LeakIX - Host api.fund-match.com

Domain api.fund-match.com

United States

AMAZON-02

Software information

Heroku

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 13.248.132.87
Domain: api.fund-match.com
Port: 443
URL: https://api.fund-match.com

First seen 2025-10-21 02:42
Last seen 2026-01-09 05:40
Open for 80 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109
```
Public Swagger UI/API detected at path: /api-docs/swagger.json
```
  Found on 2026-01-09 05:40
Create report

Open service 13.248.132.87:443 · api.fund-match.com

2026-01-09 05:40

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 21
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jan 2026 05:40:56 GMT
Etag: W/"15-hwQxa1jApLUVrUlFVTq00raiOJQ"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=iY7IH0cqJfTvXuV5YXFdAv6LeLo7SsEefPB7zaF%2Bkuo%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767937256"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=iY7IH0cqJfTvXuV5YXFdAv6LeLo7SsEefPB7zaF%2Bkuo%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767937256"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Howdy, Space Cowboys!

Found 2026-01-09 by HttpPlugin

Create report

Open service 13.248.132.87:443 · api.fund-match.com

2026-01-02 04:56

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 21
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jan 2026 04:56:02 GMT
Etag: W/"15-hwQxa1jApLUVrUlFVTq00raiOJQ"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=hy59PJC%2FGBBqVUxOqnmArU%2F5Ab2rvVRjfG8EGFJ90uM%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767329762"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=hy59PJC%2FGBBqVUxOqnmArU%2F5Ab2rvVRjfG8EGFJ90uM%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767329762"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Howdy, Space Cowboys!

Found 2026-01-02 by HttpPlugin

Create report

Open service 13.248.132.87:443 · api.fund-match.com

2025-12-22 17:14

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 21
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Dec 2025 17:14:05 GMT
Etag: W/"15-hwQxa1jApLUVrUlFVTq00raiOJQ"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=2%2FBOMeNL%2BzUsoqy3rY1FlkSypgEEhjg2isnZJP8HjIk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766423645"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=2%2FBOMeNL%2BzUsoqy3rY1FlkSypgEEhjg2isnZJP8HjIk%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766423645"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Howdy, Space Cowboys!

Found 2025-12-22 by HttpPlugin

Create report

Open service 13.248.132.87:443 · api.fund-match.com

2025-12-20 14:08

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Length: 21
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Dec 2025 14:08:25 GMT
Etag: W/"15-hwQxa1jApLUVrUlFVTq00raiOJQ"
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Q%2FkUvLZ3YiVmUNU08QJnm%2FotgzKp%2BS4TuMrEbA5V8TU%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766239705"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Q%2FkUvLZ3YiVmUNU08QJnm%2FotgzKp%2BS4TuMrEbA5V8TU%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766239705"
Server: Heroku
Via: 1.1 heroku-router
X-Powered-By: Express
Connection: close


Howdy, Space Cowboys!

Found 2025-12-20 by HttpPlugin

Create report

api.fund-match.com

Fingerprint:

21d14d232ed6c17eeddf4922e15758e5d3447752b279938291e66178fc891d76

CN:

api.fund-match.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-10 23:26

Not after:

2026-03-10 23:26

Domain summary

api.fund-match.com 4

1 recorded

IP summary

13.248.132.87 2

1 recorded

Domain api.fund-match.com

United States

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

api.fund-match.com

Domain summary

IP summary