LeakIX - Host hsapi.quinstreet.com

Domain hsapi.quinstreet.com

CLOUDFLARENET

Software information

cloudflare

tcp/443 tcp/80 tcp/8443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 104.18.36.83
Domain: hsapi.quinstreet.com
Port: 80
URL: http://hsapi.quinstreet.com

First seen 2026-01-12 23:14
Last seen 2026-01-22 21:43
Open for 9 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1b6e67656b6e67656b6e67656b6e67656b6e67656b6e67656
```
Public Swagger UI/API detected at path: /swagger-ui.html
```
  Found on 2026-01-22 21:43
Create report

Open service 104.18.36.83:80 · hsapi.quinstreet.com

2026-01-22 21:43

HTTP/1.1 200 OK
Date: Thu, 22 Jan 2026 21:43:40 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: close
CF-RAY: 9c223a6aabc2f666-LHR
Vary: Accept-Encoding
Cache-Control: public
Set-Cookie: JSESSIONID=E39F93AEFA5E95214F713F423247B5BB.lvapp03-tcall; Path=/; Secure; HttpOnly; SameSite=None; Secure;
Set-Cookie: DC=LVDC; path=/;HttpOnly;; SameSite=None; Secure;
Set-Cookie: __cf_bm=Ds_pBYGqNeqvARU.nQZ1W6oxKqHxgV9ze5x.PEKKakY-1769118220-1.0.1.1-fkkB_s.oWLw.BkHoegkrnohszXsDK0j.QVLfUimApfHEbeOqs1xMPDbRHFQTwHf8NFbFpZcnmkGQfZMnYxNqqpdAeIz0ZYYVVgXBS78EKYA; path=/; expires=Thu, 22-Jan-26 22:13:40 GMT; domain=.quinstreet.com; HttpOnly
Set-Cookie: _cfuvid=MF7rwrKQkSU7tBWsbpou6TVyTQsUNOXqiP9f2oUfYq0-1769118220131-0.0.1.1-604800000; path=/; domain=.quinstreet.com; HttpOnly
Content-Security-Policy: default-src 'self'
Cteonnt-Length: 55
Strict-Transport-Security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
alt-svc: h3=":443"; ma=86400


Arrived in the hsleadgensites folder somthing is fishy

Found 2026-01-22 by HttpPlugin

Create report

Open service 172.64.151.173:8443 · hsapi.quinstreet.com

2026-01-12 23:14
Found 2026-01-12 by HttpPlugin
Create report

Open service 172.64.151.173:80 · hsapi.quinstreet.com

2026-01-12 23:14

HTTP/1.1 200 OK
Date: Mon, 12 Jan 2026 23:14:46 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: close
CF-RAY: 9bd05a1efedaac8d-YYZ
cf-cache-status: DYNAMIC
Vary: Accept-Encoding
Cache-Control: public
Set-Cookie: JSESSIONID=1E952023DF4B1C904AF6F8E5E9659F7B.lvapp03-tcall; Path=/; Secure; HttpOnly; SameSite=None; Secure;
Set-Cookie: DC=LVDC; path=/;HttpOnly;; SameSite=None; Secure;
Set-Cookie: __cf_bm=5JUaH5WaNt8G0upe0uO9lQLVK.Dv3qvGDynynQ3K9UA-1768259686-1.0.1.1-ZXRzBM6QdVzKOBbBBq7er08JxLAtMU9hCGsjcSqrzGAHmcC_sbvtci.905ccypImUNCNpzivTcsIufsCzc9Ewz7N3i8uyNHBII2SxyG9N1Y; path=/; expires=Mon, 12-Jan-26 23:44:46 GMT; domain=.quinstreet.com; HttpOnly
Content-Security-Policy: default-src 'self'
Cteonnt-Length: 55
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: cloudflare
alt-svc: h3=":443"; ma=86400


Arrived in the hsleadgensites folder somthing is fishy

Found 2026-01-12 by HttpPlugin

Create report

Open service 104.18.36.83:80 · hsapi.quinstreet.com

2026-01-12 23:14

HTTP/1.1 200 OK
Date: Mon, 12 Jan 2026 23:14:46 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: close
CF-RAY: 9bd05a202a138d3f-EWR
Vary: Accept-Encoding
Cache-Control: public
Set-Cookie: JSESSIONID=F2112E14DB53F1EF35CAC2188BF6D722.lvapp03-tcall; Path=/; Secure; HttpOnly; SameSite=None; Secure;
Set-Cookie: DC=LVDC; path=/;HttpOnly;; SameSite=None; Secure;
Set-Cookie: __cf_bm=ZZSQ6tB6aAnq6T.Ux.yCU.Hu1Z_M07NRkZufSSHGCCo-1768259686-1.0.1.1-aqwaaBHh_Sq6WKuepVBMN1xiCUIsGDQNPBx4_7pHRv0z6.aEZ2DIaRhTefzPvyRp_3qBVx5F3ZkYnW7ePr_hQUhjFOv2_PlUzdlm7KJOfW4; path=/; expires=Mon, 12-Jan-26 23:44:46 GMT; domain=.quinstreet.com; HttpOnly
Content-Security-Policy: default-src 'self'
Cteonnt-Length: 55
Strict-Transport-Security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
alt-svc: h3=":443"; ma=86400


Arrived in the hsleadgensites folder somthing is fishy

Found 2026-01-12 by HttpPlugin

Create report

Open service 104.18.36.83:8443 · hsapi.quinstreet.com

2026-01-12 23:14

HTTP/1.1 403 Forbidden
Date: Mon, 12 Jan 2026 23:14:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=1DUS3ojb5z63y.5IjNH9T0Pj5vXG9UL1wJkW8bQAZ9U-1768259686-1.0.1.1-XbSFJQON5ojSy20lnnisF9h18FLiLmNu5cr7AtAbMf0ePCigvBaxlmIDZWaRcXRhGfzpkvTzP9NQ0eqFhOJHUSeMviydcik0ji2O_KFmepA; path=/; expires=Mon, 12-Jan-26 23:44:46 GMT; domain=.quinstreet.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 9bd05a1db8673a8b-FRA
alt-svc: h3=":8443"; ma=86400

Page title: Attention Required! | Cloudflare

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>


<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->


</head>
<body>
  <div id="cf-wrapper">
    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> quinstreet.com</h2>
      </div><!-- /.header -->

      <div class="cf-section cf-highlight">
        <div class="cf-wrapper">
          <div class="cf-screenshot-container cf-screenshot-full">
            
              <span class="cf-no-screenshot error"></span>
            
          </div>
        </div>
      </div><!-- /.captcha-container -->

      <div class="cf-section cf-wrapper">
        <div class="cf-columns two">
          <div class="cf-column">
            <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

            <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
          </div>

          <div class="cf-column">
            <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

            <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
          </div>
        </div>
      </div><!-- /.section -->

      <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
  <p class="text-13">
    <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">9bd05a1db8673a8b</strong></span>
    <span class="cf-footer-separator sm:hidden">&bull;</span>
    <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1">
      Your IP:
      <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button>
      <span class="hidden" id="cf-footer-ip">164.90.228.79</span>
      <span class="cf-footer-separator sm:hidden">&bull;</span>
    </span>
    <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span>
    
  </p>
  <script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classL

Found 2026-01-12 by HttpPlugin

Create report

Open service 104.18.36.83:443 · hsapi.quinstreet.com

2026-01-12 23:14

HTTP/1.1 403 Forbidden
Date: Mon, 12 Jan 2026 23:14:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=.tW7bO4wJG9reIjWchPE84LEaVskRcImKj8qiwsEReI-1768259686-1.0.1.1-puw7nmBKdjP.Jr0SOzsoN9kP.e1jyJg3.kBIKxVpVvS3nV1xaY7LFcHyl4rS_YSbL9QgIajjClPLWP37OWBTrUKWsMGVTVPIKQu81R6YJo0; path=/; expires=Mon, 12-Jan-26 23:44:46 GMT; domain=.quinstreet.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 9bd05a1d88d6dc50-FRA
alt-svc: h3=":443"; ma=86400

Page title: Attention Required! | Cloudflare

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>


<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->


</head>
<body>
  <div id="cf-wrapper">
    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> quinstreet.com</h2>
      </div><!-- /.header -->

      <div class="cf-section cf-highlight">
        <div class="cf-wrapper">
          <div class="cf-screenshot-container cf-screenshot-full">
            
              <span class="cf-no-screenshot error"></span>
            
          </div>
        </div>
      </div><!-- /.captcha-container -->

      <div class="cf-section cf-wrapper">
        <div class="cf-columns two">
          <div class="cf-column">
            <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

            <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
          </div>

          <div class="cf-column">
            <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

            <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
          </div>
        </div>
      </div><!-- /.section -->

      <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
  <p class="text-13">
    <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">9bd05a1d88d6dc50</strong></span>
    <span class="cf-footer-separator sm:hidden">&bull;</span>
    <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1">
      Your IP:
      <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button>
      <span class="hidden" id="cf-footer-ip">159.89.12.166</span>
      <span class="cf-footer-separator sm:hidden">&bull;</span>
    </span>
    <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span>
    
  </p>
  <script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classL

Found 2026-01-12 by HttpPlugin

Create report

Open service 172.64.151.173:443 · hsapi.quinstreet.com

2026-01-12 23:14

HTTP/1.1 403 Forbidden
Date: Mon, 12 Jan 2026 23:14:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Set-Cookie: __cf_bm=vcAb.GhVe8AiX6J2gecHnFIGAUYxO8ZkGO29epbftJs-1768259686-1.0.1.1-7GNpxgrVjyhNjhlIxU_AEAvBtLBdQV.vR5TY4L8sClN7L.TQeXh9ggOwjNj0yvZ1wJwEQTtuncMO2E0UwU9HqEfgE7JdbYkyd4NXmaRotbQ; path=/; expires=Mon, 12-Jan-26 23:44:46 GMT; domain=.quinstreet.com; HttpOnly; Secure; SameSite=None
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 9bd05a1d7f291a86-FRA
alt-svc: h3=":443"; ma=86400

Page title: Attention Required! | Cloudflare

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]>    <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]>    <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Attention Required! | Cloudflare</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]-->
<style>body{margin:0;padding:0}</style>


<!--[if gte IE 10]><!-->
<script>
  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }
</script>
<!--<![endif]-->


</head>
<body>
  <div id="cf-wrapper">
    <div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
    <div id="cf-error-details" class="cf-error-details-wrapper">
      <div class="cf-wrapper cf-header cf-error-overview">
        <h1 data-translate="block_headline">Sorry, you have been blocked</h1>
        <h2 class="cf-subheadline"><span data-translate="unable_to_access">You are unable to access</span> quinstreet.com</h2>
      </div><!-- /.header -->

      <div class="cf-section cf-highlight">
        <div class="cf-wrapper">
          <div class="cf-screenshot-container cf-screenshot-full">
            
              <span class="cf-no-screenshot error"></span>
            
          </div>
        </div>
      </div><!-- /.captcha-container -->

      <div class="cf-section cf-wrapper">
        <div class="cf-columns two">
          <div class="cf-column">
            <h2 data-translate="blocked_why_headline">Why have I been blocked?</h2>

            <p data-translate="blocked_why_detail">This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.</p>
          </div>

          <div class="cf-column">
            <h2 data-translate="blocked_resolve_headline">What can I do to resolve this?</h2>

            <p data-translate="blocked_resolve_detail">You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.</p>
          </div>
        </div>
      </div><!-- /.section -->

      <div class="cf-error-footer cf-wrapper w-240 lg:w-full py-10 sm:py-4 sm:px-8 mx-auto text-center sm:text-left border-solid border-0 border-t border-gray-300">
  <p class="text-13">
    <span class="cf-footer-item sm:block sm:mb-1">Cloudflare Ray ID: <strong class="font-semibold">9bd05a1d7f291a86</strong></span>
    <span class="cf-footer-separator sm:hidden">&bull;</span>
    <span id="cf-footer-item-ip" class="cf-footer-item hidden sm:block sm:mb-1">
      Your IP:
      <button type="button" id="cf-footer-ip-reveal" class="cf-footer-ip-reveal-btn">Click to reveal</button>
      <span class="hidden" id="cf-footer-ip">139.59.136.184</span>
      <span class="cf-footer-separator sm:hidden">&bull;</span>
    </span>
    <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &amp; security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span>
    
  </p>
  <script>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.class

Found 2026-01-12 by HttpPlugin

Create report

hsapi.quinstreet.com

Fingerprint:

b4d9b6f14ddb6af1b5333534cb58749e63230911dc9a6ae546138826cbd6c58e

CN:

hsapi.quinstreet.com

Key:

ECDSA-256

Issuer:

WE1

Not before:

2026-01-12 22:14

Not after:

2026-04-12 23:14

Domain summary

hsapi.quinstreet.com 7

1 recorded

IP summary

104.18.36.83 1 172.64.151.173 1

2 recorded

Domain hsapi.quinstreet.com

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

Create report

Create report

hsapi.quinstreet.com

Domain summary

IP summary