Domain app-qa.canndeliv.com
Canada
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2026-01-06 12:44
Last seen 2026-02-09 21:40
Open for 34 days-
Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532cPublic Swagger UI/API detected at path: /swagger/index.html
Found on 2026-02-09 21:40
-
-
Open service 52.233.38.143:443 · app-qa.canndeliv.com
2026-01-23 00:49
HTTP/1.1 200 OK Content-Length: 599 Connection: close Content-Type: text/html Date: Fri, 23 Jan 2026 00:50:25 GMT Server: Microsoft-IIS/10.0 Accept-Ranges: bytes ETag: "1dbaa639ec8b557" Last-Modified: Thu, 10 Apr 2025 21:57:58 GMT Set-Cookie: ARRAffinity=5001c3e97b76db33a84ea735581f73aa44e10b6230884b1617b0ead5366d7bfa;Path=/;HttpOnly;Secure;Domain=app-qa.canndeliv.com Set-Cookie: ARRAffinitySameSite=5001c3e97b76db33a84ea735581f73aa44e10b6230884b1617b0ead5366d7bfa;Path=/;HttpOnly;SameSite=None;Secure;Domain=app-qa.canndeliv.com Request-Context: appId= X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET Page title: CannDeliv <!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name="theme-color" content="#000000"><base href="/"/><link rel="manifest" href="/manifest.json"><link rel="shortcut icon" href="/cann-deliv.ico"><title>CannDeliv</title><script defer="defer" src="/static/js/main.c9732ea0.js"></script><link href="/static/css/main.f5b51404.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script src="/api/ClientConfig"></script></body></html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 52.233.38.143:443 · app-qa.canndeliv.com
2026-01-10 01:28
HTTP/1.1 200 OK Content-Length: 599 Connection: close Content-Type: text/html Date: Sat, 10 Jan 2026 01:29:36 GMT Server: Microsoft-IIS/10.0 Accept-Ranges: bytes ETag: "1dbaa639ec8b557" Last-Modified: Thu, 10 Apr 2025 21:57:58 GMT Set-Cookie: ARRAffinity=5001c3e97b76db33a84ea735581f73aa44e10b6230884b1617b0ead5366d7bfa;Path=/;HttpOnly;Secure;Domain=app-qa.canndeliv.com Set-Cookie: ARRAffinitySameSite=5001c3e97b76db33a84ea735581f73aa44e10b6230884b1617b0ead5366d7bfa;Path=/;HttpOnly;SameSite=None;Secure;Domain=app-qa.canndeliv.com Request-Context: appId= X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET Page title: CannDeliv <!doctype html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name="theme-color" content="#000000"><base href="/"/><link rel="manifest" href="/manifest.json"><link rel="shortcut icon" href="/cann-deliv.ico"><title>CannDeliv</title><script defer="defer" src="/static/js/main.c9732ea0.js"></script><link href="/static/css/main.f5b51404.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script src="/api/ClientConfig"></script></body></html>
Found 2026-01-10 by HttpPluginCreate report