LeakIX - Host mel.50eight.com

Domain mel.50eight.com

United States

AMAZON-02

Software information

Heroku

tcp/443 tcp/80

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 15.197.253.240
Domain: mel.50eight.com
Port: 443
URL: https://mel.50eight.com

First seen 2025-10-14 15:54
Last seen 2026-01-09 12:00
Open for 86 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb4892196a5c5443dd3daedeb7e880cc3e4a382543c

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /accounts/confirm-password/{uuid}/{token}/
GET /api/v1/activities/
GET /api/v1/activities/impacts/count
GET /api/v1/activities/metrics/
GET /api/v1/activities/{id}/
GET /api/v1/activity-baselines/
GET /api/v1/activity-documents/
GET /api/v1/activity-documents/{id}/
GET /api/v1/activity-observations/
GET /api/v1/activity-observations/{id}/
GET /api/v1/activity-performance/
GET /api/v1/activity-targets/
GET /api/v1/activity/{activity_id}/baselines
GET /api/v1/activity/{activity_id}/documents
GET /api/v1/activity/{activity_id}/observations
GET /api/v1/activity/{activity_id}/performances
GET /api/v1/activity/{activity_id}/targets
GET /api/v1/prismic/content
GET /api/v1/projects/
GET /api/v1/projects/{id}/
GET /api/v1/projects/{project_id}/activities/
GET /api/v1/users/count/
POST /api/v1/accounts/comfirm-password-code
POST /api/v1/accounts/image-consent
POST /api/v1/accounts/register
POST /api/v1/accounts/reset-password
POST /api/v1/accounts/reset-password-request
POST /api/v1/accounts/seen-screens
POST /api/v1/activity-documents/upload/{id}/
POST /api/v1/activity-observations/upload/{id}/
POST /api/v1/prismic/webhook
POST /api/v1/projects/upload/{id}/
POST /api/v1/token/
POST /api/v1/token/refresh/
PUT /api/v1/activity-baselines/{id}/
PUT /api/v1/activity-performance/{id}/
PUT /api/v1/activity-targets/{id}/

Found on 2026-01-09 12:00

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 99.83.185.157
Domain: mel.50eight.com
Port: 80
URL: http://mel.50eight.com

First seen 2025-10-14 15:54
Last seen 2026-01-09 15:24
Open for 86 days

Severity: info
Fingerprint: 5733ddf49ff49cd1f5e22fb4892196a5c5443dd3daedeb7e880cc3e4a382543c

Public Swagger UI/API detected at path: /api/swagger.json - sample paths:
GET /accounts/confirm-password/{uuid}/{token}/
GET /api/v1/activities/
GET /api/v1/activities/impacts/count
GET /api/v1/activities/metrics/
GET /api/v1/activities/{id}/
GET /api/v1/activity-baselines/
GET /api/v1/activity-documents/
GET /api/v1/activity-documents/{id}/
GET /api/v1/activity-observations/
GET /api/v1/activity-observations/{id}/
GET /api/v1/activity-performance/
GET /api/v1/activity-targets/
GET /api/v1/activity/{activity_id}/baselines
GET /api/v1/activity/{activity_id}/documents
GET /api/v1/activity/{activity_id}/observations
GET /api/v1/activity/{activity_id}/performances
GET /api/v1/activity/{activity_id}/targets
GET /api/v1/prismic/content
GET /api/v1/projects/
GET /api/v1/projects/{id}/
GET /api/v1/projects/{project_id}/activities/
GET /api/v1/users/count/
POST /api/v1/accounts/comfirm-password-code
POST /api/v1/accounts/image-consent
POST /api/v1/accounts/register
POST /api/v1/accounts/reset-password
POST /api/v1/accounts/reset-password-request
POST /api/v1/accounts/seen-screens
POST /api/v1/activity-documents/upload/{id}/
POST /api/v1/activity-observations/upload/{id}/
POST /api/v1/prismic/webhook
POST /api/v1/projects/upload/{id}/
POST /api/v1/token/
POST /api/v1/token/refresh/
PUT /api/v1/activity-baselines/{id}/
PUT /api/v1/activity-performance/{id}/
PUT /api/v1/activity-targets/{id}/

Found on 2026-01-09 15:24

Create report

Open service 99.83.185.157:80 · mel.50eight.com

2026-01-09 15:24

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 15:25:48 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=5NNrKRuEhndYgCKFmY5LrxgYXG3T4mEtaFh4ETAyVfQ%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767972348"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=5NNrKRuEhndYgCKFmY5LrxgYXG3T4mEtaFh4ETAyVfQ%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767972348"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 3 days ago by HttpPlugin

Create report

Open service 15.197.253.240:443 · mel.50eight.com

2026-01-09 12:00

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 12:00:47 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=tLhU6oWTGXV8zkRGbcjeIhHaDg24a8N1fymzjIIYBVQ%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767960047"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=tLhU6oWTGXV8zkRGbcjeIhHaDg24a8N1fymzjIIYBVQ%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767960047"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 2026-01-09 by HttpPlugin

Create report

Open service 15.197.253.240:443 · mel.50eight.com

2026-01-02 20:46

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 20:46:43 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=OES4TaH22xxrgtM6xEpUndmImaTE%2BrnQocJbCevbXgM%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767386803"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=OES4TaH22xxrgtM6xEpUndmImaTE%2BrnQocJbCevbXgM%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767386803"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

Open service 99.83.185.157:80 · mel.50eight.com

2025-12-23 02:25

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Dec 2025 02:25:39 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=icXrP1fe01cpOdCtlV8EY8BIT23XZkq8caVzGOTYNoA%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766456739"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=icXrP1fe01cpOdCtlV8EY8BIT23XZkq8caVzGOTYNoA%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766456739"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 2025-12-23 by HttpPlugin

Create report

Open service 15.197.253.240:443 · mel.50eight.com

2025-12-23 00:09

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Dec 2025 00:09:23 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wSdmnp7XJvK7k9xKRBf4ROxkUfPRsLR%2F1pwWx4h9nJ4%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766448563"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wSdmnp7XJvK7k9xKRBf4ROxkUfPRsLR%2F1pwWx4h9nJ4%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766448563"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 2025-12-23 by HttpPlugin

Create report

Open service 15.197.253.240:443 · mel.50eight.com

2025-12-21 01:07

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 21 Dec 2025 01:07:49 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=QgsphWrL59TGv%2BqQDa16WZ5c1t%2BN5iIipcHIgjSNlw0%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766279269"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=QgsphWrL59TGv%2BqQDa16WZ5c1t%2BN5iIipcHIgjSNlw0%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766279269"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 2025-12-21 by HttpPlugin

Create report

Open service 15.197.253.240:443 · mel.50eight.com

2025-12-19 05:49

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Dec 2025 05:49:59 GMT
Location: /accounts/login/?next=/
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=E5%2Fd7q66GW%2FNuMzfmdsaJyi5l%2BJ9ALPO8fJHW4TK12M%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766123399"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=E5%2Fd7q66GW%2FNuMzfmdsaJyi5l%2BJ9ALPO8fJHW4TK12M%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766123399"
Server: Heroku
Vary: Origin, Cookie
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Connection: close

Found 2025-12-19 by HttpPlugin

Create report

mel.50eight.com

Fingerprint:

f7f6825e71e8a80610e0376db4d73254bf1c7d7da03b6107a733cf7564da1ee9

CN:

mel.50eight.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-08 23:23

Not after:

2026-03-08 23:23

Domain summary

mel.50eight.com 8

1 recorded

IP summary

99.83.185.157 1 15.197.253.240 1

2 recorded