Domain nextech-inventory-api.nextech.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 104.18.1.230
Domain: nextech-inventory-api.nextech.com
Port: 443
URL: https://nextech-inventory-api.nextech.comFirst seen 2025-10-18 05:49
Last seen 2026-01-09 15:36
Open for 83 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d60aa7f04b7182b46a319c84e396c1bccb3de96225aPublic Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: DELETE /api/practices/{practiceId}/facilities/{facilityId}/patients/{patientId}/Transactions/{transactionId} GET /api/Clients GET /api/Practices GET /api/Practices/{id} GET /api/Products GET /api/Products/{productId} GET /api/practices/{practiceId}/Facilities GET /api/practices/{practiceId}/Facilities/{facilityId} GET /api/practices/{practiceId}/Facilities/{facilityId}/Users/{userId} GET /api/practices/{practiceId}/Facilities/{facilityId}/users GET /api/practices/{practiceId}/Products GET /api/practices/{practiceId}/Products/{productId} GET /api/practices/{practiceId}/Users GET /api/practices/{practiceId}/Users/{userId} GET /api/practices/{practiceId}/Users/{userId}/Facilities GET /api/practices/{practiceId}/Users/{username}/Authenticate GET /api/practices/{practiceId}/facilities/{facilityId}/Doctors GET /api/practices/{practiceId}/facilities/{facilityId}/Doctors/{doctorId} GET /api/practices/{practiceId}/facilities/{facilityId}/Patients GET /api/practices/{practiceId}/facilities/{facilityId}/Patients/{patientId} GET /api/practices/{practiceId}/facilities/{facilityId}/Products GET /api/practices/{practiceId}/facilities/{facilityId}/Products/{productId} GET /api/practices/{practiceId}/facilities/{facilityId}/patients/{patientId}/Transactions GET /api/practices/{practiceId}/facilities/{facilityId}/products/{productId}/productInventories GET /api/rate-limit/{id} POST /api/Clients/ValidateCredentials POST /api/practices/{practiceId}/facilities/{facilityId}/PosTransactions POST /api/practices/{practiceId}/facilities/{facilityId}/Transactions POST /api/rate-limitFound on 2026-01-09 15:36
-
-
Open service 104.18.1.230:443 · nextech-inventory-api.nextech.com
2026-01-09 15:36
HTTP/1.1 404 Not Found Date: Fri, 09 Jan 2026 15:36:21 GMT Content-Length: 0 Connection: close CF-RAY: 9bb5027e2f5caa76-AMS Set-Cookie: ARRAffinity=5390bb481b78d70fcecd8b4cd073486bfeb692a5b5d0010e678e479892b75dd7;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: ARRAffinitySameSite=5390bb481b78d70fcecd8b4cd073486bfeb692a5b5d0010e678e479892b75dd7;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: __cf_bm=bXX0i2orGuf7FtrcBHxv0SEgauFkl5fSbOQ9KVNmYa4-1767972981-1.0.1.1-hie9uAX4jj3Cw3L.8geO1XyAT31IdfvExn6aiS2OgIaudO6khhzg1CH1bBAr0.HpHcLqx1drS8epDRVVluVt9WfR3.nFmCiU_VJ7J94WLlQ; path=/; expires=Fri, 09-Jan-26 16:06:21 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:ecc530f7-dc53-465d-ae1a-1ad55b10f921 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api.nextech.com
2026-01-02 12:01
HTTP/1.1 404 Not Found Date: Fri, 02 Jan 2026 12:01:47 GMT Content-Length: 0 Connection: close CF-RAY: 9b7a1a8d09d08f27-FRA Set-Cookie: ARRAffinity=87541d5611d71286bda284eb04837ef1d3ca8671d80407a7a8175ed21507ef1d;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: ARRAffinitySameSite=87541d5611d71286bda284eb04837ef1d3ca8671d80407a7a8175ed21507ef1d;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: __cf_bm=Z8mD2S6tNVX83soKy.PhO.k7fdwyn1Yq.gfKXB3yeCM-1767355307-1.0.1.1-LelLl6bbDDU2wPfdrYYECpSxTZgS_8N5lPwvsizfWWqSQIVlzOqELK949Vx249bE3FgU180OfzWQXSC7yRqk7e.QjPJCQ0STSrsKL60Z5eM; path=/; expires=Fri, 02-Jan-26 12:31:47 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:ecc530f7-dc53-465d-ae1a-1ad55b10f921 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api.nextech.com
2025-12-22 19:51
HTTP/1.1 404 Not Found Date: Mon, 22 Dec 2025 19:51:08 GMT Content-Length: 0 Connection: close CF-RAY: 9b2226f66b0adfe0-FRA Set-Cookie: ARRAffinity=87541d5611d71286bda284eb04837ef1d3ca8671d80407a7a8175ed21507ef1d;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: ARRAffinitySameSite=87541d5611d71286bda284eb04837ef1d3ca8671d80407a7a8175ed21507ef1d;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: __cf_bm=mwzQAnHpaSVuzC1e50pkJ2Iv0FLvgNuwNfyR2qnLoNs-1766433068-1.0.1.1-rx2cfiUTvfOjzqzDum28WlvtCU9XiEgrVwd14Dks.t8CUSP22hAyhGa_wsnXZ5Ylx7bJ.G6dnz._CJNCcT8Y1F4l6zUqfvS2JmM43morU5s; path=/; expires=Mon, 22-Dec-25 20:21:08 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:ecc530f7-dc53-465d-ae1a-1ad55b10f921 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-22 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api.nextech.com
2025-12-21 05:07
HTTP/1.1 404 Not Found Date: Sun, 21 Dec 2025 05:07:44 GMT Content-Length: 0 Connection: close CF-RAY: 9b14db878bfd002e-LHR Set-Cookie: ARRAffinity=1da09a26466cb76eafdcf43f203cae1e0cee4ebeea181f69e71c2ad35973850d;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: ARRAffinitySameSite=1da09a26466cb76eafdcf43f203cae1e0cee4ebeea181f69e71c2ad35973850d;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: __cf_bm=rHshJ0pmaOtQUru7rY89Np22T2W7TcPtGtUmDssyzNI-1766293664-1.0.1.1-xv7Yig113pbqp6cQ2CEOvQsF.q3.J4INYrVLn9Gb0jR8Ni2PqfAG9Cxp9.B9EuSW_4S97J84bl_vvZd7Pq78JaEEe6LzB3b2JTCMIpQXEv4; path=/; expires=Sun, 21-Dec-25 05:37:44 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:ecc530f7-dc53-465d-ae1a-1ad55b10f921 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-21 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · nextech-inventory-api.nextech.com
2025-12-19 08:53
HTTP/1.1 404 Not Found Date: Fri, 19 Dec 2025 08:53:04 GMT Content-Length: 0 Connection: close CF-RAY: 9b05aada8dfedcc0-FRA Set-Cookie: ARRAffinity=1da09a26466cb76eafdcf43f203cae1e0cee4ebeea181f69e71c2ad35973850d;Path=/;HttpOnly;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: ARRAffinitySameSite=1da09a26466cb76eafdcf43f203cae1e0cee4ebeea181f69e71c2ad35973850d;Path=/;HttpOnly;SameSite=None;Secure;Domain=nextech-inventory-api.nextech.com Set-Cookie: __cf_bm=2v2.VC96QYumJ35v6Y75Z2fclZ.Pa3bgmRs22NocCIY-1766134384-1.0.1.1-mpWfgVRj2IehhjPjsjbyJdw0QuQdVZQGSVkLQL0TKPcxUBuru1RXBchCzIPJShmJurDWzMiE.x3qpt0v6M41RrcGx.CbVnr8mqxgXkW0NM8; path=/; expires=Fri, 19-Dec-25 09:23:04 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:ecc530f7-dc53-465d-ae1a-1ad55b10f921 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Server: cloudflare
Found 2025-12-19 by HttpPluginCreate report