Domain tarnobrzeg.simplyp.eu
Sweden
Software information
nginx 1.18.0
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-24 07:45
Last seen 2026-02-02 10:35
Open for 101 days-
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecdeba7a39c9405a4755fdb6b6d1764054c4e0902aPublic Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/rest/parking-permit/permit GET /api/rest/parking/check/{licensePlate}/{zoneId} GET /api/rest/parking/checkgroup/{licensePlate}/{group} GET /api/rest/parking/checksimple/{licensePlate}/{zoneId} GET /api/rest/parking/checkstreet/{licensePlate}/{streetId} GET /api/rest/parking/getlist/{zoneId} POST /api/rest/customer-request/{clientId}/document-link POST /api/rest/customer-request/{clientId}/update POST /api/rest/guest-tablet/getTabletConfig POST /api/rest/guest-tablet/registerParking POST /api/rest/guest-tablet/registerTablet POST /api/rest/p24/notification POST /api/rest/parking-guest/entry/create POST /api/rest/parking-guest/entry/createauto POST /api/rest/parking-guest/entry/createcomplete POST /api/rest/parking-permit/setup/{clientId}/update POST /api/rest/parking-permit/{clientId}/document-link POST /api/rest/parking-permit/{clientId}/updateFound on 2026-02-02 10:35 -
Severity: info
Fingerprint: 5733ddf49ff49cd110a331ecdeba7a39c9405a4755fdb6b6d176405417bf7c49Public Swagger UI/API detected at path: /v2/api-docs - sample paths: GET /api/rest/parking-permit/permit GET /api/rest/parking/check/{licensePlate}/{zoneId} GET /api/rest/parking/checkgroup/{licensePlate}/{group} GET /api/rest/parking/checksimple/{licensePlate}/{zoneId} GET /api/rest/parking/checkstreet/{licensePlate}/{streetId} GET /api/rest/parking/getlist/{zoneId} POST /api/rest/guest-tablet/getTabletConfig POST /api/rest/guest-tablet/registerParking POST /api/rest/guest-tablet/registerTablet POST /api/rest/p24/notification POST /api/rest/parking-guest/entry/create POST /api/rest/parking-guest/entry/createauto POST /api/rest/parking-guest/entry/createcomplete POST /api/rest/parking-permit/setup/{clientId}/update POST /api/rest/parking-permit/{clientId}/document-link POST /api/rest/parking-permit/{clientId}/updateFound on 2026-01-23 15:25
-
-
Open service 13.51.46.84:443 · tarnobrzeg.simplyp.eu
2026-01-23 15:25
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 23 Jan 2026 15:25:46 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=E350979EB0547622E198D6026C61A31B; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="1c5a0043-8ff5-4615-9896-1845f6ab9b51"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.2885ba54.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.51.46.84:443 · tarnobrzeg.simplyp.eu
2026-01-09 21:22
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 21:22:53 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=0BDD4B10B335499EAC77975D46A6B964; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="7b605247-1aae-40ec-b4aa-082443ca3826"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.2885ba54.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.51.46.84:443 · tarnobrzeg.simplyp.eu
2025-12-23 06:55
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Tue, 23 Dec 2025 06:55:09 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=99A8B89559C4C8CAE24F4FBBD600469B; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="0902d69c-dfd8-4bfa-aa19-078b4cce8df1"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.2885ba54.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 13.51.46.84:80 · tarnobrzeg.simplyp.eu
2025-12-23 06:55
HTTP/1.1 404 Not Found Server: nginx/1.18.0 (Ubuntu) Date: Tue, 23 Dec 2025 06:55:09 GMT Content-Type: text/html Content-Length: 162 Connection: close Page title: 404 Not Found <html> <head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html>
Found 2025-12-23 by HttpPluginCreate report
-
Open service 13.51.46.84:443 · tarnobrzeg.simplyp.eu
2025-12-22 20:18
HTTP/1.1 200 Server: nginx/1.18.0 (Ubuntu) Date: Mon, 22 Dec 2025 20:18:33 GMT Content-Type: text/html;charset=utf-8 Content-Length: 1562 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, PUT, OPTIONS, POST, DELETE, HEAD, PATCH Access-Control-Allow-Headers: Content-Type, Accept, Remember-Me Access-Control-Max-Age: 3600 Access-Control-Expose-Headers: Remember-Me Set-Cookie: JSESSIONID=E7019A658B6D744D40ECD01CB0F3E305; Path=/; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-Frame-Options: DENY <!doctype html> <!-- This file is auto-generated by Vaadin. --> <html lang="en" class="notranslate" translate="no"> <head><script initial="">if (!('ResizeObserver' in window)) { window.location.search='v-r=oldbrowser';}</script><script initial="">window.Vaadin = window.Vaadin || {};window.Vaadin.TypeScript= {};</script><meta name="_csrf_parameter" content="_csrf"><meta name="_csrf_header" content="X-CSRF-TOKEN"><meta name="_csrf" content="5c3a6a43-876b-484d-8d9b-435558e8b2a6"><base href="."><script type="text/javascript">window.JSCompiler_renameProperty = function(a) { return a;}</script> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="google" content="notranslate"> <style> body, #outlet { height: 100vh; width: 100%; margin: 0; } </style> <!-- index.ts is included here automatically (either by the dev server or during the build) --> <script type="module" crossorigin src="./VAADIN/build/indexhtml.2885ba54.js"></script> <style>.v-reconnect-dialog,.v-system-error {position: absolute;color: black;background: white;top: 1em;right: 1em;border: 1px solid black;padding: 1em;z-index: 10000;max-width: calc(100vw - 4em);max-height: calc(100vh - 4em);overflow: auto;} .v-system-error {color: indianred;pointer-events: auto;} .v-system-error h3, .v-system-error b {color: red;}</style><style>[hidden] { display: none !important; }</style></head> <body> <!-- This outlet div is where the views are rendered --> <div id="outlet"></div> </body> </html>Found 2025-12-22 by HttpPluginCreate report