LeakIX - Host 20.49.104.17

Host 20.49.104.17

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Debian

Software information

Apache Apache

tcp/443 tcp/80

Apache Apache 2.4.65

tcp/443

Apache Apache 2.4.38

tcp/443

Kestrel Kestrel

tcp/443 tcp/80

TornadoServer 6.5.4

tcp/443

TornadoServer 6.5.2

tcp/443

WebServer

tcp/443

gunicorn

tcp/443 tcp/80

nginx nginx

tcp/443 tcp/80

nginx nginx 1.28.0

tcp/443

nginx nginx 1.29.4

tcp/443

nginx nginx 1.17.1

tcp/443

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: analytics-testqa.trugrid.com
Port: 443
URL: https://analytics-testqa.trugrid.com

First seen 2026-01-12 00:48
Last seen 2026-02-09 23:16
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354979a2a8aa7cf63f8161f49155b95f0f00f25ab975
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Report/rdp-connection-attempts
GET /api/Report/user-logins
POST /api/Report/delete
POST /api/Report/generate-rdp-connection-attempts
POST /api/Report/generate-user-logins
POST /api/Users/authentication
POST /api/Users/page-authentication
POST /api/Users/page-rdpattempts
POST /api/Users/rdpattempts
```
  Found on 2026-02-09 23:16
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: analytics-staging.trugrid.com
Port: 443
URL: https://analytics-staging.trugrid.com

First seen 2026-01-12 00:32
Last seen 2026-02-09 23:16
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354979a2a8aa7cf63f8161f49155b95f0f00f25ab975
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Report/rdp-connection-attempts
GET /api/Report/user-logins
POST /api/Report/delete
POST /api/Report/generate-rdp-connection-attempts
POST /api/Report/generate-user-logins
POST /api/Users/authentication
POST /api/Users/page-authentication
POST /api/Users/page-rdpattempts
POST /api/Users/rdpattempts
```
  Found on 2026-02-09 23:16
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: dashboard-api.meep.cloud
Port: 443
URL: https://dashboard-api.meep.cloud

First seen 2026-01-12 06:28
Last seen 2026-02-09 19:46
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad03549a52329a137d8f335e1dcf6e19bd5ca6984fb6664
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/local/{localId}/general/average-ticket
GET /api/local/{localId}/general/cashiers
GET /api/local/{localId}/general/cashless
GET /api/local/{localId}/general/financial-information
GET /api/local/{localId}/general/movements
GET /api/local/{localId}/general/pospaid
GET /api/local/{localId}/general/pre-recharger
GET /api/local/{localId}/general/table-rotation
GET /api/local/{localId}/general/ticket
GET /api/local/{localId}/general/top-categories
GET /api/local/{localId}/general/top-customers
GET /api/local/{localId}/general/top-operators
GET /api/local/{localId}/general/top-products
GET /version
```
  Found on 2026-02-09 19:46
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: ibametro.axhub-api.axion.ws
Port: 443
URL: https://ibametro.axhub-api.axion.ws

First seen 2026-01-12 05:48
Last seen 2026-02-09 18:05
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d6092e26c342aa2d9c4b2c74b71e0193006555043f0
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /api/v1/evento-equipamento
POST /api/v1/heartbeat-equipamento/ping/{codigoEquipamento}
POST /api/v1/infracao
POST /api/v1/passagem
POST /api/v1/teste-equipamento
POST /api/v2/infracao
```
  Found on 2026-02-09 18:05
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: invoice-gateway.meep.cloud
Port: 443
URL: https://invoice-gateway.meep.cloud

First seen 2026-01-12 19:51
Last seen 2026-02-09 17:58
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549856a96c7a04bac22376d7680420cfc398cb74725

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Companies/{companyId}/Invoices/{invoiceId}/Cancel
GET /api/Companies/All
GET /api/Companies/{CompanyId}/Tax
GET /api/Companies/{CompanyId}/Tax/Products
GET /api/Companies/{CompanyId}/Tax/Selects/BaseModeCalculationICMS
GET /api/Companies/{CompanyId}/Tax/Selects/BaseModeCalculationICMSST
GET /api/Companies/{CompanyId}/Tax/Selects/Cfop
GET /api/Companies/{CompanyId}/Tax/Selects/Cofins/TaxSituations
GET /api/Companies/{CompanyId}/Tax/Selects/Icms/Sources
GET /api/Companies/{CompanyId}/Tax/Selects/Icms/TaxSituations
GET /api/Companies/{CompanyId}/Tax/Selects/Ipi/TaxSituations
GET /api/Companies/{CompanyId}/Tax/Selects/Ncm
GET /api/Companies/{CompanyId}/Tax/Selects/Pis/TaxSituations
GET /api/Companies/{CompanyId}/Tax/Selects/States
GET /api/Companies/{CompanyId}/Tax/Selects/cstibscbs/Classifications
GET /api/Companies/{CompanyId}/Tax/{TaxId}
GET /api/Companies/{CompanyId}/UnitOfMeasurement
GET /api/Companies/{companyId}/Environment
GET /api/Companies/{companyId}/Invoices/{invoiceId}/History
GET /api/Companies/{companyId}/Invoices/{invoiceId}/Note
GET /api/Companies/{companyId}/Invoices/{invoiceId}/StatusHistory
GET /api/Companies/{companyId}/TaxFile
GET /api/Companies/{companyId}/{environment}
GET /api/Public/Companies/{CompanyId}/Tax
GET /api/Public/Companies/{CompanyId}/Tax/Products
GET /api/Public/Companies/{CompanyId}/Tax/Selects/BaseModeCalculationICMS
GET /api/Public/Companies/{CompanyId}/Tax/Selects/BaseModeCalculationICMSST
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Cfop
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Cofins/TaxSituations
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Icms/Sources
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Icms/TaxSituations
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Ipi/TaxSituations
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Ncm
GET /api/Public/Companies/{CompanyId}/Tax/Selects/Pis/TaxSituations
GET /api/Public/Companies/{CompanyId}/Tax/Selects/States
GET /api/Public/Companies/{CompanyId}/Tax/{TaxId}
GET /api/Public/Companies/{companyId}/Environment
GET /api/Public/Companies/{companyId}/TaxFile
GET /api/Public/Companies/{companyId}/{environment}
GET /version
POST /api/Companies
POST /api/Companies/ImportInvoiceConfigFromCsv
POST /api/Companies/User
POST /api/Companies/{CompanyId}/Tax/{TaxId}/Nfce/Test
POST /api/Companies/{CompanyId}/Tax/{TaxId}/Nfe/Test
POST /api/Companies/{companyId}/Certificate/Validate
POST /api/Companies/{companyId}/Invoices/{invoiceId}/Reprocess
POST /api/Companies/{companyId}/Invoices/{invoiceId}/SendEmail
POST /api/Companies/{companyId}/Invoices/{invoiceId}/UpdateTaxAndReprocess
POST /api/Companies/{companyId}/ShareForm
POST /api/Public/Companies/ImportInvoiceConfigFromCsv
POST /api/Public/Companies/{CompanyId}/Tax/{TaxId}/Nfce/Test
POST /api/Public/Companies/{CompanyId}/Tax/{TaxId}/Nfe/Test
POST /api/Public/Companies/{companyId}/Certificate/Validate
PUT /api/Companies/{companyId}
PUT /api/Public/Companies/{companyId}

Found on 2026-02-09 17:58

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: analytics-staging.trugrid.com
Port: 80
URL: http://analytics-staging.trugrid.com

First seen 2026-01-12 00:32
Last seen 2026-02-09 16:33
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354979a2a8aa7cf63f8161f49155b95f0f00f25ab975
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Report/rdp-connection-attempts
GET /api/Report/user-logins
POST /api/Report/delete
POST /api/Report/generate-rdp-connection-attempts
POST /api/Report/generate-user-logins
POST /api/Users/authentication
POST /api/Users/page-authentication
POST /api/Users/page-rdpattempts
POST /api/Users/rdpattempts
```
  Found on 2026-02-09 16:33
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: analytics-testqa.trugrid.com
Port: 80
URL: http://analytics-testqa.trugrid.com

First seen 2026-01-12 00:48
Last seen 2026-02-09 16:33
Open for 28 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354979a2a8aa7cf63f8161f49155b95f0f00f25ab975
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Report/rdp-connection-attempts
GET /api/Report/user-logins
POST /api/Report/delete
POST /api/Report/generate-rdp-connection-attempts
POST /api/Report/generate-user-logins
POST /api/Users/authentication
POST /api/Users/page-authentication
POST /api/Users/page-rdpattempts
POST /api/Users/rdpattempts
```
  Found on 2026-02-09 16:33
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: ws-staging.trugrid.com
Port: 443
URL: https://ws-staging.trugrid.com

First seen 2026-01-05 02:49
Last seen 2026-02-09 15:16
Open for 35 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354970982b48d41b5c2c4faafb952ce06c7465d69a08

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SecureConnectInstallationProcess/UninstallSecureConnect
DELETE /api/SecureConnectInstallationProcess/UninstallSecureConnect/{secureConnectId}
DELETE /api/SentryInstallationProcess/UninstallSentry
GET /HealthMonitor/Execute
GET /SentryHealthMonitor/NextCommand
GET /api/SentrySynchronization/AdvancedAppPublishingGroups
GET /error
POST /SecureConnectGateway/Execute
POST /SentryCommandsGateway/Execute
POST /api/SecureConnectInstallationProcess/UpdateSecureConnectVersion
POST /api/SecureConnectInstallationProcess/ValidateSecureConnectActivationCode
POST /api/SentryInstallationProcess/UpdateSentryVersion
POST /api/SentryInstallationProcess/ValidateSentry
POST /api/SentryInstallationProcess/ValidateSentryActivationCode
POST /api/SentrySynchronization/DomainActiveDirectoryStatus
POST /api/SentrySynchronization/DomainApplications
POST /api/SentrySynchronization/SendCommandResponse
POST /api/SentrySynchronization/SyncAddedAdResources
POST /api/SentrySynchronization/SyncAppsIcons

Found on 2026-02-09 15:16

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: payment-gateway-api.meep.cloud
Port: 443
URL: https://payment-gateway-api.meep.cloud

First seen 2026-01-14 03:11
Last seen 2026-02-02 12:58
Open for 19 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b733dcaf6953b6704a055701600b423022f6166f

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Subscriptions/cards/{subscriptionCardId}
GET /api/Payments
GET /api/Payments/{establishmentId}/{id}/meepServer
GET /api/Payments/{id}
GET /api/Subscriptions/{id}
GET /api/Subscriptions/{id}/cards
GET /api/banking/Pix/account/{accountId}
GET /api/banking/Pix/e2e/{endToEndId}
GET /api/banking/Pix/transaction/{transactionId}
GET /api/banking/accounts/{accountId}/balance
PATCH /api/Subscriptions/status
POST /api/Payments/capture
POST /api/Payments/card
POST /api/Payments/cdc/updateStatus
POST /api/Payments/cielo/updateStatus
POST /api/Payments/meepServer
POST /api/Payments/mercadoPago/subscription
POST /api/Payments/mercadoPago/updateStatus
POST /api/Payments/pix
POST /api/Payments/refunds
POST /api/Payments/subscription/default-card
POST /api/Payments/wallet
POST /api/Subscriptions
POST /api/Subscriptions/cards
POST /api/Subscriptions/migrate
POST /api/banking/Pix/bank-account
POST /api/banking/Pix/bank-account/batch
POST /api/banking/Pix/key
POST /api/banking/Pix/key/batch
POST /api/banking/Pix/sync-status
POST /api/banking/Pix/validate/bank-account
POST /api/banking/Pix/validate/key
POST /api/payers
POST /api/stripe/create-checkout-session
POST /api/stripe/payment-intent
POST /api/stripe/webhook
POST /api/wallets/apple/authorize-merchant
PUT /api/Payments/setSubscriptionId
PUT /api/Subscriptions/cards/{subscriptionCardId}/default
PUT /api/banking/Pix/key/{transactionId}

Found on 2026-02-02 12:58

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549b733dcaf6953b6705308cab5e86a1753bad4b538

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Subscriptions/cards/{subscriptionCardId}
GET /api/Payments
GET /api/Payments/{id}
GET /api/Payments/{id}/meepServer
GET /api/Subscriptions/{id}
GET /api/Subscriptions/{id}/cards
GET /api/banking/Pix/account/{accountId}
GET /api/banking/Pix/e2e/{endToEndId}
GET /api/banking/Pix/transaction/{transactionId}
GET /api/banking/accounts/{accountId}/balance
PATCH /api/Subscriptions/status
POST /api/Payments/capture
POST /api/Payments/card
POST /api/Payments/cdc/updateStatus
POST /api/Payments/cielo/updateStatus
POST /api/Payments/meepServer
POST /api/Payments/mercadoPago/subscription
POST /api/Payments/mercadoPago/updateStatus
POST /api/Payments/pix
POST /api/Payments/refunds
POST /api/Payments/subscription/default-card
POST /api/Payments/wallet
POST /api/Subscriptions
POST /api/Subscriptions/cards
POST /api/Subscriptions/migrate
POST /api/banking/Pix/bank-account
POST /api/banking/Pix/bank-account/batch
POST /api/banking/Pix/key
POST /api/banking/Pix/key/batch
POST /api/banking/Pix/sync-status
POST /api/banking/Pix/validate/bank-account
POST /api/banking/Pix/validate/key
POST /api/payers
POST /api/stripe/create-checkout-session
POST /api/stripe/payment-intent
POST /api/stripe/webhook
POST /api/wallets/apple/authorize-merchant
PUT /api/Payments/setSubscriptionId
PUT /api/Subscriptions/cards/{subscriptionCardId}/default
PUT /api/banking/Pix/key/{transactionId}

Found on 2026-01-14 03:11

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: lowesv2api.myhomeprojectcenter.com
Port: 443
URL: https://lowesv2api.myhomeprojectcenter.com

First seen 2026-01-12 15:02
Last seen 2026-02-02 12:41
Open for 20 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b3b735086bac7168f8b09bb8d4a0a5bcb467735

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /
GET /Auth/account-info
GET /Estimate/{estimateId}/estimate-pdf
GET /Estimate/{estimateId}/payment
GET /Feature/feature-flags
GET /Payment/confirmation
GET /Payment/history
GET /Project/customer-projects
GET /Project/payment-history
GET /WorkOrder/{id}
GET /WorkOrder/{id}/alerts
GET /WorkOrder/{id}/document-links
GET /WorkOrder/{id}/documents
GET /WorkOrder/{id}/estimates
GET /WorkOrder/{id}/finance-programs
GET /WorkOrder/{id}/get-application-url
GET /WorkOrder/{id}/next-actions
GET /WorkOrder/{id}/project-status
GET /WorkOrder/{workOrderId}/live-chat
GET /WorkOrder/{workOrderId}/widget-data
GET /WorkOrder/{workOrderId}/workorder-payment
GET /workorder/{id}/signDocumentLink
POST /Auth/exchange-token
POST /Auth/login
POST /Auth/password-reset-link
POST /Auth/refresh
POST /Auth/register
POST /Auth/set-password
POST /Estimate/{estimateId}/primary
POST /Estimate/{estimateId}/sale-pending
POST /WorkOrder/live-chat-session
POST /WorkOrder/{workOrderId}/survey
PUT /Auth/password
PUT /Auth/user-email
PUT /Auth/user-name
PUT /Auth/user-phone-number
PUT /Auth/user-preferred-language

Found on 2026-02-02 12:41

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: usea-01.engorch.svc.prod.converzai.com
Port: 443
URL: https://usea-01.engorch.svc.prod.converzai.com

First seen 2026-01-12 18:50
Last seen 2026-02-02 12:41
Open for 20 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b8815271def0815009f6b844a01882c96dc4e6d

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Monitoring/CancelMonitor
GET /api/Monitoring/AddPlatformEventWebhookHealthCheck
GET /api/Monitoring/AddScheduledCallMonitor
GET /api/Monitoring/CheckScheduledCall
GET /api/Monitoring/DeletePlatformEventWebhookHealthCheck
GET /api/Test
GET /api/Test/GetClientEngagementFirstContactOrchestrationSetting/{clientId}
POST /api/Email/SendJdEmailToCandidate
POST /api/InteractionV2/CancelScheduledEmail
POST /api/InteractionV2/CancelScheduledMessage
POST /api/OperationalDateTime/GetNextOperationalDateTime
POST /api/Reconciliation/AddCallNotes
POST /api/Reconciliation/AutoGeneratedCallFix
POST /api/Reconciliation/EmailFollowupLinkReconciliation
POST /api/Reconciliation/EmailFollowupReconcilation
POST /api/Reconciliation/FailedOutreachReconciliation
POST /api/Reconciliation/GetEmailsWithHydration
POST /api/Reconciliation/MissedOutreachReconciliation
POST /api/Reconciliation/PublishedInteractionReconciliation
POST /api/Reconciliation/RePublishCalls
POST /api/Reconciliation/RePublishEmails
POST /api/Reconciliation/RePublishSMSs
POST /api/Reconciliation/RePublishSMSsDueToServiceFailure
POST /api/Reconciliation/RePublishSMSsForJDTopupSMS
POST /api/Reconciliation/ReconcileAutoFollowUpAndClosureTasks
POST /api/Reconciliation/RemoveCachedEngagementLocks
POST /api/Reconciliation/SMSFollowupLinkReconciliation
POST /api/Reconciliation/SmsBotReconcilation
POST /api/Test/HandleCandidateEngagementMessage
POST /api/Test/InteractionCount
POST /api/Test/InteractionCountByDirectionStatusAndType
POST /api/Test/UpdateClientEngagementFirstContactOrchestrationSetting/{clientId}
POST /api/Test/UpdateOrchestratorMetaDataStatus

Found on 2026-02-02 12:41

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493b8815271def0815009f6b844a01882c55d1b9f1

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Monitoring/CancelMonitor
GET /api/Monitoring/AddPlatformEventWebhookHealthCheck
GET /api/Monitoring/AddScheduledCallMonitor
GET /api/Monitoring/CheckScheduledCall
GET /api/Monitoring/DeletePlatformEventWebhookHealthCheck
GET /api/Test
GET /api/Test/GetClientEngagementFirstContactOrchestrationSetting/{clientId}
POST /api/Email/SendJdEmailToCandidate
POST /api/InteractionV2/CancelScheduledEmail
POST /api/InteractionV2/CancelScheduledMessage
POST /api/OperationalDateTime/GetNextOperationalDateTime
POST /api/Reconciliation/AddCallNotes
POST /api/Reconciliation/AutoGeneratedCallFix
POST /api/Reconciliation/EmailFollowupLinkReconciliation
POST /api/Reconciliation/EmailFollowupReconcilation
POST /api/Reconciliation/FailedOutreachReconciliation
POST /api/Reconciliation/MissedOutreachReconciliation
POST /api/Reconciliation/PublishedInteractionReconciliation
POST /api/Reconciliation/RePublishCalls
POST /api/Reconciliation/RePublishEmails
POST /api/Reconciliation/RePublishSMSs
POST /api/Reconciliation/RePublishSMSsDueToServiceFailure
POST /api/Reconciliation/RePublishSMSsForJDTopupSMS
POST /api/Reconciliation/ReconcileAutoFollowUpAndClosureTasks
POST /api/Reconciliation/RemoveCachedEngagementLocks
POST /api/Reconciliation/SMSFollowupLinkReconciliation
POST /api/Reconciliation/SmsBotReconcilation
POST /api/Test/HandleCandidateEngagementMessage
POST /api/Test/InteractionCount
POST /api/Test/InteractionCountByDirectionStatusAndType
POST /api/Test/SendDncSMS
POST /api/Test/UpdateClientEngagementFirstContactOrchestrationSetting/{clientId}
POST /api/Test/UpdateOrchestratorMetaDataStatus

Found on 2026-01-17 01:31

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: crm-api.meep.cloud
Port: 443
URL: https://crm-api.meep.cloud

First seen 2025-12-21 21:02
Last seen 2026-02-02 03:17
Open for 42 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549c4a52aec57841b7a6ad08350e9ef89dd4acf3c57

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SavedFilters/{id}
DELETE /api/customerSurveys/delete/{id}
DELETE /api/customerSurveys/track/configuration/delete/{ownerId}/{id}
GET /api/Campaigns
GET /api/Campaigns/getAudienceByFilterBody/{campaignId}
GET /api/Campaigns/pushCampaigns
GET /api/Campaigns/{campaignId}/Customers
GET /api/Campaigns/{id}
GET /api/CustomerEvents/getCustomer
GET /api/CustomerEvents/{id}
GET /api/Customers
GET /api/Customers/{id}
GET /api/EventCategories
GET /api/Events
GET /api/Export/customer-report/excel
GET /api/Export/customer/csv
GET /api/Messages/email/totalReport
GET /api/Messages/status/{campaignId}
GET /api/Messages/totalReport
GET /api/Messages/{campaignId}
GET /api/Plans
GET /api/Plans/{id}
GET /api/SavedFilters
GET /api/SendConfigurations
GET /api/Signatures
GET /api/Signatures/current
GET /api/Signatures/{id}
GET /api/TicketCategories
GET /api/UniqueCustomerInfo/{id}
GET /api/customerSurveySpots/getLink/{ownerId}
GET /api/customerSurveySpots/owner/{ownerId}
GET /api/customerSurveySpots/{customerSurveySpotId}
GET /api/customerSurveys/get/{id}
GET /api/customerSurveys/getList/{ownerId}
GET /api/customerSurveys/syncWithTrack/{ownerId}
GET /api/customerSurveys/track/configuration/{ownerId}
GET /api/owner/{ownerId}/automations
GET /api/owner/{ownerId}/automations/{automationId}
GET /api/version
GET /api/whatsapp/configuration/{ownerId}
GET /api/whatsapp/disconnect/{ownerId}
GET /api/whatsapp/qrcode/{ownerId}
GET /api/whatsapp/status/{ownerId}
PATCH /api/owner/{ownerId}/automations/{automationId}/disable
PATCH /api/owner/{ownerId}/automations/{automationId}/enable
POST /api/Campaigns/create/{campaignId}
POST /api/Campaigns/finish/{campaignId}
POST /api/Campaigns/send/{campaignId}
POST /api/Campaigns/{campaignId}/approve
POST /api/Campaigns/{campaignId}/customers
POST /api/Campaigns/{campaignId}/reprove
POST /api/CustomerDevices/AddOrUpdate
POST /api/CustomerEvents
POST /api/CustomerEvents/external
POST /api/CustomerFidelityPlans
POST /api/Customers/external
POST /api/Jobs/ProcessCampaignAfterPayment
POST /api/Jobs/ProcessOnSessionClosedCampaign/{cashierId}
POST /api/Messages/resend/{campaignId}
POST /api/Messages/send/preview/{campaignId}
POST /api/Messages/send/{id}
POST /api/PushNotification/SendMessage/{document}
POST /api/SendConfigurations/sync/{ownerId}
POST /api/UniqueCustomerInfo
POST /api/Webhooks/email/status
POST /api/Webhooks/whatsapp/status
POST /api/customerSurveys/create
POST /api/customerSurveys/track/configuration/create
POST /api/customerSurveys/track/configuration/externalEvent
POST /api/whatsapp/configuration
POST /api/whatsapp/send-button-actions/{ownerId}
POST /api/whatsapp/send-link/{ownerId}
POST /api/whatsapp/send-text/{ownerId}
PUT /api/Campaigns/stopSend/{campaignId}
PUT /api/Messages/click/{id}
PUT /api/Messages/purchase/{id}
PUT /api/SendConfigurations/{id}
PUT /api/customerSurveySpots
PUT /api/customerSurveys/track/configuration/update
PUT /api/customerSurveys/update/{id}
PUT /api/whatsapp/configuration/{id}

Found on 2026-02-02 03:17

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: social-api.meep.cloud
Port: 443
URL: https://social-api.meep.cloud

First seen 2025-12-11 04:31
Last seen 2026-02-02 02:24
Open for 52 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035499e764f3633e67ace466447cf0c30fc5c0152a26b
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/Checkin/latest
GET /api/Local/checkIfLocalIsEnabled/{localId}
GET /api/ProfileTag/{code}
GET /api/User
GET /api/User/exists/{Id}
GET /api/User/{Id}
GET /api/UserInteraction/from
GET /api/UserInteraction/to
GET /api/UserInteraction/totalLikes
GET /api/UserInteraction/usersLikes
GET /api/UserInteraction/usersWhoLikeMe
GET /api/UserInteraction/{toUserId}
POST /api/ProfileTag
POST /api/User/CreateUser
POST /api/User/Sync
POST /api/UserInteraction/interact
```
  Found on 2026-02-02 02:24
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2025-12-26 20:54
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: auth-staging.trugrid.com
Port: 443
URL: https://auth-staging.trugrid.com

First seen 2025-12-21 08:52
Last seen 2026-02-02 02:00
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad0354910acc3bf10acc3bf10acc3bf10acc3bf10acc3bf
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
POST /token
```
  Found on 2026-02-02 02:00
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: beauth.begin.codes
Port: 443
URL: https://beauth.begin.codes

First seen 2026-01-11 14:29
Last seen 2026-02-02 00:23
Open for 21 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d609017135dc18cd074c18cd074c18cd074c18cd074
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
POST /identity-server/api-resource
POST /identity-server/client
```
  Found on 2026-02-02 00:23
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: relaystaging.trugrid.com
Port: 443
URL: https://relaystaging.trugrid.com

First seen 2026-01-05 02:48
Last seen 2026-02-02 00:11
Open for 27 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1aad035493ea24a50516eccb2b1e36b7eb1e36b7eb1e36b7e
```
Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/RelayInstancesConfiguration
POST /api/RelayInstanceStartReport
POST /api/RelayInstanceStatusReport
```
  Found on 2026-02-02 00:11
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: ws-testqa.trugrid.com
Port: 443
URL: https://ws-testqa.trugrid.com

First seen 2026-01-05 02:49
Last seen 2026-02-02 00:11
Open for 27 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354970982b48d41b5c2c4faafb952ce06c7465d69a08

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/SecureConnectInstallationProcess/UninstallSecureConnect
DELETE /api/SecureConnectInstallationProcess/UninstallSecureConnect/{secureConnectId}
DELETE /api/SentryInstallationProcess/UninstallSentry
GET /HealthMonitor/Execute
GET /SentryHealthMonitor/NextCommand
GET /api/SentrySynchronization/AdvancedAppPublishingGroups
GET /error
POST /SecureConnectGateway/Execute
POST /SentryCommandsGateway/Execute
POST /api/SecureConnectInstallationProcess/UpdateSecureConnectVersion
POST /api/SecureConnectInstallationProcess/ValidateSecureConnectActivationCode
POST /api/SentryInstallationProcess/UpdateSentryVersion
POST /api/SentryInstallationProcess/ValidateSentry
POST /api/SentryInstallationProcess/ValidateSentryActivationCode
POST /api/SentrySynchronization/DomainActiveDirectoryStatus
POST /api/SentrySynchronization/DomainApplications
POST /api/SentrySynchronization/SendCommandResponse
POST /api/SentrySynchronization/SyncAddedAdResources
POST /api/SentrySynchronization/SyncAppsIcons

Found on 2026-02-02 00:11

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: erp-api.meep.cloud
Port: 443
URL: https://erp-api.meep.cloud

First seen 2025-12-25 04:54
Last seen 2026-02-01 23:53
Open for 38 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035499cac4086380d3ebc36d8dd673a021d1ab168a9f2

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/Inventory/Patners/{id}
DELETE /api/financial/bank-accounts/delete
DELETE /api/{ownerId}/Inventories/InventorySupply/{inventorySupplyId}
DELETE /api/{ownerId}/Supplies/{id}
GET /api/Inventory/MeasurementUnit
GET /api/Inventory/MeasurementUnit/Default
GET /api/Inventory/MeasurementUnit/{id}
GET /api/Inventory/Operations
GET /api/Inventory/Operations/Names
GET /api/Inventory/Operations/{operationId}
GET /api/Inventory/Patners
GET /api/Inventory/Patners/Corporates/cnpj/{cnpj}
GET /api/Inventory/Patners/Corporates/{id}
GET /api/Inventory/Patners/Individuals/{id}
GET /api/Inventory/Patners/cep/{cep}
GET /api/Inventory/Patners/{partnerId}/BankAccounts
GET /api/Inventory/Patners/{partnerId}/BankAccounts/{bankAccountId}
GET /api/Inventory/SectorTypes
GET /api/Inventory/SectorTypes/{id}
GET /api/Inventory/StorageLocations
GET /api/Inventory/StorageLocations/Default
GET /api/Inventory/StorageLocations/{id}
GET /api/Inventory/SupplyGroups
GET /api/Inventory/SupplyGroups/Search/{keyword}
GET /api/Inventory/SupplyGroups/{id}
GET /api/Inventory/SupplyStocks
GET /api/Inventory/SupplyStocks/export/csv
GET /api/Inventory/SupplyStocks/export/pdf
GET /api/Inventory/SupplyStocks/movements
GET /api/Inventory/SupplyStocks/movements/export/csv
GET /api/Inventory/SupplyStocks/movements/export/pdf
GET /api/Inventory/SupplyStocks/storage-location/{storageLocationId}/supply/{supplyId}
GET /api/Inventory/SupplyStocks/storage-location/{storageLocationId}/supply/{supplyId}/cost
GET /api/Inventory/SupplyStocks/total-cost
GET /api/Inventory/SupplyTransfers
GET /api/Inventory/SupplyTransfers/storage-locations/destinations
GET /api/Inventory/SupplyTransfers/storage-locations/orgins
GET /api/Inventory/SupplyTransfers/supplies/already-transferred
GET /api/Inventory/SupplyTransfers/supplies/in-stock
GET /api/Inventory/SupplyTransfers/supplies/stock-details
GET /api/Inventory/SupplyTransfers/supplies/{id}/stocks
GET /api/Inventory/SupplyTransfers/{id}
GET /api/Invoices
GET /api/Invoices/{id}
GET /api/NFe/Configuration
GET /api/NFe/Summaries
GET /api/NFe/Summaries/{id}
GET /api/financial/bank-accounts
GET /api/financial/bank-accounts/{id}
GET /api/financial/bank-accounts/{id}/statement
GET /api/financial/classifications
GET /api/financial/classifications/{classificationId}
GET /api/financial/cost-centers
GET /api/financial/cost-centers/{costCenterId}
GET /api/financial/transactions
GET /api/financial/transactions/history
GET /api/financial/transactions/{transactionId}
GET /api/owner/HasStarted
GET /api/owner/entryInvoices
GET /api/production-orders
GET /api/production-orders/{id}
GET /api/{ownerId}/Configurations
GET /api/{ownerId}/DeviceProfiles/{deviceProfileId}
GET /api/{ownerId}/Inventories
GET /api/{ownerId}/Inventories/{inventoryId}
GET /api/{ownerId}/Inventories/{inventoryId}/export/csv
GET /api/{ownerId}/Inventories/{inventoryId}/export/pdf
GET /api/{ownerId}/Supplies
GET /api/{ownerId}/Supplies/byMeepProduct/{meepProductId}
GET /api/{ownerId}/Supplies/compositions/{supplyId}
GET /api/{ownerId}/Supplies/products
GET /api/{ownerId}/Supplies/supplyCosts/{Id}
GET /api/{ownerId}/Supplies/{Id}
GET /version
PATCH /api/Inventory/MeasurementUnit/{id}/Disable
PATCH /api/Inventory/MeasurementUnit/{id}/Enable
PATCH /api/Inventory/Patners/Corporates/{id}/Disable
PATCH /api/Inventory/Patners/Corporates/{id}/Enable
PATCH /api/Inventory/Patners/Individuals/{id}/Disable
PATCH /api/Inventory/Patners/Individuals/{id}/Enable
PATCH /api/Inventory/SectorTypes/{id}/Disable
PATCH /api/Inventory/SectorTypes/{id}/Enable
PATCH /api/Inventory/StorageLocations/{id}/Disable
PATCH /api/Inventory/StorageLocations/{id}/Enable
PATCH /api/Inventory/SupplyGroups/{id}/Disable
PATCH /api/Inventory/SupplyGroups/{id}/Enable
PATCH /api/financial/classifications/status
PATCH /api/financial/cost-centers/status
PATCH /api/{ownerId}/Inventories/{inventoryId}/Finish
PATCH /api/{ownerId}/Supplies/{id}/Disable
PATCH /api/{ownerId}/Supplies/{id}/Enable
POST /api/Inventory/Orders
POST /api/Inventory/Orders/Invoices
POST /api/Inventory/Orders/Reprocess
POST /api/Inventory/Orders/Reserve
POST /api/Inventory/Patners/Corporates
POST /api/Inventory/Patners/Individuals
POST /api/Inventory/SupplyStocks/inventory/{inventoryId}/cancel
POST /api/Inventory/SupplyStocks/invoice/{invoiceId}
POST /api/NFe/Configure
POST /api/NFe/Distribute
POST /api/NFe/Distributions/{id}/Process
POST /api/financial/transactions/from-order
POST /api/{ownerId}/Supplies/batch
POST /api/{ownerId}/Supplies/conversions
POST /api/{ownerId}/Supplies/import-products
POST /api/{ownerId}/Supplies/import-supplies
POST /api/{ownerId}/Supplies/multiple
PUT /api/financial/transactions/conciliation
PUT /api/{ownerId}/Supplies/RenameByMeepProduct
PUT /api/{ownerId}/Supplies/{supplyId}

Found on 2026-02-01 23:53

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: device-configuration-api.meep.cloud
Port: 443
URL: https://device-configuration-api.meep.cloud

First seen 2026-01-13 23:41
Last seen 2026-01-23 11:11
Open for 9 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad0354978dace0f7923117446d112aad816badc6f6bc408

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/locals/{localId}/profiles/type/{type}/custom-payment
GET /api/locals/{localId}/activities
GET /api/locals/{localId}/configuration
GET /api/locals/{localId}/configuration/events
GET /api/locals/{localId}/configuration/legacy
GET /api/locals/{localId}/devices
GET /api/locals/{localId}/devices/event-devices
GET /api/locals/{localId}/devices/export
GET /api/locals/{localId}/devices/links/{code}
GET /api/locals/{localId}/devices/{deviceId}
GET /api/locals/{localId}/devices/{deviceId}/productList
GET /api/locals/{localId}/devices/{deviceId}/profile
GET /api/locals/{localId}/devices/{deviceId}/profile/aggregates
GET /api/locals/{localId}/devices/{deviceId}/profileFromLegacy/aggregates
GET /api/locals/{localId}/devices/{deviceId}/{linkType}/profileFromLegacy/aggregates
GET /api/locals/{localId}/profiles
GET /api/locals/{localId}/profiles/byDeviceId/{deviceID}
GET /api/locals/{localId}/profiles/getByReceiptPrinterSectorId/{receiptPrinterSectorId}
GET /api/locals/{localId}/profiles/{profileId}
GET /api/locals/{localId}/profiles/{profileId}/custom-payment
GET /api/locals/{localId}/profiles/{profileId}/operation/discount-enabled
GET /api/locals/{localId}/simplePos
GET /api/locals/{localId}/simplePos/device
GET /api/locals/{localId}/simplePos/device/{deviceId}
GET /api/locals/{localId}/simplePos/legacyConfig
GET /api/locals/{localId}/terminal/createDefaultProfiles
GET /api/locals/{localId}/terminal/device/{deviceId}/navigatorSession/{navigatorSessionId}
GET /api/locals/{localId}/terminal/getAllDevicesWithTerminalProfile
GET /api/locals/{localId}/terminal/navigatorSolicitations
PATCH /api/locals/{localId}/terminal/updateTerminalConfig
POST /api/locals/terminal/createDefaultProfiles
POST /api/locals/{localId}/devices/import
POST /api/locals/{localId}/devices/import-file
POST /api/locals/{localId}/devices/links
POST /api/locals/{localId}/profiles/default-profile/{operationType}
POST /api/locals/{localId}/profiles/{profileId}/duplicate
POST /api/locals/{localId}/profiles/{profileId}/set-default
POST /api/locals/{localId}/terminal/addTerminalProfile
POST /api/locals/{localId}/terminal/approve
POST /api/locals/{localId}/terminal/closeSession
POST /api/locals/{localId}/terminal/refuse
POST /api/locals/{localId}/terminal/refuse/all
PUT /api/locals/{localId}/configuration/devices
PUT /api/locals/{localId}/devices/remove-profile
PUT /api/locals/{localId}/devices/{deviceId}/state
PUT /api/locals/{localId}/profiles/updateAllProfilesWithReceiptPrinterSectorId/{receiptPrinterSectorId}
PUT /api/locals/{localId}/profiles/updateByReceiptPrinterSectorId
PUT /api/locals/{localId}/profiles/{profileId}/catalogs
PUT /api/locals/{localId}/profiles/{profileId}/cielo-acquirer-configuration
PUT /api/locals/{localId}/profiles/{profileId}/devices
PUT /api/locals/{localId}/profiles/{profileId}/disable
PUT /api/locals/{localId}/profiles/{profileId}/enable
PUT /api/locals/{localId}/profiles/{profileId}/environments
PUT /api/locals/{localId}/profiles/{profileId}/general
PUT /api/locals/{localId}/profiles/{profileId}/inter-acquirer-configuration
PUT /api/locals/{localId}/profiles/{profileId}/invoice
PUT /api/locals/{localId}/profiles/{profileId}/operation
PUT /api/locals/{localId}/profiles/{profileId}/operation/methods
PUT /api/locals/{localId}/profiles/{profileId}/operators
PUT /api/locals/{localId}/profiles/{profileId}/pagseguro-acquirer-configuration
PUT /api/locals/{localId}/profiles/{profileId}/payment
PUT /api/locals/{localId}/profiles/{profileId}/printer
PUT /api/locals/{localId}/profiles/{profileId}/products
PUT /api/locals/{localId}/profiles/{profileId}/stone-acquirer-configuration
PUT /api/locals/{localId}/profiles/{profileId}/terminal
PUT /api/locals/{localId}/profiles/{profileId}/usability
PUT /api/locals/{localId}/profiles/{profileId}/user-interface
PUT /api/locals/{localId}/simplePos/{simplePosId}

Found on 2026-01-23 11:11

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: iot-staging.trugrid.com
Port: 443
URL: https://iot-staging.trugrid.com

First seen 2025-12-11 06:44
Last seen 2026-01-23 00:45
Open for 42 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-23 00:45
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: dynamicmenu-api.meep.cloud
Port: 443
URL: https://dynamicmenu-api.meep.cloud

First seen 2026-01-10 10:57
Last seen 2026-01-16 15:21
Open for 6 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60d3e71309a752f75516154e81bd7b3563cc50dfc0
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/PageWizard/{id}
GET /api/Menu/AccessHistory
GET /api/Menu/Favorite
GET /api/Menu/Permissions
GET /api/Menu/PermissionsMenuTree
GET /api/Menu/SearchByKeyword
GET /api/Menu/UpdateMenusPermission
GET /api/Menu/configuration/{configurationId}
GET /api/Menu/{menuId}/detail
GET /api/Menu/{positionType}
GET /api/MenuConfiguration
GET /api/MenuConfiguration/SystemIdentifiers
GET /api/MenuConfiguration/{menuConfigurationId}
GET /api/PageWizard
GET /api/PageWizard/{menuId}
POST /api/Menu
POST /api/Menu/Activity
POST /api/PageWizard/activity/{pageWizardId}
PUT /api/Menu/ChangeMenuOrder
```
  Found on 2026-01-16 15:21
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: iam.dev.sentrymgt.com
Port: 443
URL: https://iam.dev.sentrymgt.com

First seen 2026-01-11 11:49
Last seen 2026-01-16 14:46
Open for 5 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-16 14:46
Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: ca-api.meep.cloud
Port: 443
URL: https://ca-api.meep.cloud

First seen 2026-01-11 14:29
Last seen 2026-01-16 14:43
Open for 5 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035490be141d614cfc7e330f5f3e764d4ad202b84e20d

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
GET /api/CartaoCashlessDispositivo/dispositivo/{localid}/comandas
GET /api/CartaoCashlessDispositivo/dispositivo/{localid}/comandas/{tipoComanda}
GET /api/CommandEletronic/Extract/Account/{tag}/Store/{localId}
GET /api/CommandEletronic/Flow
POST /api/Account/Get
POST /api/Account/GetItems
POST /api/Account/TriggerCloseEvent
POST /api/CartaoCashlessDispositivo/CreateCard
POST /api/CartaoCashlessDispositivo/abortarfechamento
POST /api/CartaoCashlessDispositivo/iniciarfechamento
POST /api/CommandEletronic/CancelOrderItem
POST /api/CommandEletronic/CancelPayAccount
POST /api/CommandEletronic/CloseAccount
POST /api/CommandEletronic/ConsumeOrder
POST /api/CommandEletronic/Get
POST /api/CommandEletronic/OpenAccount
POST /api/CommandEletronic/PayAccount
POST /api/CommandEletronic/TransferAccounts
POST /api/CommandEletronic/TransferOrderItem
POST /api/CommandEletronic/ValidatePaymentAccount

Found on 2026-01-16 14:43

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: fidelity-api.meep.cloud
Port: 443
URL: https://fidelity-api.meep.cloud

First seen 2026-01-11 16:56
Last seen 2026-01-16 14:41
Open for 4 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad035493a76e1a213d9f969444c42f2061cff00dd022e15

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/fidelity-product/fidelity/{fidelityId}/product/{productId}
GET /
GET /api/customers/change-histories
GET /api/customers/coins-conversion-to-brl
GET /api/customers/details
GET /api/customers/summaries
GET /api/fidelity-balance/coins
GET /api/fidelity-balance/points
GET /api/fidelity-plans/byCustomerDocument
GET /api/fidelity-product/byFidelityId/{fidelityId}
GET /api/fidelity/owner/{ownerId}/hierarchy
GET /api/fidelity/{fidelityId}
GET /api/fidelity/{fidelityId}/customers
GET /api/payments/get-reservation-by-orderid
GET /api/payments/get-reservation-pending
POST /api/fidelity-product/owner/{ownerId}
POST /api/fidelity/events/score/frequency
POST /api/fidelity/events/score/payment
POST /api/fidelity/events/score/refund
POST /api/fidelity/owner/{ownerId}
POST /api/fidelity/owner/{ownerId}/linking
POST /api/payments/cancel-reservation
POST /api/payments/confirm-reservation
POST /api/payments/create-reservation
POST /api/payments/customer-coins
PUT /api/fidelity-product/owner/{ownerId}/fidelity/{fidelityId}
PUT /api/fidelity-product/{fidelityId}

Found on 2026-01-16 14:41

Severity: info
Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
Found on 2026-01-11 16:56

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: plans-api.meep.cloud
Port: 443
URL: https://plans-api.meep.cloud

First seen 2025-12-13 18:50
Last seen 2026-01-16 14:40
Open for 33 days

Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549fccdac2704b79edb41531f26d6bbbbf5f47e6338

Public Swagger UI/API detected at path: /swagger/index.html - sample paths:
DELETE /api/devices/solicitations/{id}
DELETE /api/features/{featureId}
DELETE /api/paymentSubscriptions/cards/{cardId}
GET /api/coupons/code/{code}
GET /api/coupons/validate/{code}
GET /api/coupons/{id}
GET /api/devices/solicitations
GET /api/devices/solicitations/owner/{ownerId}/pending
GET /api/devices/solicitations/owner/{ownerId}/statuses
GET /api/features/additional
GET /api/features/additional/powerbi
GET /api/features/additional/powerbi/owner/{ownerId}/change-histories
GET /api/gestao/invoice/nfce
GET /api/invoices/payments
GET /api/invoices/status
GET /api/locals
GET /api/locals/saas
GET /api/locals/{localId}/uses-new-complement-groups
GET /api/onboardings
GET /api/onboardings/{onboardingId}
GET /api/paymentSubscriptions/owner/{ownerId}
GET /api/paymentSubscriptions/owner/{ownerId}/active
GET /api/paymentSubscriptions/owner/{ownerId}/current
GET /api/paymentSubscriptions/{id}/cards
GET /api/payments
GET /api/payments/owner/{ownerId}/change-histories
GET /api/payments/owner/{ownerId}/pix/pending
GET /api/payments/owner/{ownerId}/status
GET /api/payments/solicitations
GET /api/payments/{paymentId}
GET /api/plans
GET /api/plans/categories/{categoryId}/plans
GET /api/plans/{planId}
GET /api/prospects/{prospectId}
GET /api/prospects/{prospectId}/pix/pending
GET /api/subscriptions/downgrade
GET /api/subscriptions/owner/{ownerId}
GET /api/subscriptions/owner/{ownerId}/change-histories
GET /api/subscriptions/owner/{ownerId}/status
GET /api/subscriptions/saas/devices/get-total-licenses
GET /api/v2/prospects/{prospectId}
GET /api/v2/prospects/{prospectId}/pix/pending
GET /api/version
PATCH /api/subscriptions/sign-feature/status
PATCH /api/subscriptions/sign-plan/status
POST /api/backoffice/plan/local/licenses
POST /api/backoffice/plan/subscription
POST /api/backoffice/plan/subscription/trial
POST /api/coupons
POST /api/coupons/{id}/cancel
POST /api/features
POST /api/feedbacks
POST /api/gestao/proposal/cancel
POST /api/gestao/proposal/change-plan
POST /api/gestao/proposal/create
POST /api/gestao/proposal/create-nonimported
POST /api/invoices/checkout
POST /api/invoices/payments/pix/callback
POST /api/invoices/pix/checkout
POST /api/leads
POST /api/leads/webhook
POST /api/locals/{localId}/notify/make
POST /api/locals/{localId}/products/generate-small-thumbnails
POST /api/onboardings/restart/{localId}
POST /api/paymentSubscriptions
POST /api/payments/disableOnlinePaymentStatus
POST /api/payments/enableOnlinePaymentStatus
POST /api/payments/saas/pix/callback
POST /api/payments/saas/pix/renew/callback
POST /api/plans/categories
POST /api/prospects
POST /api/prospects/basic
POST /api/prospects/basic/cielo
POST /api/prospects/basic/validate-code
POST /api/prospects/meep-user/{prospectType}
POST /api/prospects/payments/pix/callback
POST /api/prospects/resend-validation-code
POST /api/prospects/validate-code
POST /api/prospects/{prospectId}/basic/establishment
POST /api/prospects/{prospectId}/checkout
POST /api/prospects/{prospectId}/checkout/cielo
POST /api/prospects/{prospectId}/checkout/cielo/establishment
POST /api/prospects/{prospectId}/checkout/cielo/event
POST /api/prospects/{prospectId}/checkout/free-trial
POST /api/prospects/{prospectId}/pix/checkout
POST /api/prospects/{prospectId}/pix/checkout/cielo/establishment
POST /api/prospects/{prospectId}/pix/checkout/cielo/event
POST /api/subscriptions
POST /api/subscriptions/additional-features
POST /api/subscriptions/saas-checkout
POST /api/subscriptions/saas-checkout/pix
POST /api/subscriptions/saas-checkout/pix/renew
POST /api/subscriptions/saas/change-plan
POST /api/subscriptions/saas/change-plan/add-external-pos
POST /api/unsubscribe
POST /api/v2/prospects
POST /api/v2/prospects/payments/pix/callback
POST /api/v2/prospects/resend-validation-code
POST /api/v2/prospects/validate-code
POST /api/v2/prospects/{prospectId}/business-profile
POST /api/v2/prospects/{prospectId}/checkout
POST /api/v2/prospects/{prospectId}/notify/make
PUT /api/backoffice/plan/local/type
PUT /api/backoffice/plan/price
PUT /api/devices/solicitations/{id}/approve
PUT /api/devices/solicitations/{id}/complete
PUT /api/devices/solicitations/{id}/import
PUT /api/features/additional/powerbi/owner/{ownerId}
PUT /api/features/additional/{additionalFeatureId}/plans/{planId}
PUT /api/features/{featureId}/plans/{planId}
PUT /api/locals/{localId}
PUT /api/locals/{localId}/accept-invoice-charges
PUT /api/locals/{localId}/accept-new-terms
PUT /api/paymentSubscriptions/cards/{cardId}/default
PUT /api/paymentSubscriptions/{subscriptionId}/activate
PUT /api/paymentSubscriptions/{subscriptionId}/cancel
PUT /api/payments/{paymentId}/pix/cancel-pending
PUT /api/prospects/{prospectId}/affiliate
PUT /api/prospects/{prospectId}/delivery/address
PUT /api/prospects/{prospectId}/local
PUT /api/prospects/{prospectId}/local/address
PUT /api/prospects/{prospectId}/profile
PUT /api/users

Found on 2026-01-16 14:40

Create report

Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: menu-api.meep.cloud
Port: 443
URL: https://menu-api.meep.cloud

First seen 2026-01-12 06:24
Last seen 2026-01-16 14:27
Open for 4 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd1f3d88d60d3e71309a752f75516154e81bd7b3563cc50dfc0
```
Public Swagger UI/API detected at path: /swagger/v1/swagger.json - sample paths:
DELETE /api/PageWizard/{id}
GET /api/Menu/AccessHistory
GET /api/Menu/Favorite
GET /api/Menu/Permissions
GET /api/Menu/PermissionsMenuTree
GET /api/Menu/SearchByKeyword
GET /api/Menu/UpdateMenusPermission
GET /api/Menu/configuration/{configurationId}
GET /api/Menu/{menuId}/detail
GET /api/Menu/{positionType}
GET /api/MenuConfiguration
GET /api/MenuConfiguration/SystemIdentifiers
GET /api/MenuConfiguration/{menuConfigurationId}
GET /api/PageWizard
GET /api/PageWizard/{menuId}
POST /api/Menu
POST /api/Menu/Activity
POST /api/PageWizard/activity/{pageWizardId}
PUT /api/Menu/ChangeMenuOrder
```
  Found on 2026-01-16 14:27
Create report
Swagger API description is publicly available

Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.

Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.

While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.

IP: 20.49.104.17
Domain: iot-testqa.trugrid.com
Port: 443
URL: https://iot-testqa.trugrid.com

First seen 2025-12-10 03:23
Last seen 2026-01-16 04:18
Open for 37 days
- Severity: info
  Fingerprint: 5733ddf49ff49cd12ec8532c2ec8532c2ec8532c2ec8532c2ec8532c2ec8532c
```
Public Swagger UI/API detected at path: /swagger/index.html
```
  Found on 2026-01-16 04:18
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.rbeenergia.com.br
Port: 443
URL: https://www.rbeenergia.com.br

First seen 2022-11-06 19:46
Last seen 2025-03-05 11:47
Open for 849 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2025-03-05 11:47
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: hubcolmeia.com.br
Port: 443
URL: https://hubcolmeia.com.br

First seen 2022-09-27 16:46
Last seen 2025-03-05 11:46
Open for 889 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a13d7a60ea8737adaecdc20153ae89ad5

Found 19 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes

Found on 2025-03-05 11:46

Severity: low
Fingerprint: 5f32cf5d6962f09c87f05b7087f05b701b2ee1cc6de86b083fda6bff1fd5e08b

Found 26 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2025-02-08 08:50

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b4f37b47b8cccee20480b1f7f3d4adb922

Found 40 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/plugins/advanced-custom-fields-pro
/wp-content/plugins/amazon-s3-and-cloudfront
/wp-content/plugins/contact-form-7
/wp-content/plugins/elementor
/wp-content/plugins/pods
/wp-content/plugins/redirection
/wp-content/plugins/restricted-site-access
/wp-content/plugins/safe-svg
/wp-content/plugins/simple-custom-post-order
/wp-content/plugins/smtp-mailer
/wp-content/plugins/wordfence
/wp-content/plugins/wordpress-importer
/wp-content/plugins/wordpress-seo
/wp-content/plugins/wp-super-cache
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2025-01-10 19:35

Severity: low
Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772219d0286f69c7c227dab4c1da9946e9b

Found 11 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes

Found on 2023-02-28 02:34

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: rbenergia.com.br
Port: 443
URL: https://rbenergia.com.br

First seen 2022-09-10 16:45
Last seen 2025-03-05 02:50
Open for 906 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2025-03-05 02:50
- Severity: low
  Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcd21ccb00e64d93875d16cacd02e59c85
```
Found 22 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2022-09-10 16:45
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: rbeenergia.com.br
Port: 443
URL: https://rbeenergia.com.br

First seen 2022-11-06 01:22
Last seen 2025-03-05 00:40
Open for 849 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2025-03-05 00:40
- Severity: low
  Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcd21ccb00e64d93875d16cacd02e59c85
```
Found 22 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2022-11-06 01:22
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.rbenergia.com.br
Port: 443
URL: https://www.rbenergia.com.br

First seen 2023-01-25 22:43
Last seen 2025-03-04 18:55
Open for 768 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2025-03-04 18:55
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.hubcolmeia.com.br
Port: 443
URL: https://www.hubcolmeia.com.br

First seen 2022-08-28 19:05
Last seen 2025-03-04 16:06
Open for 918 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a13d7a60ea8737adaecdc20153ae89ad5
```
Found 19 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes
```
  Found on 2025-03-04 16:06
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: ciserrbe.brivia.com.br
Port: 443
URL: https://ciserrbe.brivia.com.br

First seen 2022-12-29 19:31
Last seen 2025-03-04 14:55
Open for 795 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2025-03-04 14:55
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: cisercolmeia.brivia.com.br
Port: 443
URL: https://cisercolmeia.brivia.com.br

First seen 2022-12-29 18:09
Last seen 2025-03-04 11:57
Open for 795 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a13d7a60ea8737adaecdc20153ae89ad5

Found 19 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes

Found on 2025-03-04 11:57

Severity: low
Fingerprint: 5f32cf5d6962f09c87f05b7087f05b701b2ee1cc6de86b083fda6bff1fd5e08b

Found 26 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2025-02-08 16:00

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b4f37b47b8cccee20480b1f7f3d4adb922

Found 40 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/plugins/advanced-custom-fields-pro
/wp-content/plugins/amazon-s3-and-cloudfront
/wp-content/plugins/contact-form-7
/wp-content/plugins/elementor
/wp-content/plugins/pods
/wp-content/plugins/redirection
/wp-content/plugins/restricted-site-access
/wp-content/plugins/safe-svg
/wp-content/plugins/simple-custom-post-order
/wp-content/plugins/smtp-mailer
/wp-content/plugins/wordfence
/wp-content/plugins/wordpress-importer
/wp-content/plugins/wordpress-seo
/wp-content/plugins/wp-super-cache
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2025-01-16 09:22

Severity: low
Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772219d0286f69c7c227dab4c1da9946e9b

Found 11 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes

Found on 2022-12-29 18:09

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.hubcolmeia.com.br
Port: 80
URL: http://www.hubcolmeia.com.br

First seen 2022-08-28 19:05
Last seen 2025-02-04 06:07
Open for 890 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a13d7a60ea8737adaecdc20153ae89ad5

Found 19 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes

Found on 2025-02-04 06:07

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b4f37b47b8cccee20480b1f7f3d4adb922

Found 40 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/plugins/advanced-custom-fields-pro
/wp-content/plugins/amazon-s3-and-cloudfront
/wp-content/plugins/contact-form-7
/wp-content/plugins/elementor
/wp-content/plugins/pods
/wp-content/plugins/redirection
/wp-content/plugins/restricted-site-access
/wp-content/plugins/safe-svg
/wp-content/plugins/simple-custom-post-order
/wp-content/plugins/smtp-mailer
/wp-content/plugins/wordfence
/wp-content/plugins/wordpress-importer
/wp-content/plugins/wordpress-seo
/wp-content/plugins/wp-super-cache
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2024-10-24 14:14

Severity: low
Fingerprint: 5f32cf5d6962f09c87f05b7087f05b701b2ee1cc6de86b083fda6bff1fd5e08b

Found 26 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2024-10-18 14:27

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: hubcolmeia.com.br
Port: 80
URL: http://hubcolmeia.com.br

First seen 2022-09-27 16:46
Last seen 2025-01-28 05:18
Open for 853 days

Severity: low
Fingerprint: 5f32cf5d6962f09cdc57c57adc57c57a13d7a60ea8737adaecdc20153ae89ad5

Found 19 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-includes

Found on 2025-01-28 05:18

Severity: low
Fingerprint: 5f32cf5d6962f09c87f05b7087f05b701b2ee1cc6de86b083fda6bff1fd5e08b

Found 26 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2025-01-02 05:42

Severity: medium
Fingerprint: 5f32cf5d6962f09c778888b4778888b4f37b47b8cccee20480b1f7f3d4adb922

Found 40 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/languages/plugins
/wp-content/languages/themes
/wp-content/plugins
/wp-content/plugins/advanced-custom-fields-pro
/wp-content/plugins/amazon-s3-and-cloudfront
/wp-content/plugins/contact-form-7
/wp-content/plugins/elementor
/wp-content/plugins/pods
/wp-content/plugins/redirection
/wp-content/plugins/restricted-site-access
/wp-content/plugins/safe-svg
/wp-content/plugins/simple-custom-post-order
/wp-content/plugins/smtp-mailer
/wp-content/plugins/wordfence
/wp-content/plugins/wordpress-importer
/wp-content/plugins/wordpress-seo
/wp-content/plugins/wp-super-cache
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2024-10-26 19:43

Severity: low
Fingerprint: 5f32cf5d6962f09c0f8dcf020f8dcf02ae8e60f6a143d7b2f514106d64055fb3

Found 24 files trough .DS_Store spidering:

/wp-admin
/wp-admin/css
/wp-admin/css/colors
/wp-admin/css/colors/blue
/wp-admin/css/colors/coffee
/wp-admin/css/colors/ectoplasm
/wp-admin/css/colors/light
/wp-admin/css/colors/midnight
/wp-admin/css/colors/modern
/wp-admin/css/colors/ocean
/wp-admin/css/colors/sunrise
/wp-admin/images
/wp-admin/includes
/wp-admin/js
/wp-admin/maint
/wp-admin/network
/wp-admin/user
/wp-content
/wp-content/languages
/wp-content/plugins
/wp-content/themes
/wp-content/upgrade
/wp-content/uploads
/wp-includes

Found on 2024-07-26 16:48

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: rbeenergia.com.br
Port: 80
URL: http://rbeenergia.com.br

First seen 2022-11-06 01:22
Last seen 2025-01-06 02:31
Open for 792 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2025-01-06 02:31
- Severity: low
  Fingerprint: 5f32cf5d6962f09c9e04c3bc9e04c3bcd21ccb00e64d93875d16cacd02e59c85
```
Found 22 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2022-11-06 01:22
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: rbenergia.com.br
Port: 80
URL: http://rbenergia.com.br

First seen 2022-09-10 16:45
Last seen 2024-12-18 18:23
Open for 830 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2024-12-18 18:23
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.rbeenergia.com.br
Port: 80
URL: http://www.rbeenergia.com.br

First seen 2022-11-06 19:46
Last seen 2024-12-12 07:09
Open for 766 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2024-12-12 07:09
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.rbenergia.com.br
Port: 80
URL: http://www.rbenergia.com.br

First seen 2023-01-25 22:43
Last seen 2024-11-26 02:10
Open for 670 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09ca0cc0fcfa0cc0fcffab4603bc09156485aa5a6f61a880c59
```
Found 25 files trough .DS_Store spidering:

/gulpfile.js
/index.php
/license.txt
/package.json
/README.md
/wordfence-waf.php
/wp-activate.php
/wp-admin
/wp-blog-header.php
/wp-comments-post.php
/wp-config.php
/wp-content
/wp-content/plugins
/wp-content/plugins/acfml
/wp-content/themes
/wp-cron.php
/wp-includes
/wp-links-opml.php
/wp-load.php
/wp-login.php
/wp-mail.php
/wp-settings.php
/wp-signup.php
/wp-trackback.php
/xmlrpc.php
```
  Found on 2024-11-26 02:10
Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: peabodysoftware.com
Port: 443
URL: https://peabodysoftware.com

First seen 2022-09-22 05:20
Last seen 2024-09-20 18:52
Open for 729 days

Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e991beaeee6024e0f90e8d4d4d0e4bfc2f

Found 5 files trough .DS_Store spidering:

/Documents
/Documents/JulianRobertson.pdf
/Documents/Puchio.pdf
/img
/Research

Found on 2024-09-20 18:52

Severity: medium
Fingerprint: 5f32cf5d6962f09c3005b7223005b7223fb308200192224a2e3073560e87a862

Found 77 files trough .DS_Store spidering:

/About_Us.html
/ajaxTest.html
/ajaxVerify.php
/AlertCheck.php
/AlertCheckServer.php
/autoload.php
/Checkout_Success.html
/composer.json
/composer.lock
/Contact_Us.php
/DayCountTracking.html
/Documents
/Documents/JulianRobertson.pdf
/Documents/Puchio.pdf
/Domicile365.code-workspace
/Domicile365AlertCheck.php
/Domicile365AlertCheckServer.php
/Domicile365DeleteAlert.php
/Domicile365FCMIDUpdate.php
/Domicile365LostPassword.php
/Domicile365PostAlerts.php
/Domicile365ResetPassword.php
/Domicile365UpdateAlerts.php
/Domicile365UpdateReceiveEmailAlerts.php
/Domicile365UpdateSubscriptionStatus.php
/EmailTemplates
/FBLikeButtonTest.html
/FireBaseNotification.php
/Fixed Menu Example - Semantic.html
/Fixed Menu Example - Semantic_files
/img
/index.html
/index_files
/Legal.html
/Licenses
/Login.html
/Login_files
/Login_From_App.php
/Login_From_Domicile365App.php
/logout.php
/LostPassword.html
/lostpassword.php
/mail.php
/mail2.php
/Mail_Sent_Success.html
/mailContact.php
/mailresults.php
/Post_Location_Data.php
/Privacy_Policy.html
/README.md
/Register.html
/RegisterBackup.html
/registerBootStrap.php
/RegistrationFromApp.php
/RegistrationFromDomicile365App.php
/Research
/ResetPassword.html
/resetpassword.php
/ResetPasswordSuccess.html
/RetrieveAlerts.php
/RetrievePerformanceData.php
/RetrieveTaxDayData.php
/Run_Test.php
/Run_Test_Backup_11-4.html
/Run_Test_Backup_12-16.php
/SampleChartJS.html
/Scripts
/semantic
/semantic.json
/server.php
/server_backup.php
/server_lostpassword.php
/server_register.php
/server_TEST.php
/Settings.php
/Software.html
/SSL

Found on 2022-09-22 05:20

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: www.peabodysoftware.com
Port: 443
URL: https://www.peabodysoftware.com

First seen 2022-09-21 05:13
Last seen 2024-09-20 18:12
Open for 730 days

Severity: low
Fingerprint: 5f32cf5d6962f09c3c1fc5e93c1fc5e991beaeee6024e0f90e8d4d4d0e4bfc2f

Found 5 files trough .DS_Store spidering:

/Documents
/Documents/JulianRobertson.pdf
/Documents/Puchio.pdf
/img
/Research

Found on 2024-09-20 18:12

Severity: medium
Fingerprint: 5f32cf5d6962f09c3005b7223005b7223fb308200192224a2e3073560e87a862

Found 77 files trough .DS_Store spidering:

/About_Us.html
/ajaxTest.html
/ajaxVerify.php
/AlertCheck.php
/AlertCheckServer.php
/autoload.php
/Checkout_Success.html
/composer.json
/composer.lock
/Contact_Us.php
/DayCountTracking.html
/Documents
/Documents/JulianRobertson.pdf
/Documents/Puchio.pdf
/Domicile365.code-workspace
/Domicile365AlertCheck.php
/Domicile365AlertCheckServer.php
/Domicile365DeleteAlert.php
/Domicile365FCMIDUpdate.php
/Domicile365LostPassword.php
/Domicile365PostAlerts.php
/Domicile365ResetPassword.php
/Domicile365UpdateAlerts.php
/Domicile365UpdateReceiveEmailAlerts.php
/Domicile365UpdateSubscriptionStatus.php
/EmailTemplates
/FBLikeButtonTest.html
/FireBaseNotification.php
/Fixed Menu Example - Semantic.html
/Fixed Menu Example - Semantic_files
/img
/index.html
/index_files
/Legal.html
/Licenses
/Login.html
/Login_files
/Login_From_App.php
/Login_From_Domicile365App.php
/logout.php
/LostPassword.html
/lostpassword.php
/mail.php
/mail2.php
/Mail_Sent_Success.html
/mailContact.php
/mailresults.php
/Post_Location_Data.php
/Privacy_Policy.html
/README.md
/Register.html
/RegisterBackup.html
/registerBootStrap.php
/RegistrationFromApp.php
/RegistrationFromDomicile365App.php
/Research
/ResetPassword.html
/resetpassword.php
/ResetPasswordSuccess.html
/RetrieveAlerts.php
/RetrievePerformanceData.php
/RetrieveTaxDayData.php
/Run_Test.php
/Run_Test_Backup_11-4.html
/Run_Test_Backup_12-16.php
/SampleChartJS.html
/Scripts
/semantic
/semantic.json
/server.php
/server_backup.php
/server_lostpassword.php
/server_register.php
/server_TEST.php
/Settings.php
/Software.html
/SSL

Found on 2022-09-21 05:13

Create report

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: murphyslawsecurity.site
Port: 443
URL: https://murphyslawsecurity.site

First seen 2023-09-21 00:28
Last seen 2023-09-23 08:50
Open for 2 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc0363d38c2a8d359c60181061c4cd40bd
```
Found 4 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/style.css
/index.html
```
  Found on 2023-09-21 00:28
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: goodboysecurity.com
Port: 443
URL: https://goodboysecurity.com

First seen 2023-01-06 02:07
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc0363d38c2a8d359c60181061c4cd40bd
```
Found 4 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/style.css
/index.html
```
  Found on 2023-01-06 02:07
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: conorsecurityresume.com
Port: 443
URL: https://conorsecurityresume.com

First seen 2023-01-05 02:18
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc0363d38c2a8d359c60181061c4cd40bd
```
Found 4 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/style.css
/index.html
```
  Found on 2023-01-05 02:18
Create report
MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 20.49.104.17
Domain: sabrinalonae.com
Port: 443
URL: https://sabrinalonae.com

First seen 2022-09-14 02:27
- Severity: low
  Fingerprint: 5f32cf5d6962f09c0215adfc0215adfc0363d38c2a8d359c60181061c4cd40bd
```
Found 4 files trough .DS_Store spidering:

/assets
/assets/css
/assets/css/style.css
/index.html
```
  Found on 2022-09-14 02:27
Create report

Open service 20.49.104.17:80 · trugrid-relay-gateway.trafficmanager.net

2026-02-01 21:42

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: close
Date: Sun, 01 Feb 2026 21:43:14 GMT
Location: https://trugrid-relay-gateway.trafficmanager.net/

Found 2026-02-01 by HttpPlugin