-practices/{slug}
GET /{locale}/healthBlogs
GET /{locale}/infobox/{page}
GET /{locale}/infoboxes
GET /{locale}/migesMedia/{slug}
GET /{locale}/migesMedias
GET /{locale}/nonHealthBlogs
GET /{locale}/publications
GET /{locale}/publications/featured
GET /{locale}/publications/{slug}
GET /{locale}/publications/{slug}/related
GET /{locale}/publishers
GET /{locale}/publishers/{slug}
GET /{locale}/publishers/{slug}/publications
GET /{locale}/topics
GET /{locale}/topics/featured
GET /{locale}/topics/pages
GET /{locale}/topics/{slug}
POST /address/search
POST /address/validate
POST /webhooks/contentful
POST /{locale}/publishers/emails
POST /{locale}/publishers/{slug}/email
PUT /topics/updateTopicGroupSlugPath

Found on 2026-01-08 23:10

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.217.1
Domain: api.migesplus.ch
Port: 443
URL: https://api.migesplus.ch

First seen 2025-11-19 00:31
Last seen 2026-01-09 05:00
Open for 51 days

Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fe

Public Swagger UI/API detected at path: /swagger.json - sample paths:
GET /search/reindex
GET /{locale}/access-channels
GET /{locale}/access-channels/{slug}
GET /{locale}/adviceCenters
GET /{locale}/adviceCenters/{slug}
GET /{locale}/audiences
GET /{locale}/audiences/{slug}
GET /{locale}/blogs
GET /{locale}/blogs/{slug}
GET /{locale}/featuredBlogs
GET /{locale}/good-practices
GET /{locale}/good-practices/{slug}
GET /{locale}/healthBlogs
GET /{locale}/infobox/{page}
GET /{locale}/infoboxes
GET /{locale}/migesMedia/{slug}
GET /{locale}/migesMedias
GET /{locale}/nonHealthBlogs
GET /{locale}/publications
GET /{locale}/publications/featured
GET /{locale}/publications/{slug}
GET /{locale}/publications/{slug}/related
GET /{locale}/publishers
GET /{locale}/publishers/{slug}
GET /{locale}/publishers/{slug}/publications
GET /{locale}/topics
GET /{locale}/topics/featured
GET /{locale}/topics/pages
GET /{locale}/topics/{slug}
POST /address/search
POST /address/validate
POST /webhooks/contentful
POST /{locale}/publishers/emails
POST /{locale}/publishers/{slug}/email
PUT /topics/updateTopicGroupSlugPath

Found on 2026-01-09 05:00

Create report

Open service 99.83.217.1:443 · api.migesplus.ch

2026-01-09 05:00

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Fri, 09 Jan 2026 05:00:04 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=hCWs4d60HdPI7P0E4YJgA5aBGECMkJfrijMidDYoGAA%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767934804"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=hCWs4d60HdPI7P0E4YJgA5aBGECMkJfrijMidDYoGAA%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767934804"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2026-01-09 by HttpPlugin

Create report

Open service 15.197.129.158:80 · api.migesplus.ch

2026-01-08 23:10

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Thu, 08 Jan 2026 23:11:16 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=T2fBneowGjpg%2BYHM%2F6j5M%2BrdwXu8flYOF8myAgG8otQ%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767913876"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=T2fBneowGjpg%2BYHM%2F6j5M%2BrdwXu8flYOF8myAgG8otQ%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767913876"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2026-01-08 by HttpPlugin

Create report

Open service 99.83.217.1:443 · api.migesplus.ch

2026-01-02 12:13

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Fri, 02 Jan 2026 12:13:48 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=SyW9yfG6HVF%2F6B0RXnRpmVOEr6vXnNcPiXUKRHrs26M%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767356028"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=SyW9yfG6HVF%2F6B0RXnRpmVOEr6vXnNcPiXUKRHrs26M%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767356028"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2026-01-02 by HttpPlugin

Create report

Open service 15.197.129.158:80 · api.migesplus.ch

2026-01-01 22:50

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Thu, 01 Jan 2026 22:50:15 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=9QswwuCZzxZvryxR9SknJLDN9eGp4w5%2Bpj%2FQVatdL1o%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767307815"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=9QswwuCZzxZvryxR9SknJLDN9eGp4w5%2Bpj%2FQVatdL1o%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767307815"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2026-01-01 by HttpPlugin

Create report

Open service 99.83.217.1:443 · api.migesplus.ch

2025-12-30 13:27

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Tue, 30 Dec 2025 13:27:53 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=9OpR%2BJASsl55wwj7eZWirzrO4zstpdb76nHGNB9GLlI%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767101273"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=9OpR%2BJASsl55wwj7eZWirzrO4zstpdb76nHGNB9GLlI%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767101273"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2025-12-30 by HttpPlugin

Create report

Open service 15.197.129.158:80 · api.migesplus.ch

2025-12-30 05:41

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Tue, 30 Dec 2025 05:41:57 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=hAoM79F5AuHCsrLKyJzR8TfVsWWX8rb7PB9mSwvig3s%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767073317"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=hAoM79F5AuHCsrLKyJzR8TfVsWWX8rb7PB9mSwvig3s%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767073317"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2025-12-30 by HttpPlugin

Create report

Open service 99.83.217.1:443 · api.migesplus.ch

2025-12-22 14:33

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Mon, 22 Dec 2025 14:33:53 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=kX09YLhSLNNOXJTrYFq5XPAWMymfz%2FFD%2FPY9VqbqiiQ%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766414033"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=kX09YLhSLNNOXJTrYFq5XPAWMymfz%2FFD%2FPY9VqbqiiQ%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766414033"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2025-12-22 by HttpPlugin

Create report

Open service 15.197.129.158:80 · api.migesplus.ch

2025-12-20 13:23

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 13:23:53 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ugUyRgutxUnuKLcua3fQ2ah0t9v%2Bh48GncQd%2BjSGEWI%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766237033"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=ugUyRgutxUnuKLcua3fQ2ah0t9v%2Bh48GncQd%2BjSGEWI%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766237033"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2025-12-20 by HttpPlugin

Create report

Open service 99.83.217.1:443 · api.migesplus.ch

2025-12-20 12:51

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache
Content-Length: 26
Content-Type: application/json; charset=utf-8
Date: Sat, 20 Dec 2025 12:51:14 GMT
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=XaSEJ1ZJ18qUKI2CwuMJ%2BnLVFUaVefkRO9dHHYDbkvw%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766235074"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=XaSEJ1ZJ18qUKI2CwuMJ%2BnLVFUaVefkRO9dHHYDbkvw%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766235074"
Server: Heroku
Vary: origin,accept-encoding
Via: 1.1 heroku-router
Connection: close


{"result":"Migesplus API"}

Found 2025-12-20 by HttpPlugin

Create report

api.migesplus.ch

Fingerprint:

da11d9b6042dc68dee74fa2a70100c3da7b3c9be199f92fa3d49f5c67347ced6

CN:

api.migesplus.ch

Key:

RSA-2048

Issuer:

R12

Not before:

2025-11-18 23:32

Not after:

2026-02-16 23:32

Domain summary

api.migesplus.ch 10

1 recorded

IP summary

99.83.217.1 1 15.197.129.158 1

2 recorded