Domain fidelity-api.meep.cloud
United States
Software information
Kestrel
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-11 16:56
Last seen 2026-01-16 14:41
Open for 4 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493a76e1a213d9f969444c42f2061cff00dd022e15Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/fidelity-product/fidelity/{fidelityId}/product/{productId} GET / GET /api/customers/change-histories GET /api/customers/coins-conversion-to-brl GET /api/customers/details GET /api/customers/summaries GET /api/fidelity-balance/coins GET /api/fidelity-balance/points GET /api/fidelity-plans/byCustomerDocument GET /api/fidelity-product/byFidelityId/{fidelityId} GET /api/fidelity/owner/{ownerId}/hierarchy GET /api/fidelity/{fidelityId} GET /api/fidelity/{fidelityId}/customers GET /api/payments/get-reservation-by-orderid GET /api/payments/get-reservation-pending POST /api/fidelity-product/owner/{ownerId} POST /api/fidelity/events/score/frequency POST /api/fidelity/events/score/payment POST /api/fidelity/events/score/refund POST /api/fidelity/owner/{ownerId} POST /api/fidelity/owner/{ownerId}/linking POST /api/payments/cancel-reservation POST /api/payments/confirm-reservation POST /api/payments/create-reservation POST /api/payments/customer-coins PUT /api/fidelity-product/owner/{ownerId}/fidelity/{fidelityId} PUT /api/fidelity-product/{fidelityId}Found on 2026-01-16 14:41 -
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-01-11 16:56
-
-
Open service 20.49.104.17:80 · fidelity-api.meep.cloud
2026-01-11 16:56
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sun, 11 Jan 2026 16:57:38 GMT Location: https://fidelity-api.meep.cloud/
Found 2026-01-11 by HttpPluginCreate report
-
Open service 20.49.104.17:443 · fidelity-api.meep.cloud
2026-01-11 16:56
HTTP/1.1 200 OK Connection: close Content-Type: text/plain; charset=utf-8 Date: Sun, 11 Jan 2026 16:57:39 GMT Server: Kestrel Transfer-Encoding: chunked Request-Context: appId=cid-v1:df158e6c-beed-4e3f-8c91-4d49526cb378 Ok
Found 2026-01-11 by HttpPluginCreate report