LeakIX - Host data.cciag.fr

Domain data.cciag.fr

France

MICROSOFT-CORP-MSN-AS-BLOCK

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.111.1.6
Domain: data.cciag.fr
Port: 443
URL: https://data.cciag.fr

First seen 2025-11-20 12:35
Last seen 2026-01-08 22:14
Open for 49 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549cc302cedc2584468f19f34584b7a50b34b7a50b3
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /GetContracts
GET /GetFactures/json
GET /GetFactures/xml
GET /GetPDL
```
  Found on 2026-01-08 22:14
Create report

Open service 20.111.1.6:443 · data.cciag.fr

2026-01-08 22:14

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Thu, 08 Jan 2026 22:15:49 GMT
Request-Context: appId=cid-v1:833a65be-3002-4395-8317-af0d24731e84
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(), autoplay=(self), camera=(self), display-capture=(), fullscreen=(self), geolocation=(self), gyroscope=(), microphone=(), payment=(), usb=()

Found 2026-01-08 by HttpPlugin

Create report

Open service 20.111.1.6:443 · data.cciag.fr

2026-01-02 11:42

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Fri, 02 Jan 2026 11:42:31 GMT
Request-Context: appId=cid-v1:833a65be-3002-4395-8317-af0d24731e84
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(), autoplay=(self), camera=(self), display-capture=(), fullscreen=(self), geolocation=(self), gyroscope=(), microphone=(), payment=(), usb=()

Found 2026-01-02 by HttpPlugin

Create report

Open service 20.111.1.6:443 · data.cciag.fr

2025-12-22 20:44

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Mon, 22 Dec 2025 20:44:05 GMT
Request-Context: appId=cid-v1:833a65be-3002-4395-8317-af0d24731e84
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(), autoplay=(self), camera=(self), display-capture=(), fullscreen=(self), geolocation=(self), gyroscope=(), microphone=(), payment=(), usb=()

Found 2025-12-22 by HttpPlugin

Create report

Open service 20.111.1.6:443 · data.cciag.fr

2025-12-21 00:52

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Sun, 21 Dec 2025 00:52:38 GMT
Request-Context: appId=cid-v1:833a65be-3002-4395-8317-af0d24731e84
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Permissions-Policy: accelerometer=(), autoplay=(self), camera=(self), display-capture=(), fullscreen=(self), geolocation=(self), gyroscope=(), microphone=(), payment=(), usb=()

Found 2025-12-21 by HttpPlugin

Create report

data.cciag.fr

Fingerprint:

1acc2e4703971dd395f8f765968ca75f1e1c1de1e11d047b7960aa016f70fd6d

CN:

data.cciag.fr

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-11-06 00:00

Not after:

2026-04-14 23:59

Domain summary

data.cciag.fr 4

1 recorded

IP summary

20.111.1.6 2

1 recorded

Domain data.cciag.fr

France

Swagger API description is publicly available

Create report

Create report

Create report

Create report

data.cciag.fr

Domain summary

IP summary