Domain oatmel.com
United States
Software information
Heroku
tcp/443
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2022-09-16 00:31
Last seen 2025-12-27 02:18
Open for 1198 days-
Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbecc9a916cd8c9f71a4dbed4abf0b780daFound 15 files trough .DS_Store spidering: /404.html /422.html /500.html /apple-touch-icon-precomposed.png /apple-touch-icon.png /back.png /cream.jpg /error.png /favicon.ico /g_icon.png /logo.svg /personas_zKgVhciXAvJDBgNCGcHHkBPr.csv /robots.txt /spoony.svg /verified.svg
Found on 2025-12-27 02:18 -
Severity: medium
Fingerprint: 5f32cf5d6962f09c74247ea574247ea5bc7a4ec2b9cb0cf17a6b1e91df20190cFound 56 files trough .DS_Store spidering: /1.jpg /10.jpg /11.jpg /12.jpg /13.jpg /14.jpg /15.jpg /16.jpg /17.jpg /18.jpg /19.jpg /2.jpg /20.jpg /21.jpg /22.jpg /23.jpg /24.jpg /25.jpg /26.jpg /27.jpg /28.jpg /29.jpg /3.jpg /30.jpg /31.jpg /32.jpg /4.jpg /404.html /422.html /5.jpg /500.html /6.jpg /7.jpg /8.jpg /9.jpg /apple-touch-icon-precomposed.png /apple-touch-icon.png /back.png /bread.jpg /chocolate.jpg /community_logo.svg /cookies.jpg /cream.jpg /cupcakes.jpg /error.png /favicon.ico /g_icon.png /logo.svg /muffins.jpg /nutrition.png /personas_zKgVhciXAvJDBgNCGcHHkBPr.csv /pie.jpg /rainbow.jpg /robots.txt /spoony.svg /verified.svg
Found on 2024-02-03 01:18
-
-
MacOS file listing through .DS_Store file
.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
First seen 2022-09-16 00:04
Last seen 2025-12-30 04:29
Open for 1201 days-
Severity: low
Fingerprint: 5f32cf5d6962f09cc169dbbec169dbbecc9a916cd8c9f71a4dbed4abf0b780daFound 15 files trough .DS_Store spidering: /404.html /422.html /500.html /apple-touch-icon-precomposed.png /apple-touch-icon.png /back.png /cream.jpg /error.png /favicon.ico /g_icon.png /logo.svg /personas_zKgVhciXAvJDBgNCGcHHkBPr.csv /robots.txt /spoony.svg /verified.svg
Found on 2025-12-30 04:29 -
Severity: medium
Fingerprint: 5f32cf5d6962f09c74247ea574247ea5bc7a4ec2b9cb0cf17a6b1e91df20190cFound 56 files trough .DS_Store spidering: /1.jpg /10.jpg /11.jpg /12.jpg /13.jpg /14.jpg /15.jpg /16.jpg /17.jpg /18.jpg /19.jpg /2.jpg /20.jpg /21.jpg /22.jpg /23.jpg /24.jpg /25.jpg /26.jpg /27.jpg /28.jpg /29.jpg /3.jpg /30.jpg /31.jpg /32.jpg /4.jpg /404.html /422.html /5.jpg /500.html /6.jpg /7.jpg /8.jpg /9.jpg /apple-touch-icon-precomposed.png /apple-touch-icon.png /back.png /bread.jpg /chocolate.jpg /community_logo.svg /cookies.jpg /cream.jpg /cupcakes.jpg /error.png /favicon.ico /g_icon.png /logo.svg /muffins.jpg /nutrition.png /personas_zKgVhciXAvJDBgNCGcHHkBPr.csv /pie.jpg /rainbow.jpg /robots.txt /spoony.svg /verified.svg
Found on 2024-02-02 04:45
-
-
Open service 18.205.36.100:443 · oatmel.com
2026-01-09 17:13
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"98c3213ee7aae947a77e6e4dc3cfc0de" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=mjld08fyBosfqeo%2F68iONp%2FVa0oNQofil4npl%2F21VCc%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767978820"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=mjld08fyBosfqeo%2F68iONp%2FVa0oNQofil4npl%2F21VCc%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767978820" Server: Heroku Set-Cookie: _oatmel_session=uNuvKaoToUwOeM0CHIy9RqlHJkT2ypZ9HhTdCvldtBFilOkJd%2FN5k7Fl%2FDpXldxEhuVzdl2N8GKp2jtM1vxOlwr49VFKkf0b6yH4NEVFJzELK8e1uTAIsV51OkT%2FPYdJ6RblO0z4SrhrbIOgt5g%3D--C2ZV1ymKRcafKpzt--gFwBfl%2FHEcP5wZTJQvNRsw%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 726a457f-5491-ab14-f4b6-a54a60ed0033 X-Runtime: 0.018022 X-Xss-Protection: 1; mode=block Date: Fri, 09 Jan 2026 17:13:40 GMT Connection: close Transfer-Encoding: chunkedFound 2026-01-09 by HttpPluginCreate report
-
Open service 99.83.151.71:443 · oatmel.com
2026-01-09 13:03
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"ced52701faedbb70ca098e20b74909ef" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=dHvifl0fr2YwXmtGk8Kv7f017TSCK8Yfr0lgYrU4bYk%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767963827"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=dHvifl0fr2YwXmtGk8Kv7f017TSCK8Yfr0lgYrU4bYk%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767963827" Server: Heroku Set-Cookie: _oatmel_session=shIoxG6V7hx9XRUWFrn1qJI%2FxDoFkovhnCa7uWTqqiR9a%2BB74Brey3j%2B7OwE0whFDGgclPnJfgOPx01iCB241HvXE%2BY0Nfj7exMqSFPpb7JqdoiHz3uAxVDPAH8ZehW8nqXxlEhlojudRRFW%2BBg%3D--trq4vVhoW09OVF3P--Do3GLgcnX7iAVyzKnTG6Nw%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 52738d88-17a4-fb19-b270-4e81dbf7508e X-Runtime: 0.018038 X-Xss-Protection: 1; mode=block Date: Fri, 09 Jan 2026 13:03:47 GMT Connection: close Transfer-Encoding: chunkedFound 2026-01-09 by HttpPluginCreate report
-
Open service 54.157.58.70:443 · www.oatmel.com
2026-01-08 21:20
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"945f8bff3ead62e7234ca4429509bb75" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=KfHyUKF2KtO7TaJ6MusfwrCKH8CXiNpZKgjNuvP3YKc%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767907244"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=KfHyUKF2KtO7TaJ6MusfwrCKH8CXiNpZKgjNuvP3YKc%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767907244" Server: Heroku Set-Cookie: _oatmel_session=rUgigC9QtNxpNSm4baMh%2BOcxM4PGMBDErxHUeq%2FMpF%2Bbo%2BT9nLHczEpusBHy%2Fpb8RaP681CXincN9cAd8vvSQUzyvEBvLEvedXuT4EdBZ8wYJ8tsVfOAjbdu%2BtnK5xm3MKYqfkNdOx2e9bET9MU%3D--ftvtOYXkyCy4TttT--PITaxAzo5ygAmNoZnokCaQ%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 00890650-064c-332b-6555-c76f1c983bd9 X-Runtime: 0.016812 X-Xss-Protection: 1; mode=block Date: Thu, 08 Jan 2026 21:20:44 GMT Connection: close Transfer-Encoding: chunkedFound 2026-01-08 by HttpPluginCreate report
-
Open service 54.157.58.70:443 · www.oatmel.com
2025-12-30 04:29
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"3054043201bea10fdb482727a23d249d" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=8e7d7VdRn6yGtlutU6bjER02O1aeocykAN%2Bt0jEOLPY%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767068956"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=8e7d7VdRn6yGtlutU6bjER02O1aeocykAN%2Bt0jEOLPY%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767068956" Server: Heroku Set-Cookie: _oatmel_session=ryFj6chDme8Fdf3PppwtFu%2BmO2e0ovP%2BGAuQlmfekmWQ2hboh%2FxgF6mnDhUa2yj3nILQP8nmRSkjN33ohbmLxphk12CngHJqe0oYneMqGIL8ygJYBGQkrF54S8ZE0fwH4tYGj7RMI4oZWzvK5Zo%3D--E2eH6r2LRwEZVSxs--ghO2sQl8e90n9vr%2Bi44sng%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 361cf3bb-f4f2-e601-f8b9-9e33a03debf4 X-Runtime: 0.016365 X-Xss-Protection: 1; mode=block Date: Tue, 30 Dec 2025 04:29:16 GMT Connection: close Transfer-Encoding: chunkedFound 2025-12-30 by HttpPluginCreate report
-
Open service 13.248.132.87:443 · oatmel.com
2025-12-23 04:18
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"9ed2d8f543dbf9f1a0fca61fe24a7e6d" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=svRXu9ngJEQ%2Fukyv9MhAcX1V%2BuTcpsM8HCgyl2%2BG5vc%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766463519"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=svRXu9ngJEQ%2Fukyv9MhAcX1V%2BuTcpsM8HCgyl2%2BG5vc%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766463519" Server: Heroku Set-Cookie: _oatmel_session=nLDiTEShHwyqCHOur%2BoTrGkePe8t5S%2FqCByb5J%2Fs9%2FYIqoqEE6UzII4kvNGoDarxHwldwOy6nOOsgPiLsYn75ftU61%2BL2vS9sVApoF7kZ9O1XdJwjaX7SKJfmuk44Xw42w84wXPgD2s9oOjov0s%3D--iCyK%2FLceubLI8LzJ--wEbzZvlFCRpbqhEQLjUZLw%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 6005918f-9f7d-f0d7-868c-2f622f00b5af X-Runtime: 0.019017 X-Xss-Protection: 1; mode=block Date: Tue, 23 Dec 2025 04:18:39 GMT Connection: close Transfer-Encoding: chunkedFound 2025-12-23 by HttpPluginCreate report
-
Open service 18.205.36.100:443 · oatmel.com
2025-12-22 15:15
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"8e8e36813e6bb2833d24239dc6def247" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=eKUVWKqxhGiVbOLP0eaXnBYYBsUTcsr3NFUXCdZn2mg%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766416551"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=eKUVWKqxhGiVbOLP0eaXnBYYBsUTcsr3NFUXCdZn2mg%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766416551" Server: Heroku Set-Cookie: _oatmel_session=sB1pQrQ7Xl1hzsgVlYUsnOB6Wg8DAFtOjzgVYbDBNUentzVMUtihoGf9f%2F6MneZpthS6nJ6h3xxssLHEyKG7rSdXi5VIa2qVwT6vrmpZOWc0HVKpPq9hqcyibB2yVdvqJiBIJJia0LJl%2FPGZHYc%3D--7TZtGrGfWCRDQlqi--mNEED1AB9ukm%2F3UzMx5Rkg%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: c348c038-0dc1-93c9-f78f-203c1e8a1ec6 X-Runtime: 0.028659 X-Xss-Protection: 1; mode=block Date: Mon, 22 Dec 2025 15:15:51 GMT Connection: close Transfer-Encoding: chunkedFound 2025-12-22 by HttpPluginCreate report
-
Open service 18.205.36.100:443 · oatmel.com
2025-12-20 11:07
HTTP/1.1 200 OK Cache-Control: max-age=0, private, must-revalidate Content-Type: text/html; charset=utf-8 Etag: W/"a4e28ff9bb484f00dde466aadcdda64e" Link: </assets/application-7ba28f5161894d914173d324d61ded4e424fed53b0a0de2165aede9a48e0510e.css>; rel=preload; as=style; nopush,</assets/application-26cda19ca43d9781e5bfd3a91e5b4c74e1681fbe913cf9157f29c57e074a55f0.js>; rel=preload; as=script; nopush Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=Xbi98XN5Hpqw6xgjntBRRCtUfwLj32n5IVHjuaSztf0%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766228835"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=Xbi98XN5Hpqw6xgjntBRRCtUfwLj32n5IVHjuaSztf0%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766228835" Server: Heroku Set-Cookie: _oatmel_session=9lHdHZrADwMggfg3s%2Bz%2Fadd6fzx47LDjxgfNnmkclCgI1%2FbA8sPVPsOiKNm9w4KokTqTvSotXuAyUiEZikBHa5bszT8AdjtEAJB9idO7B34eoIxPH9cUdtrmaRN%2FDNj4gLX9M%2BUabl7TrrmjsIo%3D--xIcrn75yNUOWmw1V--8W7jpfRH1kmLJ8vdREWbjw%3D%3D; path=/; secure; HttpOnly Strict-Transport-Security: max-age=63072000; includeSubDomains Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Request-Id: 75a60268-63b2-f4ae-92aa-022623f0aeb9 X-Runtime: 0.016819 X-Xss-Protection: 1; mode=block Date: Sat, 20 Dec 2025 11:07:16 GMT Connection: close Transfer-Encoding: chunkedFound 2025-12-20 by HttpPluginCreate report