Domain todo-api.nextech.com
Software information
cloudflare
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-07 10:11
Last seen 2026-01-09 07:40
Open for 32 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1f3d88d606aeda8d3e47fdbbdae42428fef69f894b62d36d2Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths: GET /api/AuditEvent GET /api/Category GET /api/Category/{id} GET /api/CommunicationMethod GET /api/Group GET /api/Group/{id} GET /api/Task GET /api/Task/patient/{patientId}/Count GET /api/Task/user/{applicationUserId}/Count GET /api/Task/{id} GET /api/rate-limit/{id} GET /health-check PATCH /api/Todo/{id} POST /api/AuditEvent/_search POST /api/Category/bulk POST /api/Client/backfill POST /api/Task/_search POST /api/Task/category/backfill POST /api/Task/user/{applicationUserId}/IcpCount POST /api/rate-limitFound on 2026-01-09 07:40
-
-
Open service 104.18.1.230:443 · todo-api.nextech.com
2026-01-09 07:40
HTTP/1.1 404 Not Found Date: Fri, 09 Jan 2026 07:40:12 GMT Content-Length: 0 Connection: close CF-RAY: 9bb248fa082f4008-SIN Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:03484dd8-bf5d-429d-b5b4-bb863d9bd493 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=JHXaewo683xGhfVkCT49ZQwocTrRdauGQ_QTwhPX.O0-1767944412-1.0.1.1-4nQnMDfS3Ehi2VZul7CJdRXodBkoZ53fZ4anvft2xwAC6oUrOTUFZj6OPDgCmCjwRflehnyTXMIXS4tOn9Y6o8fWT9ZhVwtVflH80mhOLCU; path=/; expires=Fri, 09-Jan-26 08:10:12 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Server: cloudflare
Found 2026-01-09 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · todo-api.nextech.com
2026-01-02 05:58
HTTP/1.1 404 Not Found Date: Fri, 02 Jan 2026 05:58:53 GMT Content-Length: 0 Connection: close CF-RAY: 9b7806f95aff7206-EWR Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:03484dd8-bf5d-429d-b5b4-bb863d9bd493 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=EI9YTRXaXbCwMUJa3SeGApvpxwO_NfgFffRfKXsR45s-1767333533-1.0.1.1-oxjzcwDCQwtJ3ZbiyktDODLZNUrAfqQ6__PkG1rzC5PDbM9IRijUX0OOrKj62xvjJUZo0.SlfSsdO8tMj9cZSSsmgNHSsfIH4faCF27u31s; path=/; expires=Fri, 02-Jan-26 06:28:53 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Server: cloudflare
Found 2026-01-02 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · todo-api.nextech.com
2025-12-22 21:08
HTTP/1.1 404 Not Found Date: Mon, 22 Dec 2025 21:08:49 GMT Content-Length: 0 Connection: close CF-RAY: 9b2298c21f673972-YYZ Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:03484dd8-bf5d-429d-b5b4-bb863d9bd493 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=HS6ohBkhqOxHHIg2CA5ThcYKtSoGJSUiw2czDX8Lxjk-1766437729-1.0.1.1-SQkIcZvZcwNDrYVSbC59FT0Mkvl7kn3guNHws10rzf2CoeaMQj5g9ROeXsDpx86eEtBdo67bgyyQnamva3kNMc5CzIXKGdwtq9UBBsnecoQ; path=/; expires=Mon, 22-Dec-25 21:38:49 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Server: cloudflare
Found 2025-12-22 by HttpPluginCreate report
-
Open service 104.18.1.230:443 · todo-api.nextech.com
2025-12-21 00:25
HTTP/1.1 404 Not Found Date: Sun, 21 Dec 2025 00:25:33 GMT Content-Length: 0 Connection: close CF-RAY: 9b133e2e7d84b5e5-YYZ Strict-Transport-Security: max-age=2592000 Request-Context: appId=cid-v1:03484dd8-bf5d-429d-b5b4-bb863d9bd493 X-Powered-By: ASP.NET cf-cache-status: DYNAMIC Set-Cookie: __cf_bm=HlNguxxk7qxF6qgjwbyl0GZc6EIRHfgJ8fImufdFRzw-1766276733-1.0.1.1-_jRU2riNQjjUQCqoxmPon4BOgSMYVz_YKlBmvPUPaPjgKZz0Uoj9J0sSnOAfGvtJVNrioT0g14Jtg4waZAE0BIfnQSsJ6u33_Lo0Q9D0InA; path=/; expires=Sun, 21-Dec-25 00:55:33 GMT; domain=.nextech.com; HttpOnly; Secure; SameSite=None Server: cloudflare
Found 2025-12-21 by HttpPluginCreate report