LeakIX - Host powertools.fosterandpartners.com

Domain powertools.fosterandpartners.com

United Kingdom

MICROSOFT-CORP-MSN-AS-BLOCK

Software information

Kestrel Kestrel

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.90.134.32
Domain: api.powertools.fosterandpartners.com
Port: 443
URL: https://api.powertools.fosterandpartners.com

First seen 2026-01-12 10:42
Last seen 2026-01-16 16:52
Open for 4 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549bd36483b208c0743b913ffb96bf877a4afb5c70c
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/addins/published
GET /api/applications/published
GET /api/cores/current
GET /api/dynamo-package/current
GET /api/news
GET /api/news/{id}
```
  Found on 2026-01-16 16:52
Create report

Open service 20.90.134.32:443 · powertools.fosterandpartners.com

2026-01-12 23:54

HTTP/1.1 302 Found
Content-Length: 0
Connection: close
Date: Mon, 12 Jan 2026 23:55:46 GMT
Server: Kestrel
Location: https://login.microsoftonline.com/3f9427d9-7547-40a7-a806-7d766f9465af/oauth2/v2.0/authorize?client_id=d11197c9-56c7-4282-8da2-c62ec611d99e&redirect_uri=https%3A%2F%2Fpowertools.fosterandpartners.com%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=639038589470270135.M2NhNDcwOWQtMjE5MC00OGJiLTgwYWEtYmIxMzYxNDY3M2E3NmMzMTNlMGUtYTc5Zi00MzMzLThlYzQtYTI4ODI3ZjU0ZTUy&client_info=1&x-client-brkrver=IDWeb.2.12.4.0&state=CfDJ8ARJ8sEtTZROt0MLTjW_PV1_pFtiAMF5KvII252CJy1e5tlcMryegtWiXEYGmVF2cEmqVAr2xyIs8De2L_D_fq3C9o_JKzy61krt-fiOF7XSHNdWkgnywkn8_4gsm7IUmv2nr7A6lanfutJhlV5Di2WvpOhocwgJ1C2NohKaI34z4h8iXooBfvy8PU4JR9BlR6ASo2eZli_nQkiP6ECdBtQyTdiTvYlkR-pLo0uuJhihvpV2-TM_K7p02jv3SZd7nuErWa3hIRLtgugJlas0TuUzLFerh-MKD7vckK5ey_hUOD18OU5t2E77QHp0WxtcDg&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8ARJ8sEtTZROt0MLTjW_PV2eHZyK9E9TERW_BrQ3hKXCcHtpXPJMjF89K7h-ZxGhaiftBPWil3LBiOO5qG5V8tQjZMhPR7h-ABdGoKTajbNH9_XwtQqntJzh9ZN9dsRBHwFlwqChZkRggR7aKHT-5Ob9w9UA8Lrpox8vevv7VufOrZA0TLAYAitBhJSkS36L7BTaGPnLLqhWfLVRt1ht_YLYpohMihM6zM_WFzRye-5-VgjrdNJfUfnvSuQQ2t_LNDQph5ZwjEkNmijVrgWn7Js=N; expires=Tue, 13 Jan 2026 00:10:47 GMT; path=/signin-oidc; secure; samesite=none; httponly
Set-Cookie: .AspNetCore.Correlation.SMnQgvvDHsjgtX9BhoPqVuoCPbajkg0sQ8fqMSRGMaU=N; expires=Tue, 13 Jan 2026 00:10:47 GMT; path=/signin-oidc; secure; samesite=none; httponly
Strict-Transport-Security: max-age=2592000
Request-Context: appId=cid-v1:aa3911e6-c90f-4654-9a25-733701ff08fb

Found 2026-01-12 by HttpPlugin

Create report

Open service 20.90.134.32:80 · powertools.fosterandpartners.com

2026-01-12 23:54

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Mon, 12 Jan 2026 23:55:45 GMT
Location: https://powertools.fosterandpartners.com/

Found 2026-01-12 by HttpPlugin

Create report

Open service 20.90.134.32:443 · api.powertools.fosterandpartners.com

2026-01-12 10:42

HTTP/1.1 404 Not Found
Content-Length: 0
Connection: close
Date: Mon, 12 Jan 2026 10:43:50 GMT
Server: Kestrel
Request-Context: appId=cid-v1:aa3911e6-c90f-4654-9a25-733701ff08fb

Found 2026-01-12 by HttpPlugin

Create report

Open service 20.90.134.32:80 · api.powertools.fosterandpartners.com

2026-01-12 10:42

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Mon, 12 Jan 2026 10:43:48 GMT
Location: https://api.powertools.fosterandpartners.com/

Found 2026-01-12 by HttpPlugin

Create report

powertools.fosterandpartners.com

Fingerprint:

da09672fa13be2a7f70eac6bdcbe159f2414d463f1bef03ab162a01b00037c2f

CN:

powertools.fosterandpartners.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-08-24 00:00

Not after:

2026-02-24 23:59

api.powertools.fosterandpartners.com

Fingerprint:

2769947ac1513645ebd44cbb6b4ce60decb74c351e7374fe5099fd17f6cc8576

CN:

api.powertools.fosterandpartners.com

Key:

RSA-2048

Issuer:

GeoTrust Global TLS RSA4096 SHA256 2022 CA1

Not before:

2025-08-24 00:00

Not after:

2026-02-24 23:59

Domain summary

api.powertools.fosterandpartners.com 2 powertools.fosterandpartners.com 1

2 recorded

IP summary

20.90.134.32 4

1 recorded

Domain powertools.fosterandpartners.com

United Kingdom

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

powertools.fosterandpartners.com

api.powertools.fosterandpartners.com

Domain summary

IP summary