Domain membershipsapi-qa.nextech.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 104.18.0.230
Domain: membershipsapi-qa.nextech.com
Port: 443
URL: https://membershipsapi-qa.nextech.comFirst seen 2025-12-07 20:51
Last seen 2026-01-09 16:01
Open for 32 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d603ce754bf7fdf4e7fbaf4f2ae0d979aef60ffa147Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: GET /api/Authorization GET /api/FeatureFlag/All GET /api/FeatureFlag/Flag/{featureKey} GET /api/Location GET /api/Membership/GetMembershipGroups/{id} GET /api/Membership/{name}/exists GET /api/MembershipItems/GetServicesByGroupDetailIds GET /api/MembershipItems/Products GET /api/MembershipItems/Services GET /api/MerchantAccount GET /api/PatientMembership/{id} GET /api/PaymentCategory GET /api/Practice/Nodes/{id} GET /api/Provider GET /api/rate-limit/{id} PATCH /api/PatientMembershipServicesBilled/{id} POST /api/Membership POST /api/Membership/GetMemberships POST /api/Membership/GetMembershipsAvailableToAddToPatient POST /api/Membership/IsItemInUse POST /api/Membership/UpdateMembership POST /api/PatientMembership/CancelPatientMembership POST /api/PatientMembership/CreatePatientMembership POST /api/PatientMembership/GetPatientMemberships POST /api/PatientMembership/GetPatientMembershipsPaginated POST /api/PatientMembership/GetPatientMembershipsWithServiceCountsPaginated POST /api/PatientMembershipService/AllocateServices POST /api/PatientMembershipService/ExtendPatientMembershipService POST /api/PatientMembershipService/GetPatientAvailableServices POST /api/PatientMembershipService/GetPatientMembershipsDiscounts POST /api/PatientMembershipService/MarkServiceUsed POST /api/PatientMembershipServicesBilled/GetPatientMembershipServiceBilled POST /api/rate-limit PUT /api/PatientMembership/UpdatePatientMembershipStatus PUT /api/PatientMembershipService/UpdatePatientMembershipServiceStatusFound on 2026-01-09 16:01
-
-
Open service 104.18.0.230:443 · membershipsapi-qa.nextech.com
2026-01-09 16:01
HTTP/1.1 404 Not Found Date: Fri, 09 Jan 2026 16:01:18 GMT Content-Length: 0 Connection: close CF-RAY: 9bb527026e06f87e-SIN Set-Cookie: ARRAffinity=329179dcd2a3b11876fd55f3cf265ba756d94b808ccd4cdeae5685ac8bb3a031;Path=/;HttpOnly;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: ARRAffinitySameSite=329179dcd2a3b11876fd55f3cf265ba756d94b808ccd4cdeae5685ac8bb3a031;Path=/;HttpOnly;SameSite=None;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: __cf_bm=VcvDSac6tWwHTIcsb2YRIWWsxHReccRyTjvzhKbExWY-1767974478-1.0.1.1-idUX44cp9JI6C_DmGHf8TNgLv0Y76Ob9iNLU8xgnLu5vswykKD1Br..lolh915U1r_ksk93o7f8ghMkh3YGgCqMQHFfPnCmOxAVrBe8OhsE; path=/; expires=Fri, 09-Jan-26 16:31:18 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:47f0e814-72e0-472f-92dc-8975abc93dee X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.18.0.230:443 · membershipsapi-qa.nextech.com
2026-01-02 22:22
HTTP/1.1 404 Not Found Date: Fri, 02 Jan 2026 22:22:40 GMT Content-Length: 0 Connection: close CF-RAY: 9b7da80c7b838c4f-FRA Set-Cookie: ARRAffinity=329179dcd2a3b11876fd55f3cf265ba756d94b808ccd4cdeae5685ac8bb3a031;Path=/;HttpOnly;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: ARRAffinitySameSite=329179dcd2a3b11876fd55f3cf265ba756d94b808ccd4cdeae5685ac8bb3a031;Path=/;HttpOnly;SameSite=None;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: __cf_bm=1Kzhvj0GHFHyrqRfpZIWJIUyl5vVEuEpdnUcZ.2suMo-1767392560-1.0.1.1-xL.7nQBqkRGZFTibkmRU0zZuqpoFheRvbMl8CUP_3NdKcLaru_tHR5Td6o97z26qfQjYV37zo4l_s7PoLyri9V0WIIebIhNi1y.KcWS2OCk; path=/; expires=Fri, 02-Jan-26 22:52:40 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:47f0e814-72e0-472f-92dc-8975abc93dee X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.0.230:443 · membershipsapi-qa.nextech.com
2025-12-22 16:41
HTTP/1.1 404 Not Found Date: Mon, 22 Dec 2025 16:41:54 GMT Content-Length: 0 Connection: close CF-RAY: 9b2111c08d7f42b5-EWR Set-Cookie: ARRAffinity=329179dcd2a3b11876fd55f3cf265ba756d94b808ccd4cdeae5685ac8bb3a031;Path=/;HttpOnly;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: ARRAffinitySameSite=329179dcd2a3b11876fd55f3cf265ba756d94b808ccd4cdeae5685ac8bb3a031;Path=/;HttpOnly;SameSite=None;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: __cf_bm=BH1R__NcdykZFtK.EBf2pLPRLTkcshQCP5JbLU82FgI-1766421714-1.0.1.1-Tsq_jFsbvYhVMK1prN86DPy.OJIF483zdL9b8lhXXEUv3.7hpQkdpCNi0kiz5yRFBmzFifHgLdorhjDRkgC_cLFjTdPDuKeXvqk0NmKpVs4; path=/; expires=Mon, 22-Dec-25 17:11:54 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:47f0e814-72e0-472f-92dc-8975abc93dee X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-22 by HttpPluginCreate report
-
Open service 104.18.0.230:443 · membershipsapi-qa.nextech.com
2025-12-20 17:57
HTTP/1.1 404 Not Found Date: Sat, 20 Dec 2025 17:57:49 GMT Content-Length: 0 Connection: close CF-RAY: 9b1106358940f569-EWR Set-Cookie: ARRAffinity=b30741fb66500bb10620975e89129c5132edd383b2aa72881ed8fb999a1a836e;Path=/;HttpOnly;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: ARRAffinitySameSite=b30741fb66500bb10620975e89129c5132edd383b2aa72881ed8fb999a1a836e;Path=/;HttpOnly;SameSite=None;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: __cf_bm=53PlTAbIzEVBg8n9IYJuE_yRoOdaPA3WM659tev_8vU-1766253469-1.0.1.1-6AWG8G7V2iCQ3_M8dtLkUL1FFmVkNinR95fYCEeflBMF8FRSXojQrcnwhSDBytUgIwwK5WJYknlwi3mL7yDXQrLfw61mdhKVJfdEhBmKMeQ; path=/; expires=Sat, 20-Dec-25 18:27:49 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:47f0e814-72e0-472f-92dc-8975abc93dee X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-20 by HttpPluginCreate report
-
Open service 104.18.0.230:443 · membershipsapi-qa.nextech.com
2025-12-19 06:11
HTTP/1.1 404 Not Found Date: Fri, 19 Dec 2025 06:11:36 GMT Content-Length: 0 Connection: close CF-RAY: 9b04be545c9bfe0a-LHR Set-Cookie: ARRAffinity=b30741fb66500bb10620975e89129c5132edd383b2aa72881ed8fb999a1a836e;Path=/;HttpOnly;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: ARRAffinitySameSite=b30741fb66500bb10620975e89129c5132edd383b2aa72881ed8fb999a1a836e;Path=/;HttpOnly;SameSite=None;Secure;Domain=membershipsapi-qa.nextech.com Set-Cookie: __cf_bm=1mO9hIJmf4ZIlX4bL2p.Llf.usqCWB86TwvncmvQ4oQ-1766124696-1.0.1.1-7tnEqnK53Ap2zWdLei_PdnlFjin1sHn4NqVZ3PGkSb9gDgAcxpgowzfdxR0iqIDAqcVv5RYticYm_RFk2C_9GRTBOq7s.kjUkhPCgjX1HS8; path=/; expires=Fri, 19-Dec-25 06:41:36 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:47f0e814-72e0-472f-92dc-8975abc93dee X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-19 by HttpPluginCreate report