LeakIX - Host app.staff-up.io

Domain app.staff-up.io

United States

AMAZON-AES

Software information

Heroku

tcp/443

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 75.101.184.39
Domain: app.staff-up.io
Port: 443
URL: https://app.staff-up.io

First seen 2023-04-03 18:31
Last seen 2026-01-02 03:13
Open for 1004 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c8329733f8329733f93b77d9b240ac757bb18cb8317310bd8
```
Found 10 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/favicon.ico
/packs
/portraits
/pulse.svg
/spinner.svg
/tangrams
```
  Found on 2026-01-02 03:13
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe5662f82d32553b6d83
```
Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/assets
/blank.png
/confirmation.html
/favicon.ico
/packs
/portraits
/pulse.svg
/spinner.svg
/tangrams
```
  Found on 2025-05-28 04:43
- Severity: low
  Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbecc9a916cd8c9f71acf8ba7e20494e8c1
```
Found 15 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/portraits
/pulse.svg
/robot.png
/robot_party.png
/spinner.svg
/tangrams
/users.png
```
  Found on 2024-08-26 21:52
- Severity: low
  Fingerprint: 5f32cf5d6962f09c39aac35b39aac35b92705af73eecf6fb46614f27bdec08ce
```
Found 14 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/portraits
/pulse.svg
/robot.png
/robot_party.png
/spinner.svg
/users.png
```
  Found on 2024-07-18 10:25
- Severity: low
  Fingerprint: 5f32cf5d6962f09cec7f8772ec7f8772159855a0eb5bbe56c4dd573e1faf1b33
```
Found 11 files trough .DS_Store spidering:

/404.html
/422.html
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/pulse.svg
/spinner.svg
/users.png
```
  Found on 2024-03-21 16:08
- Severity: low
  Fingerprint: 5f32cf5d6962f09c11d3744d11d3744d186028152d5242d54a8f504345e165e2
```
Found 12 files trough .DS_Store spidering:

/404.html
/422.html
/assets
/blank.png
/confirmation.html
/default_user_photos
/favicon.ico
/loading.svg
/packs
/pulse.svg
/spinner.svg
/users.png
```
  Found on 2023-04-03 18:31
Create report

Open service 75.101.184.39:443 · app.staff-up.io

2026-01-09 11:29

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Location: https://app.staff-up.io/organizations/staffup/deactivated
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=O9uNClkWXYfzUR58hRtkeYKio6kttCl55Hy0L1dGU2E%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767958178"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=O9uNClkWXYfzUR58hRtkeYKio6kttCl55Hy0L1dGU2E%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767958178"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 81251d2e-1cbb-59ac-bd82-6440feca23b5
X-Runtime: 0.012848
X-Xss-Protection: 0
Date: Fri, 09 Jan 2026 11:29:38 GMT
Connection: close

Found 2 days ago by HttpPlugin

Create report

Open service 75.101.184.39:443 · app.staff-up.io

2026-01-02 03:13

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Feature-Policy: geolocation 'self'; camera 'none'; microphone 'none'; usb 'none'; fullscreen 'self'; payment 'self'
Location: https://app.staff-up.io/organizations/staffup/deactivated
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=4Gt7LKO4IxbWDeJVkIbr0BDIvdT6AlDJNNYpjXyHhTk%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767323584"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=4Gt7LKO4IxbWDeJVkIbr0BDIvdT6AlDJNNYpjXyHhTk%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767323584"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: d7359dc0-1ab0-48e5-d817-df4aac57c9e6
X-Runtime: 0.008674
X-Xss-Protection: 0
Date: Fri, 02 Jan 2026 03:13:04 GMT
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

app.staff-up.io

Fingerprint:

afc707ad202c3ddd13f59f6b87a6f53a0db24f27200a7f51e9687351b6a1a3a1

CN:

app.staff-up.io

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-24 00:47

Not after:

2026-02-22 00:47

Domain summary

app.staff-up.io 7

1 recorded

IP summary

75.101.184.39 2

1 recorded

Domain app.staff-up.io

United States

Software information

MacOS file listing through .DS_Store file

Create report

Create report

app.staff-up.io

Domain summary

IP summary