LeakIX - Host emr-stage.maxicare.com.ph

Domain emr-stage.maxicare.com.ph

Germany

Akamai International B.V.

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 23.3.88.40
Domain: emr-stage.maxicare.com.ph
Port: 443
URL: https://emr-stage.maxicare.com.ph

First seen 2025-11-30 00:15
Last seen 2026-01-19 08:50
Open for 50 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-19 08:50
Create report
Git configuration and history exposed

The following URL (usually /.git/config) is publicly accessible and is leaking source code and repository configuration.

IP: 23.3.88.11
Domain: emr-stage.maxicare.com.ph
Port: 443
URL: https://emr-stage.maxicare.com.ph

First seen 2025-11-30 00:15
Last seen 2026-01-19 08:50
Open for 50 days
- Severity: medium
  Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522a3e8ae2a
```
[core]
	repositoryformatversion = 0
	filemode = true
	bare = false
	logallrefupdates = true
	hooksPath = /dev/null
[remote "origin"]
	url = https://gitlab-ecs.equicom.com/ecs_projects/openemr.git
	fetch = +refs/heads/*:refs/remotes/origin/*
```
  Found on 2026-01-19 08:50
  
  241 Bytes
Create report

Open service 2.16.204.88:80 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://emr-stage.maxicare.com.ph/
Date: Mon, 26 Jan 2026 01:22:20 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.68:443 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Mon, 26 Jan 2026 01:21:59 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2a02:26f0:3500:14::1724:a24c:80 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: https://emr-stage.maxicare.com.ph/
Date: Mon, 26 Jan 2026 01:22:20 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.68:80 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 403 Forbidden
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 387
Expires: Mon, 26 Jan 2026 01:22:20 GMT
Date: Mon, 26 Jan 2026 01:22:20 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;emr&#45;stage&#46;maxicare&#46;com&#46;ph&#47;" on this server.<P>
Reference&#32;&#35;18&#46;441d1002&#46;1769390540&#46;1d608b95
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;441d1002&#46;1769390540&#46;1d608b95</P>
</BODY>
</HTML>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2.16.204.88:443 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 403 Forbidden
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 387
Expires: Mon, 26 Jan 2026 01:21:58 GMT
Date: Mon, 26 Jan 2026 01:21:58 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;emr&#45;stage&#46;maxicare&#46;com&#46;ph&#47;" on this server.<P>
Reference&#32;&#35;18&#46;441d1002&#46;1769390518&#46;1d6069e1
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;441d1002&#46;1769390518&#46;1d6069e1</P>
</BODY>
</HTML>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2a02:26f0:3500:14::1724:a259:443 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 403 Forbidden
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 385
Expires: Mon, 26 Jan 2026 01:21:58 GMT
Date: Mon, 26 Jan 2026 01:21:58 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;emr&#45;stage&#46;maxicare&#46;com&#46;ph&#47;" on this server.<P>
Reference&#32;&#35;18&#46;ca02417&#46;1769390518&#46;235ac6fc
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;ca02417&#46;1769390518&#46;235ac6fc</P>
</BODY>
</HTML>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2a02:26f0:3500:14::1724:a259:80 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 403 Forbidden
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 387
Expires: Mon, 26 Jan 2026 01:22:20 GMT
Date: Mon, 26 Jan 2026 01:22:20 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;emr&#45;stage&#46;maxicare&#46;com&#46;ph&#47;" on this server.<P>
Reference&#32;&#35;18&#46;19a02417&#46;1769390540&#46;29221c97
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;19a02417&#46;1769390540&#46;29221c97</P>
</BODY>
</HTML>

Found 2026-01-26 by HttpPlugin

Create report

Open service 2a02:26f0:3500:14::1724:a24c:443 · emr-stage.maxicare.com.ph

2026-01-26 01:21

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Mon, 26 Jan 2026 01:21:59 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-26 by HttpPlugin

Create report

Open service 23.3.88.40:443 · emr-stage.maxicare.com.ph

2026-01-23 16:33

HTTP/1.1 403 Forbidden
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 385
Expires: Fri, 23 Jan 2026 16:33:49 GMT
Date: Fri, 23 Jan 2026 16:33:49 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: Access Denied

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
 
You don't have permission to access "http&#58;&#47;&#47;emr&#45;stage&#46;maxicare&#46;com&#46;ph&#47;" on this server.<P>
Reference&#32;&#35;18&#46;7580317&#46;1769186029&#46;1a50837a
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;18&#46;7580317&#46;1769186029&#46;1a50837a</P>
</BODY>
</HTML>

Found 2026-01-23 by HttpPlugin

Create report

Open service 23.3.88.11:443 · emr-stage.maxicare.com.ph

2026-01-23 16:33

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Fri, 23 Jan 2026 16:33:50 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-23 by HttpPlugin

Create report

Open service 23.3.88.11:443 · emr-stage.maxicare.com.ph

2026-01-08 23:11

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Thu, 08 Jan 2026 23:11:39 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 23.3.88.40:443 · emr-stage.maxicare.com.ph

2026-01-08 23:11

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Thu, 08 Jan 2026 23:11:39 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-08 by HttpPlugin

Create report

Open service 23.3.88.11:443 · emr-stage.maxicare.com.ph

2026-01-01 23:14

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Thu, 01 Jan 2026 23:14:30 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-01 by HttpPlugin

Create report

Open service 23.3.88.40:443 · emr-stage.maxicare.com.ph

2026-01-01 23:14

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Thu, 01 Jan 2026 23:14:28 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2026-01-01 by HttpPlugin

Create report

Open service 23.3.88.11:443 · emr-stage.maxicare.com.ph

2025-12-22 11:02

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Mon, 22 Dec 2025 11:02:38 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

Open service 23.3.88.40:443 · emr-stage.maxicare.com.ph

2025-12-22 11:02

HTTP/1.1 502 Bad Gateway
Content-Type: text/html
Content-Length: 150
Date: Mon, 22 Dec 2025 11:02:38 GMT
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Page title: 502 Bad Gateway

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>

Found 2025-12-22 by HttpPlugin

Create report

maxicare.com.phaccountlink.maxicare.com.phadolfo.maxicare.com.phalen.maxicare.com.phapi.maxicare.com.phapp-teleconsult.maxicare.com.phcarlo.maxicare.com.phchris.maxicare.com.phcorp-preprod.maxicare.com.phd2ms.maxicare.com.phemr-stage.maxicare.com.phemr.maxicare.com.phenrollme.maxicare.com.phequicom-account-dev.maxicare.com.phequicom-account.maxicare.com.phequicom-dev.maxicare.com.phess.maxicare.com.phfailover-d2ms.maxicare.com.phfailover.maxicare.com.phglenn.maxicare.com.phgoconvert.maxicare.com.phhealthpoduat.maxicare.com.phhome-uat.maxicare.com.phhrgateway.maxicare.com.phhrviewpoint.maxicare.com.phjoey01.maxicare.com.phlogin.maxicare.com.phmapi.maxicare.com.phmaxilife.maxicare.com.phmbs.maxicare.com.phmembergateway-staging.maxicare.com.phmembergateway.maxicare.com.phmemberportal-uat.maxicare.com.phmemberportal.maxicare.com.phmemberviewpoint.maxicare.com.phmgtest.maxicare.com.phmyehr-stage.maxicare.com.phmyehr.maxicare.com.phoptum.maxicare.com.phpayment.maxicare.com.phpayorapi.maxicare.com.phpayorlink.maxicare.com.phpl2-stage.maxicare.com.phpl2.maxicare.com.phprovidergateway.maxicare.com.phraymark.maxicare.com.phraymark01.maxicare.com.phrcs01.maxicare.com.phregisterme.maxicare.com.phrei.maxicare.com.phsalesviewpoint.maxicare.com.phshop.maxicare.com.phsms.maxicare.com.phsso-admin.maxicare.com.phsso-api.maxicare.com.phsso-ha.maxicare.com.phsso-uat.maxicare.com.phsso.maxicare.com.phteleconsult.maxicare.com.phvaccine.maxicare.com.phwww.maxicare.com.ph

Fingerprint:

c25acac411a1573ff42a300a228917f41dc51c7fe214686eebb94372c5cfc966

CN:

maxicare.com.ph

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2026-01-19 00:00

Not after:

2026-12-01 23:59

maxicare.com.phaccountlink.maxicare.com.phadolfo.maxicare.com.phalen.maxicare.com.phapi.maxicare.com.phapp-teleconsult.maxicare.com.phcarlo.maxicare.com.phchris.maxicare.com.phcorp-preprod.maxicare.com.phd2ms.maxicare.com.phemr-stage.maxicare.com.phemr.maxicare.com.phenrollme.maxicare.com.phequicom-account-dev.maxicare.com.phequicom-account.maxicare.com.phequicom-dev.maxicare.com.phess.maxicare.com.phfailover-d2ms.maxicare.com.phfailover.maxicare.com.phglenn.maxicare.com.phgoconvert.maxicare.com.phhealthpoduat.maxicare.com.phhome-uat.maxicare.com.phhrgateway.maxicare.com.phhrviewpoint.maxicare.com.phjoey01.maxicare.com.phlogin.maxicare.com.phmapi.maxicare.com.phmaxilife.maxicare.com.phmbs.maxicare.com.phmembergateway-staging.maxicare.com.phmembergateway.maxicare.com.phmemberportal-uat.maxicare.com.phmemberportal.maxicare.com.phmemberviewpoint.maxicare.com.phmgtest.maxicare.com.phmyehr-stage.maxicare.com.phmyehr.maxicare.com.phoptum.maxicare.com.phpayment.maxicare.com.phpayorapi.maxicare.com.phpayorlink.maxicare.com.phpl2-stage.maxicare.com.phpl2.maxicare.com.phprovidergateway.maxicare.com.phraymark.maxicare.com.phraymark01.maxicare.com.phrcs01.maxicare.com.phregisterme.maxicare.com.phrei.maxicare.com.phsalesviewpoint.maxicare.com.phshop.maxicare.com.phsms.maxicare.com.phsso-admin.maxicare.com.phsso-api.maxicare.com.phsso-ha.maxicare.com.phsso-uat.maxicare.com.phsso.maxicare.com.phvaccine.maxicare.com.phwww.maxicare.com.ph

Fingerprint:

3600f17df1a5a2e6d067ae3b24fcc94c411bb9ddaeb0ffff1d2a489d6eee6f5b

CN:

maxicare.com.ph

Key:

ECDSA-256

Issuer:

DigiCert Global G3 TLS ECC SHA384 2020 CA1

Not before:

2025-11-30 00:00

Not after:

2026-12-01 23:59

Domain summary

emr-stage.maxicare.com.ph 17

1 recorded

IP summary

2.16.204.88 1 2.16.204.68 1 2a02:26f0:3500:14::1724:a24c 1 2a02:26f0:3500:14::1724:a259 1 23.3.88.40 1 23.3.88.11 1

6 recorded

Domain emr-stage.maxicare.com.ph

Germany

Swagger API description is publicly available

Git configuration and history exposed

Domain summary

IP summary