Domain nextech-inventory-api-dev.nextech.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 104.18.1.230
Domain: nextech-inventory-api-dev.nextech.com
Port: 443
URL: https://nextech-inventory-api-dev.nextech.comFirst seen 2025-10-18 22:02
Last seen 2026-01-10 01:53
Open for 83 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60aa7f04b7182b46a319c84e396c1bccb3de96225aPublic Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: DELETE /api/practices/{practiceId}/facilities/{facilityId}/patients/{patientId}/Transactions/{transactionId} GET /api/Clients GET /api/Practices GET /api/Practices/{id} GET /api/Products GET /api/Products/{productId} GET /api/practices/{practiceId}/Facilities GET /api/practices/{practiceId}/Facilities/{facilityId} GET /api/practices/{practiceId}/Facilities/{facilityId}/Users/{userId} GET /api/practices/{practiceId}/Facilities/{facilityId}/users GET /api/practices/{practiceId}/Products GET /api/practices/{practiceId}/Products/{productId} GET /api/practices/{practiceId}/Users GET /api/practices/{practiceId}/Users/{userId} GET /api/practices/{practiceId}/Users/{userId}/Facilities GET /api/practices/{practiceId}/Users/{username}/Authenticate GET /api/practices/{practiceId}/facilities/{facilityId}/Doctors GET /api/practices/{practiceId}/facilities/{facilityId}/Doctors/{doctorId} GET /api/practices/{practiceId}/facilities/{facilityId}/Patients GET /api/practices/{practiceId}/facilities/{facilityId}/Patients/{patientId} GET /api/practices/{practiceId}/facilities/{facilityId}/Products GET /api/practices/{practiceId}/facilities/{facilityId}/Products/{productId} GET /api/practices/{practiceId}/facilities/{facilityId}/patients/{patientId}/Transactions GET /api/practices/{practiceId}/facilities/{facilityId}/products/{productId}/productInventories GET /api/rate-limit/{id} POST /api/Clients/ValidateCredentials POST /api/practices/{practiceId}/facilities/{facilityId}/PosTransactions POST /api/practices/{practiceId}/facilities/{facilityId}/Transactions POST /api/rate-limitFound on 2026-01-10 01:53
-
-
Open service 104.18.1.230:443 · nextech-inventory-api-dev.nextech.com
2026-01-10 01:53
HTTP/1.1 404 Not Found Date: Sat, 10 Jan 2026 01:53:14 GMT Content-Length: 0 Connection: close CF-RAY: 9bb88a208d0edb0c-FRA Set-Cookie: ARRAffinity=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: ARRAffinitySameSite=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: __cf_bm=rJGnLUFYQdX0f12lM8wGjedmDCE8eoITFFcrxWLT5cw-1768009994-1.0.1.1-BSA_RaucpyV78gcgF6mJgKWpMUCsunD2Cx8PpotxamO9x25EiMugMxUBPH9.5_0f.wJFYA8.VQAeZgNwb7mpCADxCf_EsOgTnO.lTORdU1s; path=/; expires=Sat, 10-Jan-26 02:23:14 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:a4214c09-1b98-490f-b6dd-5904b7563488 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-10 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api-dev.nextech.com
2026-01-03 00:15
HTTP/1.1 404 Not Found Date: Sat, 03 Jan 2026 00:15:09 GMT Content-Length: 0 Connection: close CF-RAY: 9b7e4ccffb356574-AMS Set-Cookie: ARRAffinity=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: ARRAffinitySameSite=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: __cf_bm=cNi._Z1tw3GCyxIjGHLXcxJLo3Ws4cNjPZGSnInLdyw-1767399309-1.0.1.1-xm1FauWn0akIvS_UWWqQFTA3VW2yCKcTHmjeU9t9GSs9mEh8awn9vYHRjNI9ALgt6ye2o.gQAG3RNDIe2Gud7e924z1.OS.EIWHoymdhDEY; path=/; expires=Sat, 03-Jan-26 00:45:09 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:a4214c09-1b98-490f-b6dd-5904b7563488 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-03 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api-dev.nextech.com
2025-12-23 01:28
HTTP/1.1 404 Not Found Date: Tue, 23 Dec 2025 01:28:21 GMT Content-Length: 0 Connection: close CF-RAY: 9b2414efccf4fc7d-YYZ Set-Cookie: ARRAffinity=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: ARRAffinitySameSite=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: __cf_bm=ByeD1K7eWd3i1vQ5cO5fxACnrxF0iRI.3jtrE1h4QCk-1766453301-1.0.1.1-eg13WVrhskYu.W9LCHYHu0vmnrHfLUmGrOwuPRjltE9YHX4unPO3wEbBGPegrD6bt9Lof9LnLllzDXPqI6dNQBXYA.1vpjtxLgIkRUilJz4; path=/; expires=Tue, 23-Dec-25 01:58:21 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:a4214c09-1b98-490f-b6dd-5904b7563488 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-23 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api-dev.nextech.com
2025-12-20 11:03
HTTP/1.1 404 Not Found Date: Sat, 20 Dec 2025 11:03:56 GMT Content-Length: 0 Connection: close CF-RAY: 9b0ea7ef6da9dc4b-FRA Set-Cookie: ARRAffinity=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: ARRAffinitySameSite=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: __cf_bm=8rP_XsLg7MzIsVhyoTi2QyWm_oAY9evYRwXF8IBGMhU-1766228636-1.0.1.1-ozyFDEXBdeXbTYcjA1_br4VsuJ2wqvNQHpd2s_jV7f_pn8Gv9vsWYuZbmgxQRvg3pQTJRduBeQF.AIQJFaFSUipKYAkYBKaS8TDBi0I5j9Q; path=/; expires=Sat, 20-Dec-25 11:33:56 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:a4214c09-1b98-490f-b6dd-5904b7563488 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-20 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api-dev.nextech.com
2025-12-19 10:32
HTTP/1.1 404 Not Found Date: Fri, 19 Dec 2025 10:32:54 GMT Content-Length: 0 Connection: close CF-RAY: 9b063d1bed465383-YYZ Set-Cookie: ARRAffinity=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: ARRAffinitySameSite=31506998aae23a5d0d828908c87319f274d3557015beab5c19a9556fd83b3613;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api-dev.nextech.com Set-Cookie: __cf_bm=KDNNC.6MNnvfsj9QZacLX3Lm20jMdeIYmpo6fIMDUfY-1766140374-1.0.1.1-I8gEUyuyHbV3mpGuOBsSeRTt1ozmlxoleEOxpd1oxVCEw5B8V6_mMFCHHDJDxSxio_TnscSMFWWwWsODsaqzSQMjub2eYLrd20R4wJDBCgc; path=/; expires=Fri, 19-Dec-25 11:02:54 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:a4214c09-1b98-490f-b6dd-5904b7563488 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-19 by HttpPluginCreate report