Domain app.edpay.no
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 00:35
Last seen 2026-01-09 05:10
Open for 41 days-
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b26756a6626756a6626756a6626756a6626756a66Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /events/{eventType}Found on 2026-01-09 05:10
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-11-29 00:35
Last seen 2026-01-09 13:15
Open for 41 days-
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b26756a6626756a6626756a6626756a6626756a66Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /events/{eventType}Found on 2026-01-09 13:15
-
-
Open service 15.197.253.240:80 · app.edpay.no
2026-01-09 13:15
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Fri, 09 Jan 2026 13:16:52 GMT Expires: 0 Location: http://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=NrESk0YzIv%2BnIM601o73UHTiUGF8ondXG5BDPDJkjaY%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767964612"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=NrESk0YzIv%2BnIM601o73UHTiUGF8ondXG5BDPDJkjaY%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767964612" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2026-01-09 by HttpPluginCreate report
-
Open service 99.83.185.157:443 · app.edpay.no
2026-01-09 05:10
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Fri, 09 Jan 2026 05:10:41 GMT Expires: 0 Location: https://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=PSkW6GibKhpRkzlgeQhxYr01crmjhL6JGcDUPjR%2FyzM%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767935441"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=PSkW6GibKhpRkzlgeQhxYr01crmjhL6JGcDUPjR%2FyzM%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767935441" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2026-01-09 by HttpPluginCreate report
-
Open service 15.197.253.240:80 · app.edpay.no
2026-01-02 19:49
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Fri, 02 Jan 2026 19:49:14 GMT Expires: 0 Location: http://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=LRh4KTFHpqnjTLUX%2B3NUAyxS90V1SDwBfXKkW4dDGdQ%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767383354"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=LRh4KTFHpqnjTLUX%2B3NUAyxS90V1SDwBfXKkW4dDGdQ%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767383354" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2026-01-02 by HttpPluginCreate report
-
Open service 99.83.185.157:443 · app.edpay.no
2026-01-02 09:07
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Fri, 02 Jan 2026 09:07:59 GMT Expires: 0 Location: https://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=tXL8o0CWjMqzyDolWSXk3NvpoMpbYymdhHvMvp0FjOg%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767344879"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=tXL8o0CWjMqzyDolWSXk3NvpoMpbYymdhHvMvp0FjOg%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767344879" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.253.240:80 · app.edpay.no
2025-12-23 07:29
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Tue, 23 Dec 2025 07:29:40 GMT Expires: 0 Location: http://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=NS15KTBI%2FQbkHv6mupzOBIWVKq8IUk8fvidBDyUA09w%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766474981"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=NS15KTBI%2FQbkHv6mupzOBIWVKq8IUk8fvidBDyUA09w%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766474981" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2025-12-23 by HttpPluginCreate report
-
Open service 99.83.185.157:443 · app.edpay.no
2025-12-23 01:19
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Tue, 23 Dec 2025 01:19:32 GMT Expires: 0 Location: https://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=bUQhoks6AGyY7uLgGUrnRPQN7MBUPjs%2BBiEdv4OO2FA%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766452772"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=bUQhoks6AGyY7uLgGUrnRPQN7MBUPjs%2BBiEdv4OO2FA%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766452772" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Strict-Transport-Security: max-age=31536000 ; includeSubDomains Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2025-12-23 by HttpPluginCreate report
-
Open service 15.197.253.240:80 · app.edpay.no
2025-12-21 06:41
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Sun, 21 Dec 2025 06:41:09 GMT Expires: 0 Location: http://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=3Os9Yj9AxQLtVJB4BuqJ%2BV8LHCVxHYELjaGhQdEw5cM%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766299269"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=3Os9Yj9AxQLtVJB4BuqJ%2BV8LHCVxHYELjaGhQdEw5cM%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766299269" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2025-12-21 by HttpPluginCreate report
-
Open service 15.197.253.240:80 · app.edpay.no
2025-12-19 08:20
HTTP/1.1 302 Found Cache-Control: no-cache, no-store, max-age=0, must-revalidate Content-Language: en-US Content-Length: 0 Date: Fri, 19 Dec 2025 08:20:56 GMT Expires: 0 Location: http://app.edpay.no/user Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Pragma: no-cache Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=2EXgUK5tQD43LIo%2FqQoY9aVqr%2FJtFts2To9hEXeebo8%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766132457"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=2EXgUK5tQD43LIo%2FqQoY9aVqr%2FJtFts2To9hEXeebo8%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766132457" Server: Heroku Set-Cookie: heroku-session-affinity=Q38DAQERU3RpY2t5U2Vzc2lvbkRhdGEB/4AAAQMBBUFwcElEAQwAAQhEeW5vTmFtZQEMAAEJRHlub0NvdW50AQQAAAAM/4ACBXdlYi4xAQIARMPRiGUYPESFILe+D/Zb99ZRg5hULdX5K5efJpGPuro= Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 0 Connection: closeFound 2025-12-19 by HttpPluginCreate report