LeakIX - Host ostfoldfk.isypo-api.net

Domain ostfoldfk.isypo-api.net

The Netherlands

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Microsoft-IIS 10.0

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.69.68.16
Domain: ostfoldfk.isypo-api.net
Port: 443
URL: https://ostfoldfk.isypo-api.net

First seen 2026-01-11 02:57
Last seen 2026-02-16 04:09
Open for 36 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354925f45346fdb2ee6228c03f01bbc87006e9a5bed0

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/CheckThatObjectExists
GET /api/Addendum/GetAddendumTypes
GET /api/Addendum/GetAddendumValues
GET /api/Addendum/GetTestUpdateValue
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractNumbers
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Addendum/UpdateAddendumValues
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-02-16 04:09

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549afcc8a85ca52c4b1b5c6e0d338f1154eb862cc4c

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Addendum/GetAddendumTypes
GET /api/Budget/IncludeRetainedAndAdvance/{projectNumber}/{revisionType}
GET /api/Budget/{projectNumber}/{revisionType}
GET /api/Contract/GetAllContractsForProject/{projectRec}
GET /api/Contract/GetAllContractsForProjectNumber/{projectNumber}
GET /api/Contract/GetChange/{contractRec}
GET /api/Contract/GetChange/{projectNumber}/Changes/{contractId}
GET /api/Contract/GetContract/{contractRec}
GET /api/Contract/GetContract/{projectNumber}/Contracts/{contractId}
GET /api/Contract/GetContractStandards
GET /api/Contract/GetContractTypesForProject/{projectRec}
GET /api/Contract/GetContractsUnderBudgetsForProject/{projectRec}
GET /api/Contract/GetDisposal/{projectNumber}/Disposals/{contractId}
GET /api/IsyTime/GetActivitiesWithAddendums
GET /api/IsyTime/GetAllUsersFlex
GET /api/IsyTime/GetTimeAccountingData
GET /api/Project/GetProjectByRec/{projectRec}
GET /api/Project/GetProjectUsers/{projectRec}
GET /api/Project/GetProjectUsersByProjectNumber/{projectNumber}
GET /api/Project/GetProjects
GET /api/Project/GetReportPeriodStatus/{projectRec}
GET /api/Project/GetTemplates
GET /api/Project/{projectNumber}
GET /api/Statsbygg/Erfaringsdata
GET /api/Statsbygg/Prosjektdata
GET /api/Test
GET /api/Test/environmentName
GET /api/Test/error
GET /api/Test/exception
GET /api/Test/greeting
GET /api/Test/isdevelopment
GET /api/Test/ok
GET /api/Test/version
GET /api/TransferStatus/GetContractsReadyForTransfer
GET /api/TransferStatus/GetObjectsReadyForTransfer/{integrationKey}
GET /api/XPDB/Phase
GET /api/XPDB/Phase/{phaseRec}
GET /api/XpDb
GET /api/XpDb/GetPriceIndexes
GET /api/scim/ResourceTypes
GET /api/scim/Schemas
GET /api/scim/ServiceProviderConfig
GET /api/scim/Users
GET /api/scim/Users/{userId}
POST /api/Contract/CreateChange
POST /api/Framsikt/GetForecast
POST /api/Invoice
POST /api/LegacyInvoice
POST /api/Portfolio/GetPortfolioData
POST /api/Project
POST /api/Project/ChangeProjectNumberValidation/{projectNumber}
POST /api/Project/GetReportPeriod
POST /api/Project/ProjectValidation
POST /api/Project/UpdateProjectValidation/{projectNumber}
POST /api/TransferStatus/MarkContractAsTransferred/{contractRec}
POST /api/TransferStatus/SetTransferStatusForObject
PUT /api/Contract/CreateOrUpdateChange/{uniqueExternalRef}
PUT /api/Contract/UpdateChange
PUT /api/Project/ChangeProjectNumber/{projectNumber}

Found on 2026-01-22 23:13

Create report

Open service 13.69.68.16:443 · ostfoldfk.isypo-api.net

2026-01-22 23:13

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Thu, 22 Jan 2026 23:14:27 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=744bf7d86b111dfb62253afa00b463546c39eeb286762da577b21431e8171f1a;Path=/;HttpOnly;Secure;Domain=ostfoldfk.isypo-api.net
Set-Cookie: ARRAffinitySameSite=744bf7d86b111dfb62253afa00b463546c39eeb286762da577b21431e8171f1a;Path=/;HttpOnly;SameSite=None;Secure;Domain=ostfoldfk.isypo-api.net
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:eec0760a-b065-4407-bf81-a3d56b9842b7
X-Powered-By: ASP.NET

Found 2026-01-22 by HttpPlugin

Create report

Open service 13.69.68.16:443 · ostfoldfk.isypo-api.net

2026-01-11 02:57

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Sun, 11 Jan 2026 02:58:13 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=744bf7d86b111dfb62253afa00b463546c39eeb286762da577b21431e8171f1a;Path=/;HttpOnly;Secure;Domain=ostfoldfk.isypo-api.net
Set-Cookie: ARRAffinitySameSite=744bf7d86b111dfb62253afa00b463546c39eeb286762da577b21431e8171f1a;Path=/;HttpOnly;SameSite=None;Secure;Domain=ostfoldfk.isypo-api.net
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:eec0760a-b065-4407-bf81-a3d56b9842b7
X-Powered-By: ASP.NET

Found 2026-01-11 by HttpPlugin

Create report

Open service 13.69.68.16:80 · ostfoldfk.isypo-api.net

2026-01-11 02:57

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sun, 11 Jan 2026 02:58:12 GMT
Location: https://ostfoldfk.isypo-api.net/

Found 2026-01-11 by HttpPlugin

Create report

ostfoldfk.isypo-api.net

Fingerprint:

82b1635eaadd09e6d64f48f99b9dd1c2f497f4b98e6c7b315b79b4f37a6d1fc4

CN:

ostfoldfk.isypo-api.net

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2026-01-11 00:00

Not after:

2026-04-14 23:59

ostfoldfk.isypo-api.net

Fingerprint:

f653d167efbc51bb16fb60f9f215a659b7b3b108fe724135f54ec1b5bc4e59e5

CN:

ostfoldfk.isypo-api.net

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-08-23 00:00

Not after:

2026-02-23 23:59

Domain summary

ostfoldfk.isypo-api.net 4

1 recorded

IP summary

13.69.68.16 2

1 recorded