Domain it-parking.simplyparking.eu
Sweden
Software information
nginx 1.18.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.51.122.10
Domain: it-parking.simplyparking.eu
Port: 443
URL: https://it-parking.simplyparking.euFirst seen 2025-10-18 07:14
Last seen 2026-02-02 04:37
Open for 106 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecdeba7a39c9405a4755fdb6b6d176405417bf7c49Public Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/rest/parking-permit/permit GET /api/rest/parking/check/{licensePlate}/{zoneId} GET /api/rest/parking/checkgroup/{licensePlate}/{group} GET /api/rest/parking/checksimple/{licensePlate}/{zoneId} GET /api/rest/parking/checkstreet/{licensePlate}/{streetId} GET /api/rest/parking/getlist/{zoneId} POST /api/rest/guest-tablet/getTabletConfig POST /api/rest/guest-tablet/registerParking POST /api/rest/guest-tablet/registerTablet POST /api/rest/p24/notification POST /api/rest/parking-guest/entry/create POST /api/rest/parking-guest/entry/createauto POST /api/rest/parking-guest/entry/createcomplete POST /api/rest/parking-permit/setup/{clientId}/update POST /api/rest/parking-permit/{clientId}/document-link POST /api/rest/parking-permit/{clientId}/updateFound on 2026-02-02 04:37 -
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4b09761af88d7c1a74486e6117d7b8e1270625e1fcPublic Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /api/rest/parking-permit/permit GET /api/rest/parking/check/{licensePlate}/{zoneId} GET /api/rest/parking/checkgroup/{licensePlate}/{group} GET /api/rest/parking/checksimple/{licensePlate}/{zoneId} GET /api/rest/parking/checkstreet/{licensePlate}/{streetId} GET /api/rest/parking/getlist/{zoneId} POST /api/rest/guest-tablet/getTabletConfig POST /api/rest/guest-tablet/registerParking POST /api/rest/guest-tablet/registerTablet POST /api/rest/p24/notification POST /api/rest/parking-guest/entry/create POST /api/rest/parking-guest/entry/createauto POST /api/rest/parking-guest/entry/createcomplete POST /api/rest/parking-permit/setup/{clientId}/update POST /api/rest/parking-permit/{clientId}/document-link POST /api/rest/parking-permit/{clientId}/updateFound on 2026-01-02 08:30
-
-
Open service 13.51.122.10:443 · it-parking.simplyparking.eu
2026-01-22 23:24
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Thu, 22 Jan 2026 23:24:57 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=E1AA71AE0FBB30D2D0C202BF9A6A2270; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="57d43b27-de4e-4c0b-aa5e-656ea8956c21"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-22 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · it-parking.simplyparking.eu
2026-01-09 06:41
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 06:41:09 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=F8983D2E2A23A84482341949EE0FEE9F; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="ce987ef6-436e-4752-8b95-89ff453f6f53"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · it-parking.simplyparking.eu
2026-01-02 08:30
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jan 2026 08:30:22 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=92CD3F0E3F7DBE1533D99E66CBB5A077; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="e6ed4a47-e489-4e40-a376-3a57c4040a52"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · it-parking.simplyparking.eu
2025-12-23 06:45
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Tue, 23 Dec 2025 06:45:54 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=F06B7529226D95550CB6891568CEBD4A; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="0fa53c13-8ee6-4e95-90f4-266b6a6a2ab8"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2025-12-23 by HttpPluginCreate report