Domain tarnobrzeg.parkadmin.online
Sweden
Software information
nginx 1.18.0
tcp/443
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.51.122.10
Domain: tarnobrzeg.parkadmin.online
Port: 443
URL: https://tarnobrzeg.parkadmin.onlineFirst seen 2025-10-19 07:15
Last seen 2026-01-23 09:33
Open for 96 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecdeba7a39c9405a4755fdb6b6d176405417bf7c49Public Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/rest/parking-permit/permit GET /api/rest/parking/check/{licensePlate}/{zoneId} GET /api/rest/parking/checkgroup/{licensePlate}/{group} GET /api/rest/parking/checksimple/{licensePlate}/{zoneId} GET /api/rest/parking/checkstreet/{licensePlate}/{streetId} GET /api/rest/parking/getlist/{zoneId} POST /api/rest/guest-tablet/getTabletConfig POST /api/rest/guest-tablet/registerParking POST /api/rest/guest-tablet/registerTablet POST /api/rest/p24/notification POST /api/rest/parking-guest/entry/create POST /api/rest/parking-guest/entry/createauto POST /api/rest/parking-guest/entry/createcomplete POST /api/rest/parking-permit/setup/{clientId}/update POST /api/rest/parking-permit/{clientId}/document-link POST /api/rest/parking-permit/{clientId}/updateFound on 2026-01-23 09:33
-
-
Open service 13.51.122.10:443 · tarnobrzeg.parkadmin.online
2026-01-23 09:33
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 23 Jan 2026 09:33:59 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=3DE8192347A557DCB086277D264AFD10; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="77c6e1ca-8563-436f-8c16-3f7382076d35"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · tarnobrzeg.parkadmin.online
2026-01-09 13:25
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 13:25:51 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=AE8A6ACA68D38DB6891193C2AAA4EC8A; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="5d61d994-e2ab-4ffe-838c-3967760e6380"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · tarnobrzeg.parkadmin.online
2026-01-02 19:41
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 02 Jan 2026 19:41:36 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=2309EB928655E6860130BAD953A0E0AF; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="f805bab7-7450-44f2-a2c6-dc5a435173e8"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 13.51.122.10:443 · tarnobrzeg.parkadmin.online
2025-12-23 07:02
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Tue, 23 Dec 2025 07:02:29 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=04668EE31E128A9B750F2D9D2AAD9547; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="caa2af45-1c9a-40f7-902e-8c72d87a8232"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.eb6933e5.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2025-12-23 by HttpPluginCreate report