Domain servicesapi-test.questel.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 104.18.7.185
Domain: servicesapi-test.questel.com
Port: 443
URL: https://servicesapi-test.questel.comFirst seen 2025-11-18 07:06
Last seen 2026-02-09 23:17
Open for 83 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d604dc55fe510cf6cab326447c50536aac9679ff8cePublic Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: DELETE /api/v{version}/webhooks/{eventType} GET /api/v{version}/apilogging/all-logs GET /api/v{version}/apilogging/client-logs GET /api/v{version}/apilogging/logs GET /api/v{version}/estimates/{estimateId} GET /api/v{version}/files/{fileType}/{fileId} GET /api/v{version}/ip-assets/{assetId} GET /api/v{version}/ip-assets/{assetId}/orders GET /api/v{version}/orders/{orderId} GET /api/v{version}/projects/{projectId} GET /api/v{version}/reference-values/applicant-designated-states GET /api/v{version}/reference-values/applicants GET /api/v{version}/reference-values/case-managers GET /api/v{version}/reference-values/countries GET /api/v{version}/reference-values/delivery-agents GET /api/v{version}/reference-values/drafting-agents GET /api/v{version}/reference-values/jurisdictions GET /api/v{version}/reference-values/project-types GET /api/v{version}/reference-values/project-types/{serviceType}/workflows GET /api/v{version}/reference-values/prosecuting-agents/{countryCode} GET /api/v{version}/reference-values/source-locales GET /api/v{version}/reference-values/unitary-patent-translationlanguages GET /api/v{version}/status GET /api/v{version}/webhooks GET /api/v{version}/webhooks/alllogs GET /api/v{version}/webhooks/logs POST /api/v{version}/authtoken POST /api/v{version}/estimates POST /api/v{version}/estimates/{estimateId}/convert POST /api/v{version}/ip-assets POST /api/v{version}/ip-assets/portfolio-load POST /api/v{version}/ip-assets/{assetId}/abandon POST /api/v{version}/ip-assets/{assetId}/hold POST /api/v{version}/ip-assets/{assetId}/renew POST /api/v{version}/projects POST /api/v{version}/projects/{projectId}/cancelFound on 2026-02-09 23:17 -
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d604dc55fe510cf6cab326447c50536aac94d88e116Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: DELETE /api/v{version}/webhooks/{eventType} GET /api/v{version}/apilogging/all-logs GET /api/v{version}/apilogging/client-logs GET /api/v{version}/apilogging/logs GET /api/v{version}/estimates/{estimateId} GET /api/v{version}/files/{fileType}/{fileId} GET /api/v{version}/ip-assets/{assetId} GET /api/v{version}/ip-assets/{assetId}/orders GET /api/v{version}/orders/{orderId} GET /api/v{version}/projects/{projectId} GET /api/v{version}/reference-values/applicants GET /api/v{version}/reference-values/case-managers GET /api/v{version}/reference-values/countries GET /api/v{version}/reference-values/delivery-agents GET /api/v{version}/reference-values/drafting-agents GET /api/v{version}/reference-values/jurisdictions GET /api/v{version}/reference-values/project-types GET /api/v{version}/reference-values/project-types/{serviceType}/workflows GET /api/v{version}/reference-values/prosecuting-agents/{countryCode} GET /api/v{version}/reference-values/source-locales GET /api/v{version}/reference-values/unitary-patent-translationlanguages GET /api/v{version}/status GET /api/v{version}/webhooks GET /api/v{version}/webhooks/alllogs GET /api/v{version}/webhooks/logs POST /api/v{version}/authtoken POST /api/v{version}/estimates POST /api/v{version}/estimates/{estimateId}/convert POST /api/v{version}/ip-assets POST /api/v{version}/ip-assets/portfolio-load POST /api/v{version}/ip-assets/{assetId}/abandon POST /api/v{version}/ip-assets/{assetId}/hold POST /api/v{version}/ip-assets/{assetId}/renew POST /api/v{version}/projects POST /api/v{version}/projects/{projectId}/cancelFound on 2026-01-02 17:15
-
-
Open service 104.18.7.185:443 ยท servicesapi-test.questel.com
2026-01-23 15:29
HTTP/1.1 404 Not Found Date: Fri, 23 Jan 2026 15:29:59 GMT Content-Length: 0 Connection: close CF-RAY: 9c28546adc1e5c5c-FRA X-StackifyID: V2|28afb14a-dc53-4a4c-a4ea-510908682e17|C0|CD0 correlation-id: 24af348c-bc4b-421d-8361-009497065951 Strict-Transport-Security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC speculation-rules: "/cdn-cgi/speculation" Server: cloudflare alt-svc: h3=":443"; ma=86400
Found 2026-01-23 by HttpPluginCreate report