LeakIX - Host app.getkompany.com

Domain app.getkompany.com

United States

RAILWAY

Software information

railway-edge

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 66.33.22.240
Domain: app.getkompany.com
Port: 443
URL: https://app.getkompany.com

First seen 2025-12-03 20:45
Last seen 2026-01-10 01:08
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-10 01:08
Create report

Open service 66.33.22.240:443 · app.getkompany.com

2026-01-10 01:08

HTTP/1.1 302 Found
Content-Length: 0
Content-Security-Policy: object-src 'none'; form-action 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com; frame-ancestors 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com;
Date: Sat, 10 Jan 2026 01:09:02 GMT
Location: /swagger
Server: railway-edge
X-Content-Type-Options: nosniff
X-Correlation-Id: 7217f94bc35a420a9a2969a37040ea1b
X-Railway-Edge: railway/asia-southeast1-eqsg3a
X-Railway-Request-Id: mp_5I7JQRSi4x5L-acI7Nw
X-Xss-Protection: 1; mode=block
Connection: close

Found 2026-01-10 by HttpPlugin

Create report

Open service 66.33.22.240:443 · app.getkompany.com

2026-01-02 18:33

HTTP/1.1 302 Found
Content-Length: 0
Content-Security-Policy: object-src 'none'; form-action 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com; frame-ancestors 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com;
Date: Fri, 02 Jan 2026 18:33:21 GMT
Location: /swagger
Server: railway-edge
X-Content-Type-Options: nosniff
X-Correlation-Id: 12317894c5ab4e59a3bd7975f4afca0a
X-Railway-Edge: railway/us-east4-eqdc4a
X-Railway-Request-Id: HXmj5BTCQpqaUwhIozsQ6Q
X-Xss-Protection: 1; mode=block
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

Open service 66.33.22.240:443 · app.getkompany.com

2025-12-22 23:43

HTTP/1.1 302 Found
Content-Length: 0
Content-Security-Policy: object-src 'none'; form-action 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com; frame-ancestors 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com;
Date: Mon, 22 Dec 2025 23:43:51 GMT
Location: /swagger
Server: railway-edge
X-Content-Type-Options: nosniff
X-Correlation-Id: 7a84aa359266417fa0122dbf8b7bb6a5
X-Railway-Edge: railway/us-east4-eqdc4a
X-Railway-Request-Id: soX5hZ4yTQSyJ9wCPvyhXg
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-22 by HttpPlugin

Create report

Open service 66.33.22.240:443 · app.getkompany.com

2025-12-21 07:32

HTTP/1.1 302 Found
Content-Length: 0
Content-Security-Policy: object-src 'none'; form-action 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com; frame-ancestors 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com;
Date: Sun, 21 Dec 2025 07:32:38 GMT
Location: /swagger
Server: railway-edge
X-Content-Type-Options: nosniff
X-Correlation-Id: 78e7c00f72fe45a5a5e28c61e5064a0b
X-Railway-Edge: railway/europe-west4-drams3a
X-Railway-Request-Id: XjjxflTbS0yYKdZhm3z_FQ
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-21 by HttpPlugin

Create report

Open service 66.33.22.240:443 · app.getkompany.com

2025-12-19 10:04

HTTP/1.1 302 Found
Content-Length: 0
Content-Security-Policy: object-src 'none'; form-action 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com; frame-ancestors 'self'   https://kompany-production.up.railway.app https://kopay.link https://hq.getkompany.com;
Date: Fri, 19 Dec 2025 10:04:24 GMT
Location: /swagger
Server: railway-edge
X-Content-Type-Options: nosniff
X-Correlation-Id: f2bf95e48faa4f11a32adb0f74a21fb9
X-Railway-Edge: railway/us-east4-eqdc4a
X-Railway-Request-Id: bpHcQjn-RtWatf6iBT7zVQ
X-Xss-Protection: 1; mode=block
Connection: close

Found 2025-12-19 by HttpPlugin

Create report

app.getkompany.com

Fingerprint:

3097288adb8986884fb433b0e54709231fbbec18a14cb0057b87611259f575ff

CN:

app.getkompany.com

Key:

RSA-2048

Issuer:

R12

Not before:

2025-12-03 19:46

Not after:

2026-03-03 19:46

Domain summary

app.getkompany.com 5

1 recorded

IP summary

66.33.22.240 2

1 recorded

Domain app.getkompany.com

United States

Software information

Swagger API description is publicly available

Create report

Create report

Create report

Create report

Create report

app.getkompany.com

Domain summary

IP summary