Domain mcmsapi-dev.medicardphils.com
Singapore
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 20.212.64.8
Domain: mcmsapi-dev.medicardphils.com
Port: 443
URL: https://mcmsapi-dev.medicardphils.comFirst seen 2026-01-01 04:06
Last seen 2026-01-16 16:13
Open for 15 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad035491268aefa44869cea976521af784d3100ad874893Public Swagger UI/API detected at path: /swagger/index.html - sample paths: GET /affiliation GET /facility GET /facility/covered-account GET /facility/hpas-remarks GET /facility/package-price-history GET /facility/packages GET /facility/room-rates GET /facility/room-rates/details GET /facility/services GET /facility/services-packages GET /facility/services-packages/details GET /facility/services/details GET /physician GET /physician/ahmopi-rate/details GET /physician/negotiated-procedure-rate GET /physician/negotiated-procedure-rate/details GET /physician/schedule GET /physician/special-instrument-fee GET /physician/special-instrument-fee/details GET /physician/special-rate GET /physician/special-rate/details GET /physician/standard-rate/details
Found on 2026-01-16 16:13
-