Domain staging-api.migesplus.ch
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-17 00:57
Last seen 2026-01-09 18:43
Open for 53 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fePublic Swagger UI/API detected at path: /swagger.json - sample paths: GET /search/reindex GET /{locale}/access-channels GET /{locale}/access-channels/{slug} GET /{locale}/adviceCenters GET /{locale}/adviceCenters/{slug} GET /{locale}/audiences GET /{locale}/audiences/{slug} GET /{locale}/blogs GET /{locale}/blogs/{slug} GET /{locale}/featuredBlogs GET /{locale}/good-practices GET /{locale}/good-practices/{slug} GET /{locale}/healthBlogs GET /{locale}/infobox/{page} GET /{locale}/infoboxes GET /{locale}/migesMedia/{slug} GET /{locale}/migesMedias GET /{locale}/nonHealthBlogs GET /{locale}/publications GET /{locale}/publications/featured GET /{locale}/publications/{slug} GET /{locale}/publications/{slug}/related GET /{locale}/publishers GET /{locale}/publishers/{slug} GET /{locale}/publishers/{slug}/publications GET /{locale}/topics GET /{locale}/topics/featured GET /{locale}/topics/pages GET /{locale}/topics/{slug} POST /address/search POST /address/validate POST /webhooks/contentful POST /{locale}/publishers/emails POST /{locale}/publishers/{slug}/email PUT /topics/updateTopicGroupSlugPathFound on 2026-01-09 18:43
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-17 00:57
Last seen 2026-01-09 11:51
Open for 53 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43c4ce51e629da3a696279a8e8ab353e0e67be88fePublic Swagger UI/API detected at path: /swagger.json - sample paths: GET /search/reindex GET /{locale}/access-channels GET /{locale}/access-channels/{slug} GET /{locale}/adviceCenters GET /{locale}/adviceCenters/{slug} GET /{locale}/audiences GET /{locale}/audiences/{slug} GET /{locale}/blogs GET /{locale}/blogs/{slug} GET /{locale}/featuredBlogs GET /{locale}/good-practices GET /{locale}/good-practices/{slug} GET /{locale}/healthBlogs GET /{locale}/infobox/{page} GET /{locale}/infoboxes GET /{locale}/migesMedia/{slug} GET /{locale}/migesMedias GET /{locale}/nonHealthBlogs GET /{locale}/publications GET /{locale}/publications/featured GET /{locale}/publications/{slug} GET /{locale}/publications/{slug}/related GET /{locale}/publishers GET /{locale}/publishers/{slug} GET /{locale}/publishers/{slug}/publications GET /{locale}/topics GET /{locale}/topics/featured GET /{locale}/topics/pages GET /{locale}/topics/{slug} POST /address/search POST /address/validate POST /webhooks/contentful POST /{locale}/publishers/emails POST /{locale}/publishers/{slug}/email PUT /topics/updateTopicGroupSlugPathFound on 2026-01-09 11:51
-
-
Open service 99.83.217.1:80 · staging-api.migesplus.ch
2026-01-09 18:43
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Fri, 09 Jan 2026 18:44:04 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=8tN76dBlsRo1A3Vtbp6YBkoJnG1c9%2F4z9suN0D7h%2Fvw%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767984244"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=8tN76dBlsRo1A3Vtbp6YBkoJnG1c9%2F4z9suN0D7h%2Fvw%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767984244" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 3 days ago by HttpPluginCreate report
-
Open service 76.223.11.49:443 · staging-api.migesplus.ch
2026-01-09 11:51
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Fri, 09 Jan 2026 11:51:03 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rmd6h4e%2FYZAzPYqbldy4ATUWrekxOONRubgzbo%2F8IBE%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767959463"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rmd6h4e%2FYZAzPYqbldy4ATUWrekxOONRubgzbo%2F8IBE%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767959463" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 3 days ago by HttpPluginCreate report
-
Open service 99.83.217.1:80 · staging-api.migesplus.ch
2026-01-02 06:09
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Fri, 02 Jan 2026 06:09:42 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=6VXwX3FdaOAk6aflbe9gM4bMN4euSxxelTBRBfiUL3c%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767334182"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=6VXwX3FdaOAk6aflbe9gM4bMN4euSxxelTBRBfiUL3c%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767334182" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · staging-api.migesplus.ch
2026-01-02 02:57
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Fri, 02 Jan 2026 02:57:54 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=03Ex3ZTOQ7%2BSJxM%2BPWrX8SY93u16N%2F5MoWbH%2F2kW8pM%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767322674"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=03Ex3ZTOQ7%2BSJxM%2BPWrX8SY93u16N%2F5MoWbH%2F2kW8pM%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767322674" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2026-01-02 by HttpPluginCreate report
-
Open service 99.83.217.1:80 · staging-api.migesplus.ch
2025-12-30 13:13
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Tue, 30 Dec 2025 13:13:53 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3MSDbi7a%2FNinEFmT%2FhooQeyJsm6uqrse98QB%2FTLUXzc%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1767100433"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3MSDbi7a%2FNinEFmT%2FhooQeyJsm6uqrse98QB%2FTLUXzc%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1767100433" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2025-12-30 by HttpPluginCreate report
-
Open service 99.83.217.1:80 · staging-api.migesplus.ch
2025-12-22 10:56
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Mon, 22 Dec 2025 10:56:13 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=12TmOrORfIiBv9TpnCz7Fa%2FPM%2BVwv%2F5u5CP4gX%2BAVFc%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766400973"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=12TmOrORfIiBv9TpnCz7Fa%2FPM%2BVwv%2F5u5CP4gX%2BAVFc%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766400973" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2025-12-22 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · staging-api.migesplus.ch
2025-12-22 09:17
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Mon, 22 Dec 2025 09:17:44 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LGUtJ%2BNLaH1tmOys%2Bg96bZa%2FjjKa%2BwZUOBb3Wn%2FgxqU%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766395064"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LGUtJ%2BNLaH1tmOys%2Bg96bZa%2FjjKa%2BwZUOBb3Wn%2FgxqU%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766395064" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2025-12-22 by HttpPluginCreate report
-
Open service 99.83.217.1:80 · staging-api.migesplus.ch
2025-12-21 05:07
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Sun, 21 Dec 2025 05:07:30 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=8lh%2FBHyrWAqYv3isptENcAsFXe8w7WgVWw68DdjYrtE%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766293650"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=8lh%2FBHyrWAqYv3isptENcAsFXe8w7WgVWw68DdjYrtE%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766293650" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2025-12-21 by HttpPluginCreate report
-
Open service 76.223.11.49:443 · staging-api.migesplus.ch
2025-12-20 09:05
HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: no-cache Content-Length: 26 Content-Type: application/json; charset=utf-8 Date: Sat, 20 Dec 2025 09:05:51 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=goi%2FVNT%2BZPJ9vY60nKBdMK%2FyLLkGUCdAN4f4PlxH0eY%3D\u0026sid=c4c9725f-1ab0-44d8-820f-430df2718e11\u0026ts=1766221551"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=goi%2FVNT%2BZPJ9vY60nKBdMK%2FyLLkGUCdAN4f4PlxH0eY%3D&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&ts=1766221551" Server: Heroku Vary: origin,accept-encoding Via: 1.1 heroku-router Connection: close {"result":"Migesplus API"}Found 2025-12-20 by HttpPluginCreate report