Host 13.37.87.119
France
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 13.37.87.119
Domain: harbor-stg-eu-west-3.ptsports.click
Port: 443
URL: https://harbor-stg-eu-west-3.ptsports.clickFirst seen 2026-01-04 22:14
Last seen 2026-02-02 00:14
Open for 28 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1b885ff43340c51c6930c093d70a6a2f3e498b2bbacbf2ab9Public Swagger UI/API detected at path: /swagger.json - sample paths: DELETE /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/labels/{label_id} DELETE /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/tags/{tag_name} GET /audit-logs GET /configurations GET /export/cve/download/{execution_id} GET /export/cve/execution/{execution_id} GET /export/cve/executions GET /health GET /icons/{digest} GET /internalconfig GET /jobservice/jobs/{job_id}/log GET /jobservice/pools GET /jobservice/pools/{pool_id}/workers GET /jobservice/queues GET /labels GET /labels/{label_id} GET /ldap/groups/search GET /ldap/users/search GET /p2p/preheat/instances GET /p2p/preheat/instances/{preheat_instance_name} GET /p2p/preheat/providers GET /ping GET /projects GET /projects/{project_name_or_id} GET /projects/{project_name_or_id}/_deletable GET /projects/{project_name_or_id}/immutabletagrules GET /projects/{project_name_or_id}/members GET /projects/{project_name_or_id}/members/{mid} GET /projects/{project_name_or_id}/metadatas/ GET /projects/{project_name_or_id}/metadatas/{meta_name} GET /projects/{project_name_or_id}/robots GET /projects/{project_name_or_id}/robots/{robot_id} GET /projects/{project_name_or_id}/scanner GET /projects/{project_name_or_id}/scanner/candidates GET /projects/{project_name_or_id}/summary GET /projects/{project_name_or_id}/webhook/events GET /projects/{project_name_or_id}/webhook/jobs GET /projects/{project_name_or_id}/webhook/lasttrigger GET /projects/{project_name_or_id}/webhook/policies GET /projects/{project_name_or_id}/webhook/policies/{webhook_policy_id} GET /projects/{project_name_or_id}/webhook/policies/{webhook_policy_id}/executions GET /projects/{project_name_or_id}/webhook/policies/{webhook_policy_id}/executions/{execution_id}/tasks GET /projects/{project_name_or_id}/webhook/policies/{webhook_policy_id}/executions/{execution_id}/tasks/{task_id}/log GET /projects/{project_name}/logs GET /projects/{project_name}/preheat/policies GET /projects/{project_name}/preheat/policies/{preheat_policy_name} GET /projects/{project_name}/preheat/policies/{preheat_policy_name}/executions GET /projects/{project_name}/preheat/policies/{preheat_policy_name}/executions/{execution_id} GET /projects/{project_name}/preheat/policies/{preheat_policy_name}/executions/{execution_id}/tasks GET /projects/{project_name}/preheat/policies/{preheat_policy_name}/executions/{execution_id}/tasks/{task_id}/logs GET /projects/{project_name}/preheat/providers GET /projects/{project_name}/repositories GET /projects/{project_name}/repositories/{repository_name} GET /projects/{project_name}/repositories/{repository_name}/artifacts GET /projects/{project_name}/repositories/{repository_name}/artifacts/{reference} GET /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/accessories GET /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/additions/vulnerabilities GET /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/additions/{addition} GET /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan/{report_id}/log GET /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/tags GET /quotas GET /quotas/{id} GET /registries GET /registries/{id} GET /registries/{id}/info GET /replication/adapterinfos GET /replication/adapters GET /replication/executions GET /replication/executions/{id} GET /replication/executions/{id}/tasks GET /replication/executions/{id}/tasks/{task_id}/log GET /replication/policies GET /replication/policies/{id} GET /repositories GET /retentions/metadatas GET /retentions/{id} GET /retentions/{id}/executions GET /retentions/{id}/executions/{eid}/tasks GET /retentions/{id}/executions/{eid}/tasks/{tid} GET /robots GET /robots/{robot_id} GET /scanners GET /scanners/{registration_id} GET /scanners/{registration_id}/metadata GET /scans/all/metrics GET /scans/schedule/metrics GET /schedules GET /schedules/{job_type}/paused GET /search GET /statistics GET /system/CVEAllowlist GET /system/gc GET /system/gc/schedule GET /system/gc/{gc_id} GET /system/gc/{gc_id}/log GET /system/purgeaudit GET /system/purgeaudit/schedule GET /system/purgeaudit/{purge_id} GET /system/purgeaudit/{purge_id}/log GET /system/scanAll/schedule GET /systeminfo GET /systeminfo/getcert GET /systeminfo/volumes GET /usergroups GET /usergroups/search GET /usergroups/{group_id} GET /users GET /users/current GET /users/current/permissions GET /users/search GET /users/{user_id} PATCH /retentions/{id}/executions/{eid} POST /export/cve POST /ldap/ping POST /ldap/users/import POST /p2p/preheat/instances/ping POST /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/labels POST /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan POST /projects/{project_name}/repositories/{repository_name}/artifacts/{reference}/scan/stop POST /registries/ping POST /retentions POST /scanners/ping POST /system/oidc/ping POST /system/scanAll/stop PUT /jobservice/jobs/{job_id} PUT /jobservice/queues/{job_type} PUT /projects/{project_name_or_id}/immutabletagrules/{immutable_rule_id} PUT /users/{user_id}/cli_secret PUT /users/{user_id}/password PUT /users/{user_id}/sysadminFound on 2026-02-02 00:14
-
-
Open service 13.37.87.119:80 · certification-placard-pt.ptstaging.eu
2026-01-23 11:02
HTTP/1.1 308 Permanent Redirect Date: Fri, 23 Jan 2026 11:02:23 GMT Content-Type: text/html Content-Length: 164 Connection: close Location: https://certification-placard-pt.ptstaging.eu Page title: 308 Permanent Redirect <html> <head><title>308 Permanent Redirect</title></head> <body> <center><h1>308 Permanent Redirect</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.37.87.119:443 · certification-placard-pt.ptstaging.eu
2026-01-23 11:02
HTTP/1.1 503 Service Temporarily Unavailable Date: Fri, 23 Jan 2026 11:02:22 GMT Content-Type: text/html Content-Length: 190 Connection: close Strict-Transport-Security: max-age=15724800; includeSubDomains Page title: 503 Service Temporarily Unavailable <html> <head><title>503 Service Temporarily Unavailable</title></head> <body> <center><h1>503 Service Temporarily Unavailable</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 13.37.87.119:443 · harbor-stg-eu-west-3.ptsports.click
2026-01-22 21:45
HTTP/1.1 200 OK Date: Thu, 22 Jan 2026 21:45:22 GMT Content-Type: text/html Content-Length: 785 Connection: close Last-Modified: Thu, 13 Apr 2023 10:05:16 GMT ETag: "6437d3dc-311" Cache-Control: no-store, no-cache, must-revalidate Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains Page title: Harbor <!DOCTYPE html> <html> <head> <meta charset="utf-8"/> <title>Harbor</title> <base href="/"/> <meta name="viewport" content="width=device-width, initial-scale=1"/> <link rel="icon" type="image/x-icon" href="favicon.ico?v=2"/> <link rel="stylesheet" href="styles.878b6852c9b5f5ec.css"></head> <body> <harbor-app> <div class="spinner spinner-lg app-loading app-loading-fixed"> Loading... </div> </harbor-app> <script src="runtime.885ac272e3eed538.js" type="module"></script><script src="polyfills.b51e06395e4620c9.js" type="module"></script><script src="scripts.67f785a8ff0b6aed.js" defer></script><script src="main.0ff1f6f81194ef30.js" type="module"></script></body> </html>Found 2026-01-22 by HttpPluginCreate report
-
Open service 13.37.87.119:443 · harbor-stg-eu-west-3.ptsports.click
2026-01-09 22:58
HTTP/1.1 200 OK Date: Fri, 09 Jan 2026 22:58:27 GMT Content-Type: text/html Content-Length: 785 Connection: close Last-Modified: Thu, 13 Apr 2023 10:05:16 GMT ETag: "6437d3dc-311" Cache-Control: no-store, no-cache, must-revalidate Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains Page title: Harbor <!DOCTYPE html> <html> <head> <meta charset="utf-8"/> <title>Harbor</title> <base href="/"/> <meta name="viewport" content="width=device-width, initial-scale=1"/> <link rel="icon" type="image/x-icon" href="favicon.ico?v=2"/> <link rel="stylesheet" href="styles.878b6852c9b5f5ec.css"></head> <body> <harbor-app> <div class="spinner spinner-lg app-loading app-loading-fixed"> Loading... </div> </harbor-app> <script src="runtime.885ac272e3eed538.js" type="module"></script><script src="polyfills.b51e06395e4620c9.js" type="module"></script><script src="scripts.67f785a8ff0b6aed.js" defer></script><script src="main.0ff1f6f81194ef30.js" type="module"></script></body> </html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 13.37.87.119:80 · cert-solverde-pt.ptstaging.eu
2026-01-05 07:47
HTTP/1.1 308 Permanent Redirect Date: Mon, 05 Jan 2026 07:47:44 GMT Content-Type: text/html Content-Length: 164 Connection: close Location: https://cert-solverde-pt.ptstaging.eu Page title: 308 Permanent Redirect <html> <head><title>308 Permanent Redirect</title></head> <body> <center><h1>308 Permanent Redirect</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 13.37.87.119:443 · cert-solverde-pt.ptstaging.eu
2026-01-05 07:47
HTTP/1.1 403 Forbidden Date: Mon, 05 Jan 2026 07:47:44 GMT Content-Type: text/html Content-Length: 146 Connection: close Strict-Transport-Security: max-age=15724800; includeSubDomains Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx</center> </body> </html>
Found 2026-01-05 by HttpPluginCreate report
-
Open service 13.37.87.119:443 · harbor-stg-eu-west-3.ptsports.click
2026-01-04 22:14
HTTP/1.1 200 OK Date: Sun, 04 Jan 2026 22:14:49 GMT Content-Type: text/html Content-Length: 785 Connection: close Last-Modified: Thu, 13 Apr 2023 10:05:16 GMT ETag: "6437d3dc-311" Cache-Control: no-store, no-cache, must-revalidate Accept-Ranges: bytes Strict-Transport-Security: max-age=15724800; includeSubDomains Page title: Harbor <!DOCTYPE html> <html> <head> <meta charset="utf-8"/> <title>Harbor</title> <base href="/"/> <meta name="viewport" content="width=device-width, initial-scale=1"/> <link rel="icon" type="image/x-icon" href="favicon.ico?v=2"/> <link rel="stylesheet" href="styles.878b6852c9b5f5ec.css"></head> <body> <harbor-app> <div class="spinner spinner-lg app-loading app-loading-fixed"> Loading... </div> </harbor-app> <script src="runtime.885ac272e3eed538.js" type="module"></script><script src="polyfills.b51e06395e4620c9.js" type="module"></script><script src="scripts.67f785a8ff0b6aed.js" defer></script><script src="main.0ff1f6f81194ef30.js" type="module"></script></body> </html>Found 2026-01-04 by HttpPluginCreate report
-
Open service 13.37.87.119:443 · certification-sportium-es.ptstaging.eu
2025-12-23 16:13
HTTP/1.1 403 Forbidden Date: Tue, 23 Dec 2025 16:13:03 GMT Content-Type: text/html Content-Length: 146 Connection: close Strict-Transport-Security: max-age=15724800; includeSubDomains Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-23 by HttpPluginCreate report
-
Open service 13.37.87.119:80 · certification-sportium-es.ptstaging.eu
2025-12-23 16:13
HTTP/1.1 308 Permanent Redirect Date: Tue, 23 Dec 2025 16:13:03 GMT Content-Type: text/html Content-Length: 164 Connection: close Location: https://certification-sportium-es.ptstaging.eu Page title: 308 Permanent Redirect <html> <head><title>308 Permanent Redirect</title></head> <body> <center><h1>308 Permanent Redirect</h1></center> <hr><center>nginx</center> </body> </html>
Found 2025-12-23 by HttpPluginCreate report