LeakIX - Host app.qreating.io

Domain app.qreating.io

United States

AMAZON-AES

Software information

Heroku

tcp/443

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 54.221.251.148
Domain: app.qreating.io
Port: 443
URL: https://app.qreating.io

First seen 2023-05-01 14:44
Last seen 2025-12-27 03:55
Open for 970 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c8329733f8329733f93b77d9b240ac757bb18cb8317310bd8
```
Found 10 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/favicon.ico
/packs
/portraits
/pulse.svg
/spinner.svg
/tangrams
```
  Found on 2025-12-27 03:55
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe5662f82d32553b6d83
```
Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/assets
/blank.png
/confirmation.html
/favicon.ico
/packs
/portraits
/pulse.svg
/spinner.svg
/tangrams
```
  Found on 2025-05-29 02:02
- Severity: low
  Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbecc9a916cd8c9f71acf8ba7e20494e8c1
```
Found 15 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/portraits
/pulse.svg
/robot.png
/robot_party.png
/spinner.svg
/tangrams
/users.png
```
  Found on 2024-08-26 12:27
- Severity: low
  Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b92705af73eecf6fb46614f27bdec08ce
```
Found 14 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/portraits
/pulse.svg
/robot.png
/robot_party.png
/spinner.svg
/users.png
```
  Found on 2024-07-18 08:56
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe56c4dd573e1faf1b33
```
Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/pulse.svg
/spinner.svg
/users.png
```
  Found on 2024-03-21 11:23
- Severity: low
  Fingerprint: 5f32cf5d6962f09c11d3744d11d3744d186028152d5242d54a8f504345e165e2
```
Found 12 files trough .DS_Store spidering:

/404.html
/422.html
/assets
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/pulse.svg
/spinner.svg
/users.png
```
  Found on 2023-05-01 14:44
Create report

Open service 54.221.251.148:443 · app.qreating.io

2026-01-09 21:16

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Location: https://app.qreating.io/login
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=2X89S9erAv3632rT%2FvIkejJQicFDqabYXkSnBIGxIuQ%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767993407"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=2X89S9erAv3632rT%2FvIkejJQicFDqabYXkSnBIGxIuQ%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767993407"
Server: Heroku
Set-Cookie: logged_in=false; path=/; samesite=lax
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 51424874-1a5c-174a-fb9d-367c71fcc1c2
X-Runtime: 0.019036
X-Xss-Protection: 0
Date: Fri, 09 Jan 2026 21:16:47 GMT
Connection: close

Found 2 days ago by HttpPlugin

Create report

Open service 54.221.251.148:443 · app.qreating.io

2025-12-23 02:44

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Location: https://app.qreating.io/login
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Nv9EUa57eycjTkPyZM0tGxzN0TnlGi7fK3%2B47ZeeD3o%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766457851"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Nv9EUa57eycjTkPyZM0tGxzN0TnlGi7fK3%2B47ZeeD3o%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766457851"
Server: Heroku
Set-Cookie: logged_in=false; path=/; samesite=lax
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 4e5880d9-dff3-b844-8cb3-d37775c0c5b4
X-Runtime: 0.017310
X-Xss-Protection: 0
Date: Tue, 23 Dec 2025 02:44:11 GMT
Connection: close

Found 2025-12-23 by HttpPlugin

Create report

Open service 54.221.251.148:443 · app.qreating.io

2025-12-20 18:24

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Location: https://app.qreating.io/login
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=HFfXhNVcWLfZ2lcs1aQ9zTkbfY3ZvJwnz6y8AOxAifU%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766255057"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=HFfXhNVcWLfZ2lcs1aQ9zTkbfY3ZvJwnz6y8AOxAifU%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766255057"
Server: Heroku
Set-Cookie: logged_in=false; path=/; samesite=lax
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: ce8a0678-7d14-5287-bbef-b62d0d7c2898
X-Runtime: 0.019944
X-Xss-Protection: 0
Date: Sat, 20 Dec 2025 18:24:17 GMT
Connection: close

Found 2025-12-20 by HttpPlugin

Create report

app.qreating.io

Fingerprint:

5786538eda5167b9bde300ac991238a61f328a5849629d5255c0b2c827c7f9d3

CN:

app.qreating.io

Key:

RSA-2048

Issuer:

R11

Not before:

2025-02-20 23:15

Not after:

2025-05-21 23:15

Domain summary

app.qreating.io 8

1 recorded

IP summary

54.221.251.148 2 54.204.238.15 1

2 recorded

Domain app.qreating.io

United States

Software information

MacOS file listing through .DS_Store file

Create report

Create report

Create report

app.qreating.io

Domain summary

IP summary