Domain api-marketplace.alignxcel.com
United States
Software information
Microsoft-IIS 10.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.40.202.14
Domain: api-marketplace.alignxcel.com
Port: 443
URL: https://api-marketplace.alignxcel.comFirst seen 2026-01-06 07:29
Last seen 2026-02-01 23:23
Open for 26 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035498d360f87ca5c615fc89b6966645f99d19076d8daPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/AlignXcelRelease/file/{id} DELETE /api/AlignXcelRelease/{releaseId} DELETE /api/Assets/mapping/{mappingId} DELETE /api/ClientProcess/cart/remove DELETE /api/ClientProcess/configuration/ui/{id} DELETE /api/FAQ/mapping DELETE /api/License/license-type/{typeId} DELETE /api/Services/expenditure/{id} DELETE /api/Services/mappings/{id} DELETE /api/Ticket/comment/{commentId} DELETE /api/Ticket/file GET /api/AlignXcelMenu/category GET /api/AlignXcelMenu/process GET /api/AlignXcelMenu/process/{processId}/details GET /api/AlignXcelRelease GET /api/AlignXcelRelease/file/{releaseId} GET /api/AlignXcelRelease/{orgName} GET /api/Application GET /api/Application/task GET /api/Assets GET /api/Assets/{orgId} GET /api/Auth/token GET /api/BotImage GET /api/BotImage/images/available GET /api/BotImage/used/names GET /api/BotImage/{botImageId} GET /api/Category GET /api/ClientBot GET /api/ClientBot/used/licenses GET /api/ClientBot/used/names GET /api/ClientProcess GET /api/ClientProcess/cart GET /api/ClientProcess/implemented-process GET /api/ClientProcess/logs GET /api/ClientProcess/notes GET /api/ClientProcess/order GET /api/ClientProcess/order/details GET /api/ClientProcess/{clientProcessId}/configuration/ui GET /api/Comment GET /api/FAQ GET /api/FAQ/client GET /api/Holidays GET /api/Holidays/alignxcel GET /api/Invitation GET /api/Invitation/used/mails GET /api/License GET /api/License/expiration GET /api/License/license-type GET /api/LoginActivity GET /api/Mail GET /api/Organization GET /api/Organization/list GET /api/Process GET /api/Process/common GET /api/Process/top5 GET /api/Process/trial-version GET /api/Process/{processId} GET /api/Process/{processId}/feature GET /api/ProcessRequest GET /api/ProcessRequest/notes GET /api/Roles GET /api/Roles/all GET /api/Services GET /api/Services/cost-estimation/summary GET /api/Services/expenditure GET /api/Services/roi/export GET /api/Services/roi/summary GET /api/Ticket GET /api/Ticket/ticket-counts GET /api/Ticket/{ticketId} GET /api/UIpath/logs GET /api/UIpath/machine-status GET /api/UIpath/process-status GET /api/UIpath/process/long/running GET /api/UIpath/queues GET /api/UIpath/robot-status GET /api/UIpath/robot/all GET /api/UIpath/uipath-logs/process-history GET /api/UIpath/uipath-logs/process-history/dashboard GET /api/UIpath/uipath-logs/process-history/dashboard/details GET /api/UIpath/uipath-logs/task-history GET /api/UIpath/uipath/client/token GET /api/User GET /api/User/detail GET /api/UserQueries/query POST /api/AlignXcelMenu/bot-configuration POST /api/Auth/activedirectory/verify POST /api/Auth/forgot POST /api/Auth/login POST /api/Auth/register POST /api/Auth/resend POST /api/Auth/reset POST /api/Auth/verify POST /api/ClientBot/licenses POST /api/ClientProcess/cart/add POST /api/ClientProcess/{clientProcessId}/sub-process POST /api/FAQ/mapping/{faqMasterId} POST /api/Holidays/{holidayId}/client/mapping POST /api/Holidays/{uniqueId}/mapping POST /api/Roles/mapping/client POST /api/Roles/mapping/process POST /api/Services/mappings POST /api/Ticket/{ticketId}/comment POST /api/Ticket/{ticketId}/file POST /api/UIpath/process-kill/{orgId} POST /api/UIpath/robot/start POST /api/UIpath/uipath/register PUT /api/AlignXcelRelease/status/{releaseId} PUT /api/AlignXcelRelease/{id} PUT /api/Application/task/{id} PUT /api/Application/{id} PUT /api/Assets/{assetId} PUT /api/BotImage/status PUT /api/Category/status PUT /api/ClientBot/name PUT /api/ClientBot/picture PUT /api/ClientBot/status PUT /api/ClientProcess/status PUT /api/ClientProcess/sub-process/{subId} PUT /api/Holidays/{uniqueId} PUT /api/Organization/logo PUT /api/Process/feature PUT /api/Process/status PUT /api/ProcessRequest/status PUT /api/Services/{id} PUT /api/Ticket/comment PUT /api/Ticket/status PUT /api/User/organization PUT /api/User/reset PUT /api/User/role PUT /api/User/status PUT /api/UserQueries/replyFound on 2026-02-01 23:23
-
-
Open service 20.40.202.14:443 · api-marketplace.alignxcel.com
2026-01-22 12:02
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Thu, 22 Jan 2026 12:03:26 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=a9c8e483945d1a5af78cfed534c2a79faacfa09f84fd0491ebd8e1c19570a0ef;Path=/;HttpOnly;Secure;Domain=api-marketplace.alignxcel.com Set-Cookie: ARRAffinitySameSite=a9c8e483945d1a5af78cfed534c2a79faacfa09f84fd0491ebd8e1c19570a0ef;Path=/;HttpOnly;SameSite=None;Secure;Domain=api-marketplace.alignxcel.com Request-Context: appId=cid-v1:f03bd084-45cd-417e-9f6c-4c4b69d001c8 X-Powered-By: ASP.NET
Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.40.202.14:443 · api-marketplace.alignxcel.com
2026-01-10 01:31
HTTP/1.1 404 Not Found Content-Length: 0 Connection: close Date: Sat, 10 Jan 2026 01:32:48 GMT Server: Microsoft-IIS/10.0 Set-Cookie: ARRAffinity=55ac346bb24e41eac6ef87c567777bea4105147b9ce9ab5f4e8e1da64c6ac462;Path=/;HttpOnly;Secure;Domain=api-marketplace.alignxcel.com Set-Cookie: ARRAffinitySameSite=55ac346bb24e41eac6ef87c567777bea4105147b9ce9ab5f4e8e1da64c6ac462;Path=/;HttpOnly;SameSite=None;Secure;Domain=api-marketplace.alignxcel.com Request-Context: appId=cid-v1:f03bd084-45cd-417e-9f6c-4c4b69d001c8 X-Powered-By: ASP.NET
Found 2026-01-10 by HttpPluginCreate report