Domain scan-park.simplyparking.eu
Sweden
Software information
nginx 1.18.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.51.122.10
Domain: scan-park.simplyparking.eu
Port: 443
URL: https://scan-park.simplyparking.euFirst seen 2025-11-19 13:04
Last seen 2026-01-22 19:20
Open for 64 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecdeba7a39c9405a4755fdb6b6d176405417bf7c49Public Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/rest/parking-permit/permit GET /api/rest/parking/check/{licensePlate}/{zoneId} GET /api/rest/parking/checkgroup/{licensePlate}/{group} GET /api/rest/parking/checksimple/{licensePlate}/{zoneId} GET /api/rest/parking/checkstreet/{licensePlate}/{streetId} GET /api/rest/parking/getlist/{zoneId} POST /api/rest/guest-tablet/getTabletConfig POST /api/rest/guest-tablet/registerParking POST /api/rest/guest-tablet/registerTablet POST /api/rest/p24/notification POST /api/rest/parking-guest/entry/create POST /api/rest/parking-guest/entry/createauto POST /api/rest/parking-guest/entry/createcomplete POST /api/rest/parking-permit/setup/{clientId}/update POST /api/rest/parking-permit/{clientId}/document-link POST /api/rest/parking-permit/{clientId}/updateFound on 2026-01-22 19:20
-
-
Open service 13.51.122.10:443 · scan-park.simplyparking.eu
2026-01-22 19:20
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Thu, 22 Jan 2026 19:20:43 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=38335FCA14BAB10BA9237D4ADCFF4D5A; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="7c748ec9-bc01-47ea-8fe9-7bd54eb37889"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-22 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · scan-park.simplyparking.eu
2026-01-09 22:51
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 22:51:37 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=C94A13BC67025E72E24637EA25E07908; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="c46723e9-de29-4726-a160-07666803d170"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · scan-park.simplyparking.eu
2026-01-02 15:22
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jan 2026 15:22:58 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=27FF5D9BB800C0FD662C832075DA87AF; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="a883965c-c1c2-4088-b7a7-da73b40561a0"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · scan-park.simplyparking.eu
2025-12-23 03:01
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Tue, 23 Dec 2025 03:01:34 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=AC5951393F9451331AB0EC6F1873D5C4; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="6b3cb037-d38b-443a-8c98-6dbe20ad3ce4"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2025-12-23 by HttpPluginCreate report