LeakIX - Host revenueservice.co

Domain revenueservice.co

United States

AMAZON-02

Software information

Heroku

tcp/443

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 15.197.149.68
Domain: revenueservice.co
Port: 443
URL: https://revenueservice.co

First seen 2025-11-15 14:13
Last seen 2026-01-02 18:07
Open for 48 days
- Severity: low
  Fingerprint: 5f32cf5d6962f09c7cf176427cf17642568103b15e797d105e797d105e797d10
```
Found 2 files trough .DS_Store spidering:

/imgs
/imgs/mobile_default.png
```
  Found on 2026-01-02 18:07
Create report

Open service 15.197.149.68:443 · revenueservice.co

2026-01-09 16:47

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: https://shmarty.com
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=rCAu8tDNUF6uRLfIePiaF3fR4lVw647qRVRxJGlBHVQ%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767977238"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=rCAu8tDNUF6uRLfIePiaF3fR4lVw647qRVRxJGlBHVQ%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767977238"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 29c781c9-5e83-d960-daed-9f1d016a5318
X-Runtime: 0.002617
X-Xss-Protection: 1; mode=block
Date: Fri, 09 Jan 2026 16:47:18 GMT
Connection: close

Found 2 days ago by HttpPlugin

Create report

Open service 15.197.149.68:443 · revenueservice.co

2026-01-02 18:07

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: https://shmarty.com
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=z9ew%2BlXF9DakBCJopwk6LkcE2qua6NSJXiWo%2B92PRy8%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1767377254"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=z9ew%2BlXF9DakBCJopwk6LkcE2qua6NSJXiWo%2B92PRy8%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1767377254"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 0229bd45-95fb-2aad-33d4-de136356c7f9
X-Runtime: 0.002203
X-Xss-Protection: 1; mode=block
Date: Fri, 02 Jan 2026 18:07:34 GMT
Connection: close

Found 2026-01-02 by HttpPlugin

Create report

Open service 15.197.149.68:443 · revenueservice.co

2025-12-22 20:36

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: https://shmarty.com
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=qOOfigcSYiU4%2BryDUAy2tiNJGPTvmCMPXnX%2Fhs8WW5s%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766435795"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=qOOfigcSYiU4%2BryDUAy2tiNJGPTvmCMPXnX%2Fhs8WW5s%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766435795"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 56f1f9eb-ccd6-d6ca-3684-d785aec20b20
X-Runtime: 0.002959
X-Xss-Protection: 1; mode=block
Date: Mon, 22 Dec 2025 20:36:35 GMT
Connection: close

Found 2025-12-22 by HttpPlugin

Create report

Open service 15.197.149.68:443 · revenueservice.co

2025-12-21 02:33

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: https://shmarty.com
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=aoP8x0KoujahX90lTi9Ra8QPnsGrE0A9rKX7MOMu9mA%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766284434"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=aoP8x0KoujahX90lTi9Ra8QPnsGrE0A9rKX7MOMu9mA%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766284434"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: dbb365e4-756b-c66b-754c-f6bcf5ecfeff
X-Runtime: 0.002148
X-Xss-Protection: 1; mode=block
Date: Sun, 21 Dec 2025 02:33:54 GMT
Connection: close

Found 2025-12-21 by HttpPlugin

Create report

Open service 15.197.149.68:443 · revenueservice.co

2025-12-19 06:35

HTTP/1.1 302 Found
Cache-Control: no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: https://shmarty.com
Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=7N37jFdamx3i4%2FUEc5LiWa%2BUm6qsRxNEWQNV62Rr5VI%3D\u0026sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6\u0026ts=1766126156"}],"max_age":3600}
Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=7N37jFdamx3i4%2FUEc5LiWa%2BUm6qsRxNEWQNV62Rr5VI%3D&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&ts=1766126156"
Server: Heroku
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 heroku-router
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 4ae566ee-a096-5edb-24c0-22ef0e7ddd01
X-Runtime: 0.001992
X-Xss-Protection: 1; mode=block
Date: Fri, 19 Dec 2025 06:35:56 GMT
Connection: close

Found 2025-12-19 by HttpPlugin

Create report

revenueservice.co

Fingerprint:

57eab158181dc725286be0c020f8f024fdaee67e2a7351426c2b7a72f95a20c9

CN:

revenueservice.co

Key:

RSA-2048

Issuer:

R13

Not before:

2025-11-15 13:14

Not after:

2026-02-13 13:14

Domain summary

revenueservice.co 5

1 recorded

IP summary

15.197.149.68 2

1 recorded

Domain revenueservice.co

United States

Software information

MacOS file listing through .DS_Store file

Create report

Create report

Create report

Create report

Create report

revenueservice.co

Domain summary

IP summary