Domain express-web-dev.cydeneapi.com
United States
Software information
Heroku
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 15.197.253.240
Domain: express-web-dev.cydeneapi.com
Port: 443
URL: https://express-web-dev.cydeneapi.comFirst seen 2025-11-16 00:24
Last seen 2026-01-09 10:42
Open for 54 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354985a0f8ad4323bfe81f6e6a28dbaf0606b80b22e3Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /auth/forgot-password/{email} GET /auth/profile GET /auth/register/resend/{email} GET /billswewe/categories GET /billswewe/category/{category}/providers GET /billswewe/data/bundles/{service_type} GET /billswewe/direct/fee/{category} GET /billswewe/power/purchase/receipt/{reference} GET /billswewe/tv/cable/plans/addons/{service_type}/{product_code} GET /billswewe/tv/cable/plans/{service_type} GET /billswewe/tv/streaming/plans/{service_type} GET /billswewe/tv/validate/{service_type}/{card_number} GET /general/statistics GET /payment/gateways GET /payment/history GET /payment/validate/{reference} GET /user/account/tiers GET /user/account/upgrade/status GET /user/referrals/{skip}/{limit} GET /wallet GET /wallet/banks/lists GET /wallet/transactions GET /wallet/transactions/{reference} POST /auth/change-password POST /auth/login POST /auth/pre-login POST /auth/pre-register POST /auth/register POST /auth/reset-password POST /auth/validate-otp POST /auth/validate-register POST /billswewe/airtime/purchase/direct POST /billswewe/airtime/purchase/wallet POST /billswewe/data/purchase/direct POST /billswewe/data/purchase/wallet POST /billswewe/power/meter/validate POST /billswewe/power/purchase/direct POST /billswewe/power/purchase/wallet POST /billswewe/tv/cable/change/wallet POST /billswewe/tv/cable/renew/wallet POST /billswewe/tv/renew/direct POST /otp/email/send POST /otp/sms/send POST /payment/flutterwave/webhook POST /user/account/upgrade POST /user/validate-phone POST /wallet/bank/account/generate POST /wallet/bank/account/transfer POST /wallet/bank/account/validate PUT /wallet/change-pin PUT /wallet/create-pin PUT /wallet/reset-pinFound on 2026-01-09 10:42 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354985a0f8ad4323bfe81f6e6a28456e46ae2ae7faebPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /auth/forgot-password/{email} GET /auth/profile GET /auth/register/resend/{email} GET /bills/categories GET /bills/category/{category}/providers GET /bills/data/bundles/{service_type} GET /bills/direct/fee/{category} GET /bills/power/purchase/receipt/{reference} GET /bills/tv/cable/plans/addons/{service_type}/{product_code} GET /bills/tv/cable/plans/{service_type} GET /bills/tv/streaming/plans/{service_type} GET /bills/tv/validate/{service_type}/{card_number} GET /general/statistics GET /payment/gateways GET /payment/history GET /payment/validate/{reference} GET /user/account/tiers GET /user/account/upgrade/status GET /user/referrals/{skip}/{limit} GET /wallet GET /wallet/banks/lists GET /wallet/transactions GET /wallet/transactions/{reference} POST /auth/change-password POST /auth/login POST /auth/pre-login POST /auth/pre-register POST /auth/register POST /auth/reset-password POST /auth/validate-otp POST /auth/validate-register POST /bills/airtime/purchase/direct POST /bills/airtime/purchase/wallet POST /bills/data/purchase/direct POST /bills/data/purchase/wallet POST /bills/power/meter/validate POST /bills/power/purchase/direct POST /bills/power/purchase/wallet POST /bills/tv/cable/change/wallet POST /bills/tv/cable/renew/wallet POST /bills/tv/renew/direct POST /otp/email/send POST /otp/sms/send POST /payment/flutterwave/webhook POST /user/account/upgrade POST /user/validate-phone POST /wallet/bank/account/generate POST /wallet/bank/account/transfer POST /wallet/bank/account/validate PUT /wallet/change-pin PUT /wallet/create-pin PUT /wallet/reset-pinFound on 2025-11-16 00:24
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 99.83.185.157
Domain: express-web-dev.cydeneapi.com
Port: 80
URL: http://express-web-dev.cydeneapi.comFirst seen 2025-11-16 00:24
Last seen 2026-01-08 22:02
Open for 53 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354985a0f8ad4323bfe81f6e6a28dbaf0606b80b22e3Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /auth/forgot-password/{email} GET /auth/profile GET /auth/register/resend/{email} GET /billswewe/categories GET /billswewe/category/{category}/providers GET /billswewe/data/bundles/{service_type} GET /billswewe/direct/fee/{category} GET /billswewe/power/purchase/receipt/{reference} GET /billswewe/tv/cable/plans/addons/{service_type}/{product_code} GET /billswewe/tv/cable/plans/{service_type} GET /billswewe/tv/streaming/plans/{service_type} GET /billswewe/tv/validate/{service_type}/{card_number} GET /general/statistics GET /payment/gateways GET /payment/history GET /payment/validate/{reference} GET /user/account/tiers GET /user/account/upgrade/status GET /user/referrals/{skip}/{limit} GET /wallet GET /wallet/banks/lists GET /wallet/transactions GET /wallet/transactions/{reference} POST /auth/change-password POST /auth/login POST /auth/pre-login POST /auth/pre-register POST /auth/register POST /auth/reset-password POST /auth/validate-otp POST /auth/validate-register POST /billswewe/airtime/purchase/direct POST /billswewe/airtime/purchase/wallet POST /billswewe/data/purchase/direct POST /billswewe/data/purchase/wallet POST /billswewe/power/meter/validate POST /billswewe/power/purchase/direct POST /billswewe/power/purchase/wallet POST /billswewe/tv/cable/change/wallet POST /billswewe/tv/cable/renew/wallet POST /billswewe/tv/renew/direct POST /otp/email/send POST /otp/sms/send POST /payment/flutterwave/webhook POST /user/account/upgrade POST /user/validate-phone POST /wallet/bank/account/generate POST /wallet/bank/account/transfer POST /wallet/bank/account/validate PUT /wallet/change-pin PUT /wallet/create-pin PUT /wallet/reset-pinFound on 2026-01-08 22:02 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354985a0f8ad4323bfe81f6e6a28456e46ae2ae7faebPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /auth/forgot-password/{email} GET /auth/profile GET /auth/register/resend/{email} GET /bills/categories GET /bills/category/{category}/providers GET /bills/data/bundles/{service_type} GET /bills/direct/fee/{category} GET /bills/power/purchase/receipt/{reference} GET /bills/tv/cable/plans/addons/{service_type}/{product_code} GET /bills/tv/cable/plans/{service_type} GET /bills/tv/streaming/plans/{service_type} GET /bills/tv/validate/{service_type}/{card_number} GET /general/statistics GET /payment/gateways GET /payment/history GET /payment/validate/{reference} GET /user/account/tiers GET /user/account/upgrade/status GET /user/referrals/{skip}/{limit} GET /wallet GET /wallet/banks/lists GET /wallet/transactions GET /wallet/transactions/{reference} POST /auth/change-password POST /auth/login POST /auth/pre-login POST /auth/pre-register POST /auth/register POST /auth/reset-password POST /auth/validate-otp POST /auth/validate-register POST /bills/airtime/purchase/direct POST /bills/airtime/purchase/wallet POST /bills/data/purchase/direct POST /bills/data/purchase/wallet POST /bills/power/meter/validate POST /bills/power/purchase/direct POST /bills/power/purchase/wallet POST /bills/tv/cable/change/wallet POST /bills/tv/cable/renew/wallet POST /bills/tv/renew/direct POST /otp/email/send POST /otp/sms/send POST /payment/flutterwave/webhook POST /user/account/upgrade POST /user/validate-phone POST /wallet/bank/account/generate POST /wallet/bank/account/transfer POST /wallet/bank/account/validate PUT /wallet/change-pin PUT /wallet/create-pin PUT /wallet/reset-pinFound on 2025-11-16 00:24
-
-
Open service 15.197.253.240:443 · express-web-dev.cydeneapi.com
2026-01-09 10:42
HTTP/1.1 404 Not Found Content-Length: 0 Date: Fri, 09 Jan 2026 10:42:42 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=iy4%2F6mk0aC8elEKwrn0GoXgLDbHE6YECWQpLrKPnpK0%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767955363"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=iy4%2F6mk0aC8elEKwrn0GoXgLDbHE6YECWQpLrKPnpK0%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767955363" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2026-01-09 by HttpPluginCreate report
-
Open service 99.83.185.157:80 · express-web-dev.cydeneapi.com
2026-01-08 22:02
HTTP/1.1 404 Not Found Content-Length: 0 Date: Thu, 08 Jan 2026 22:03:52 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=nXqnWMYPAqyFwLD8bkl%2B2Bw92OsQOGnA73de4To4ND4%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767909833"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=nXqnWMYPAqyFwLD8bkl%2B2Bw92OsQOGnA73de4To4ND4%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767909833" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2026-01-08 by HttpPluginCreate report
-
Open service 15.197.253.240:443 · express-web-dev.cydeneapi.com
2026-01-02 04:30
HTTP/1.1 404 Not Found Content-Length: 0 Date: Fri, 02 Jan 2026 04:30:42 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=9EbwsQZN7c4iL1lJyKeHVeMBTRmIDOD4fg10vzhE%2FEM%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1767328242"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=9EbwsQZN7c4iL1lJyKeHVeMBTRmIDOD4fg10vzhE%2FEM%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1767328242" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2026-01-02 by HttpPluginCreate report
-
Open service 15.197.253.240:443 · express-web-dev.cydeneapi.com
2025-12-22 19:03
HTTP/1.1 404 Not Found Content-Length: 0 Date: Mon, 22 Dec 2025 19:03:21 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=JXVpcGwXOHiKGGaIJd4CbtAqb6cTVHMVPK2uJg8cSDQ%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766430201"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=JXVpcGwXOHiKGGaIJd4CbtAqb6cTVHMVPK2uJg8cSDQ%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766430201" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2025-12-22 by HttpPluginCreate report
-
Open service 15.197.253.240:443 · express-web-dev.cydeneapi.com
2025-12-20 19:43
HTTP/1.1 404 Not Found Content-Length: 0 Date: Sat, 20 Dec 2025 19:43:21 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=5IgCVUmW4xRrzQPsAr4qaPIBp6jk1%2B1%2F6hVRHbop%2Fqs%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766259801"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=5IgCVUmW4xRrzQPsAr4qaPIBp6jk1%2B1%2F6hVRHbop%2Fqs%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766259801" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2025-12-20 by HttpPluginCreate report
-
Open service 99.83.185.157:80 · express-web-dev.cydeneapi.com
2025-12-20 06:31
HTTP/1.1 404 Not Found Content-Length: 0 Date: Sat, 20 Dec 2025 06:31:31 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=U5WYf1fWz78vvT5aodxXshPUZg%2F2e2NHKy0zQjaSh6Y%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766212292"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=U5WYf1fWz78vvT5aodxXshPUZg%2F2e2NHKy0zQjaSh6Y%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766212292" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2025-12-20 by HttpPluginCreate report
-
Open service 15.197.253.240:443 · express-web-dev.cydeneapi.com
2025-12-19 01:37
HTTP/1.1 404 Not Found Content-Length: 0 Date: Fri, 19 Dec 2025 01:37:17 GMT Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Ii36XqVqYkwSrOJ948PLsEHe30ygyuACBawaiL%2Fvdlk%3D\u0026sid=812dcc77-0bd0-43b1-a5f1-b25750382959\u0026ts=1766108237"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Ii36XqVqYkwSrOJ948PLsEHe30ygyuACBawaiL%2Fvdlk%3D&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&ts=1766108237" Server: Heroku Via: 1.1 heroku-router Connection: closeFound 2025-12-19 by HttpPluginCreate report