Domain woltgateway.egretail-test.cloud
The Netherlands
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 52.232.19.237
Domain: woltgateway.egretail-test.cloud
Port: 443
URL: https://woltgateway.egretail-test.cloudFirst seen 2026-01-02 17:36
Last seen 2026-02-16 09:57
Open for 44 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354911cf31c2eeca8a7deeca8a7deeca8a7deeca8a7dPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: POST /api/Callback POST /api/{tenantid}/CallbackFound on 2026-02-16 09:57
-
-
Open service 52.232.19.237:443 · woltgateway.egretail-test.cloud
2026-01-10 19:52
HTTP/1.1 200 OK Content-Length: 113 Connection: close Content-Type: text/html Date: Sat, 10 Jan 2026 19:53:18 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=7f7239abf5db7e95b2a9255d6ac069367692ee4f83addcdda7e3d2c6725b4272;Path=/;HttpOnly;Secure;Domain=woltgateway.egretail-test.cloud Set-Cookie: ARRAffinitySameSite=7f7239abf5db7e95b2a9255d6ac069367692ee4f83addcdda7e3d2c6725b4272;Path=/;HttpOnly;SameSite=None;Secure;Domain=woltgateway.egretail-test.cloud Strict-Transport-Security: max-age=31536000 Request-Context: appId=cid-v1:7b4fbc85-1c96-4a6d-94a2-39853f9676d6 X-Frame-Options: DENY X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin Content-Security-Policy: style-src 'self' 'nonce-0R07GbzMru0xMRJ4bj4bKfU/FfUHJucn/18RuS9TfzA='; script-src 'self' 'nonce-0R07GbzMru0xMRJ4bj4bKfU/FfUHJucn/18RuS9TfzA='; default-src 'none'; img-src 'self' data:; connect-src 'self' X-Powered-By: ASP.NET <html><body><p>Welcome to EG WoltGateway API!</p><a href='/swagger/index.html'>API documentation</a><body></html>
Found 2026-01-10 by HttpPluginCreate report
-
Open service 52.232.19.237:80 · woltgateway.egretail-test.cloud
2026-01-10 19:52
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Sat, 10 Jan 2026 19:53:18 GMT Location: https://woltgateway.egretail-test.cloud/
Found 2026-01-10 by HttpPluginCreate report
-
Open service 52.232.19.237:443 · woltgateway.egretail-test.cloud
2026-01-08 21:47
HTTP/1.1 200 OK Content-Length: 113 Connection: close Content-Type: text/html Date: Thu, 08 Jan 2026 21:48:49 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=706b0af13b6227f297cd15ff65c4e61a976dcb5b47587d1e9df63111ba59ae96;Path=/;HttpOnly;Secure;Domain=woltgateway.egretail-test.cloud Set-Cookie: ARRAffinitySameSite=706b0af13b6227f297cd15ff65c4e61a976dcb5b47587d1e9df63111ba59ae96;Path=/;HttpOnly;SameSite=None;Secure;Domain=woltgateway.egretail-test.cloud Strict-Transport-Security: max-age=31536000 Request-Context: appId=cid-v1:7b4fbc85-1c96-4a6d-94a2-39853f9676d6 X-Frame-Options: DENY X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: strict-origin-when-cross-origin Content-Security-Policy: style-src 'self' 'nonce-TNQbdOZL1P6YWJbYmjCI5AyiUdPUZ7kYXfNFPvGu9nc='; script-src 'self' 'nonce-TNQbdOZL1P6YWJbYmjCI5AyiUdPUZ7kYXfNFPvGu9nc='; default-src 'none'; img-src 'self' data:; connect-src 'self' X-Powered-By: ASP.NET <html><body><p>Welcome to EG WoltGateway API!</p><a href='/swagger/index.html'>API documentation</a><body></html>
Found 2026-01-08 by HttpPluginCreate report