Domain crservice.io
Software information
cloudflare
tcp/443 tcp/80
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2025-09-10 01:37
Last seen 2025-09-20 20:30
Open for 10 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392ab640323741d4cac640e1bc2345fc0c75bFound 7 files trough .DS_Store spidering: /cloud_background.svg /css /favicon.ico /index.html /js /logo.svg /placeholder_background.svg
Found on 2025-09-20 20:30
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2025-09-10 01:37
Last seen 2025-09-20 20:30
Open for 10 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392ab640323741d4cac640e1bc2345fc0c75bFound 7 files trough .DS_Store spidering: /cloud_background.svg /css /favicon.ico /index.html /js /logo.svg /placeholder_background.svg
Found on 2025-09-20 20:30
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-10-14 03:21
Last seen 2026-01-02 08:06
Open for 80 days-
Severity: info
Fingerprint: 5733ddf49ff49cd151e75e4bda5048d645b72f967214c0363a7fbec45304b882Public Swagger UI/API detected at path: /v3/api-docs - sample paths: GET /locations/cantonById/{id} GET /locations/cantons GET /locations/cantonsByKey GET /locations/cantonsByName/{name} GET /locations/cantonsByProvinceId/{provinceId} GET /locations/cantonsByProvinceName/{provinceName} GET /locations/districtById/{id} GET /locations/districts GET /locations/districtsByCantonId/{cantonId} GET /locations/districtsByCantonName/{cantonName} GET /locations/districtsByKey GET /locations/districtsByName/{name} GET /locations/neighborhoods GET /locations/neighborhoodsByDistrictId/{districtId} GET /locations/neighborhoodsByDistrictName/{districtName} GET /locations/neighborhoodsById/{id} GET /locations/neighborhoodsByKey GET /locations/neighborhoodsByName/{name} GET /locations/path/{type}/{id} GET /locations/provinceById/{id} GET /locations/provinceByName/{name} GET /locations/provinces GET /locations/provincesByKey GET /locations/search GET /locations/searchWithPathFound on 2026-01-02 08:06
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2025-09-10 01:37
Last seen 2025-09-21 02:27
Open for 11 days-
Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392ab640323741d4cac640e1bc2345fc0c75bFound 7 files trough .DS_Store spidering: /cloud_background.svg /css /favicon.ico /index.html /js /logo.svg /placeholder_background.svg
Found on 2025-09-21 02:27
-
-
Open service 104.21.25.89:443 · crservice.io
2026-01-23 03:17
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 03:17:45 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: cloudflare Last-Modified: Mon, 22 Sep 2025 23:06:36 GMT Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BUu5FHHKW6dFscZAL6ZWCU51Rlett4TsRzn0F%2Bpvr0bVJrfskLEnpYYPUrO%2BRiJskpgtnF%2BXJa5E3JjkTaq8n0ET84A3uh1KHUWZMQ%3D%3D"}]} Accept-Ranges: bytes cf-cache-status: DYNAMIC CF-RAY: 9c2423cf3d1c64e8-FRA alt-svc: h3=":443"; ma=86400 Page title: CR Service API <!doctype html> <html lang="en"> <head> <meta charset="utf-8"/> <meta name="viewport" content="width=device-width,initial-scale=1"/> <title>CR Service API</title> <style> :root { --bg: #f7fafc; --card: #ffffff; --muted: #6b7280; --accent: #0f172a; --accent-2: #0ea5a4; } body { font-family: Inter, ui-sans-serif, system-ui; background: var(--bg); color: var(--accent); margin:0; padding:32px; } .container { max-width:900px; margin:0 auto; } .card { background: var(--card); border-radius:12px; padding:28px; box-shadow:0 6px 18px rgba(15,23,42,0.06); } h1 { margin:0 0 12px; font-size:32px; } p { line-height:1.6; color:#111827; } .cta { display:flex; flex-wrap:wrap; gap:12px; margin-top:18px; } a.button, button { display:inline-block; padding:10px 16px; border-radius:8px; text-decoration:none; font-weight:600; color:white; background:var(--accent-2); border:none; cursor:pointer; } button.secondary { background:#334155; } button:disabled { background:#a1a1aa; cursor:not-allowed; } footer { margin-top:22px; color:var(--muted); font-size:13px; } #apiKeyDisplay { margin-top:12px; font-weight:bold; } </style> </head> <body> <div class="container"> <div class="card"> <h1>CR Service API</h1> <p>Welcome to the <strong>CR Service API</strong> — a REST API providing programmatic access to Costa Rica's provinces, cantons, districts, and neighborhoods.</p> <p>Get started by reviewing our <a href="/swagger-ui/index.hmtl">API Documentation (Swagger)</a> or generating your API key below.</p> <div class="cta"> <a class="button" href="/swagger-ui/index.html">📘 Open API Docs</a> <a class="button secondary" href="/terms.html">📜 Terms & Conditions</a> </div> <h2 style="margin-top:24px;">🔑 Generate Your API Key</h2> <p>Select a plan to generate your API key:</p> <div class="cta"> <button onclick="generateKey('free')">Free Key</button> <button onclick="generateKey('extended')" disabled>Extended Key (Paid)</button> <button onclick="generateKey('unlimited')" disabled>Unlimited Key (Paid)</button> </div> <p id="apiKeyDisplay"></p> <footer> <p>© 2025 CR Service API. See <a href="/terms.html">Terms of Service</a>.</p> </footer> </div> </div> <script> async function generateKey(plan) { const display = document.getElementById('apiKeyDisplay'); display.textContent = 'Generating key...'; try { const response = await fetch(`/admin/generateApiKey?plan=${plan}`, { method: 'POST', headers: { 'Content-Type': 'application/json' } }); if (!response.ok) { const errorData = await response.json(); display.textContent = `Error: ${errorData.error || response.statusText}`; return; } const data = await response.json(); display.textContent = `Your API Key: ${data.apiKey}`; } catch (err) { display.textContent = `Error: ${err.message}`; } } </script> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 172.67.133.231:80 · crservice.io
2026-01-22 22:54
HTTP/1.1 301 Moved Permanently Date: Thu, 22 Jan 2026 22:54:23 GMT Content-Length: 0 Connection: close Location: https://crservice.io/ Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MEyRIeEb5vlJ6WBFDEHc7IbBChoNSrHesKhlmCR%2FtxVtoNz0Nyl79fgMVrTDwgUP%2BogIWtjnM4pgivW0MMB7YLo47nhj4wFf5vR%2FyQ%3D%3D"}]} Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Server: cloudflare CF-RAY: 9c22a2056b11ac3c-YYZ alt-svc: h3=":443"; ma=86400Found 2026-01-22 by HttpPluginCreate report
-
Open service 172.67.133.231:80 · crservice.io
2026-01-09 07:04
HTTP/1.1 301 Moved Permanently Date: Fri, 09 Jan 2026 07:04:21 GMT Content-Length: 0 Connection: close Location: https://crservice.io/ Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iinPYREwgXWggbrvofeO6cEnMwZ1m3ynpIUurtC2hvJYv9YgIEzbsbKILqS%2B6S0g7aEhYZ4zNsEd1E7DiR8F7K03tDyP1do1Gqtqrg%3D%3D"}]} Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Server: cloudflare CF-RAY: 9bb2147e79e51cbe-AMS alt-svc: h3=":443"; ma=86400Found 2026-01-09 by HttpPluginCreate report
-
Open service 172.67.133.231:80 · crservice.io
2026-01-02 08:06
HTTP/1.1 200 OK Date: Fri, 02 Jan 2026 08:06:21 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: cloudflare Last-Modified: Mon, 22 Sep 2025 23:06:36 GMT Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=g%2Fk0Y7guLZvNXPKFnZ4Qtp567Yxw8V9Oahe1CN5xJ6fPLTzjo6CeEiUQc5eaK2Q3e0Bs003%2FKyXsapJmK3axcNO1cQaUSxBZ%2BoRoVw%3D%3D"}]} Accept-Ranges: bytes cf-cache-status: DYNAMIC CF-RAY: 9b78c1ac887ad5a3-AMS alt-svc: h3=":443"; ma=86400 Page title: CR Service API <!doctype html> <html lang="en"> <head> <meta charset="utf-8"/> <meta name="viewport" content="width=device-width,initial-scale=1"/> <title>CR Service API</title> <style> :root { --bg: #f7fafc; --card: #ffffff; --muted: #6b7280; --accent: #0f172a; --accent-2: #0ea5a4; } body { font-family: Inter, ui-sans-serif, system-ui; background: var(--bg); color: var(--accent); margin:0; padding:32px; } .container { max-width:900px; margin:0 auto; } .card { background: var(--card); border-radius:12px; padding:28px; box-shadow:0 6px 18px rgba(15,23,42,0.06); } h1 { margin:0 0 12px; font-size:32px; } p { line-height:1.6; color:#111827; } .cta { display:flex; flex-wrap:wrap; gap:12px; margin-top:18px; } a.button, button { display:inline-block; padding:10px 16px; border-radius:8px; text-decoration:none; font-weight:600; color:white; background:var(--accent-2); border:none; cursor:pointer; } button.secondary { background:#334155; } button:disabled { background:#a1a1aa; cursor:not-allowed; } footer { margin-top:22px; color:var(--muted); font-size:13px; } #apiKeyDisplay { margin-top:12px; font-weight:bold; } </style> </head> <body> <div class="container"> <div class="card"> <h1>CR Service API</h1> <p>Welcome to the <strong>CR Service API</strong> — a REST API providing programmatic access to Costa Rica's provinces, cantons, districts, and neighborhoods.</p> <p>Get started by reviewing our <a href="/swagger-ui/index.hmtl">API Documentation (Swagger)</a> or generating your API key below.</p> <div class="cta"> <a class="button" href="/swagger-ui/index.html">📘 Open API Docs</a> <a class="button secondary" href="/terms.html">📜 Terms & Conditions</a> </div> <h2 style="margin-top:24px;">🔑 Generate Your API Key</h2> <p>Select a plan to generate your API key:</p> <div class="cta"> <button onclick="generateKey('free')">Free Key</button> <button onclick="generateKey('extended')" disabled>Extended Key (Paid)</button> <button onclick="generateKey('unlimited')" disabled>Unlimited Key (Paid)</button> </div> <p id="apiKeyDisplay"></p> <footer> <p>© 2025 CR Service API. See <a href="/terms.html">Terms of Service</a>.</p> </footer> </div> </div> <script> async function generateKey(plan) { const display = document.getElementById('apiKeyDisplay'); display.textContent = 'Generating key...'; try { const response = await fetch(`/admin/generateApiKey?plan=${plan}`, { method: 'POST', headers: { 'Content-Type': 'application/json' } }); if (!response.ok) { const errorData = await response.json(); display.textContent = `Error: ${errorData.error || response.statusText}`; return; } const data = await response.json(); display.textContent = `Your API Key: ${data.apiKey}`; } catch (err) { display.textContent = `Error: ${err.message}`; } } </script> </body> </html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 172.67.133.231:80 · crservice.io
2025-12-22 13:08
HTTP/1.1 200 OK Date: Mon, 22 Dec 2025 13:08:24 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Server: cloudflare Last-Modified: Mon, 22 Sep 2025 23:06:36 GMT Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jxOWAzIJHtP%2B0OZspjq%2BrhUKBgHHFzmQstZFo%2BLqvzps0T%2F3EQiMSKpjOW3m3ZBjgTAk3n7MC3IkU8xmj4U6s9xOG7VDgNlziX5r1g%3D%3D"}]} Accept-Ranges: bytes cf-cache-status: DYNAMIC CF-RAY: 9b1fd9051a50c542-LHR alt-svc: h3=":443"; ma=86400 Page title: CR Service API <!doctype html> <html lang="en"> <head> <meta charset="utf-8"/> <meta name="viewport" content="width=device-width,initial-scale=1"/> <title>CR Service API</title> <style> :root { --bg: #f7fafc; --card: #ffffff; --muted: #6b7280; --accent: #0f172a; --accent-2: #0ea5a4; } body { font-family: Inter, ui-sans-serif, system-ui; background: var(--bg); color: var(--accent); margin:0; padding:32px; } .container { max-width:900px; margin:0 auto; } .card { background: var(--card); border-radius:12px; padding:28px; box-shadow:0 6px 18px rgba(15,23,42,0.06); } h1 { margin:0 0 12px; font-size:32px; } p { line-height:1.6; color:#111827; } .cta { display:flex; flex-wrap:wrap; gap:12px; margin-top:18px; } a.button, button { display:inline-block; padding:10px 16px; border-radius:8px; text-decoration:none; font-weight:600; color:white; background:var(--accent-2); border:none; cursor:pointer; } button.secondary { background:#334155; } button:disabled { background:#a1a1aa; cursor:not-allowed; } footer { margin-top:22px; color:var(--muted); font-size:13px; } #apiKeyDisplay { margin-top:12px; font-weight:bold; } </style> </head> <body> <div class="container"> <div class="card"> <h1>CR Service API</h1> <p>Welcome to the <strong>CR Service API</strong> — a REST API providing programmatic access to Costa Rica's provinces, cantons, districts, and neighborhoods.</p> <p>Get started by reviewing our <a href="/swagger-ui/index.hmtl">API Documentation (Swagger)</a> or generating your API key below.</p> <div class="cta"> <a class="button" href="/swagger-ui/index.html">📘 Open API Docs</a> <a class="button secondary" href="/terms.html">📜 Terms & Conditions</a> </div> <h2 style="margin-top:24px;">🔑 Generate Your API Key</h2> <p>Select a plan to generate your API key:</p> <div class="cta"> <button onclick="generateKey('free')">Free Key</button> <button onclick="generateKey('extended')" disabled>Extended Key (Paid)</button> <button onclick="generateKey('unlimited')" disabled>Unlimited Key (Paid)</button> </div> <p id="apiKeyDisplay"></p> <footer> <p>© 2025 CR Service API. See <a href="/terms.html">Terms of Service</a>.</p> </footer> </div> </div> <script> async function generateKey(plan) { const display = document.getElementById('apiKeyDisplay'); display.textContent = 'Generating key...'; try { const response = await fetch(`/admin/generateApiKey?plan=${plan}`, { method: 'POST', headers: { 'Content-Type': 'application/json' } }); if (!response.ok) { const errorData = await response.json(); display.textContent = `Error: ${errorData.error || response.statusText}`; return; } const data = await response.json(); display.textContent = `Your API Key: ${data.apiKey}`; } catch (err) { display.textContent = `Error: ${err.message}`; } } </script> </body> </html>Found 2025-12-22 by HttpPluginCreate report