urlscan.io logo urlscan.io
SecurityTrails logo

gojek-security.ephemeral.blameless.io Open in urlscan Pro
35.224.187.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://gojek-security.ephemeral.blameless.io/
Submission: On May 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 19 HTTP transactions. The main IP is 35.224.187.50, located in United States and belongs to GOOGLE, US. The main domain is gojek-security.ephemeral.blameless.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 22nd 2020. Valid for: 3 months.
This is the only time gojek-security.ephemeral.blameless.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 35.224.187.50 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 195.181.175.48 60068 (CDN77)
1 2a04:4e42:200... 54113 (FASTLY)
1 52.222.156.231 16509 (AMAZON-02)
1 52.222.157.140 16509 (AMAZON-02)
1 1 2600:1901:0:2... 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
2 151.101.114.2 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 76.223.31.44 16509 (AMAZON-02)
1 54.85.85.145 14618 (AMAZON-AES)
19 12
5    35.224.187.50 (United States)

ASN15169 (GOOGLE, US)
PTR: 50.187.224.35.bc.googleusercontent.com
gojek-security.ephemeral.blameless.io
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    195.181.175.48 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-48.datapacket.com
cdn.headwayapp.co
1    2a04:4e42:200::729 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    52.222.156.231 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-156-231.fra53.r.cloudfront.net
cdn.auth0.com
1    52.222.157.140 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-157-140.fra53.r.cloudfront.net
cdn.amplitude.com
1    2600:1901:0:2470:: (United States)

ASN15169 (GOOGLE, US)
fullstory.com
1    35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
app.launchdarkly.com
3    2a00:1450:4001:817::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
1    54.85.85.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-85-145.compute-1.amazonaws.com
events.launchdarkly.com
Domain Requested by
5 gojek-security.ephemeral.blameless.io gojek-security.ephemeral.blameless.io
3 storage.googleapis.com gojek-security.ephemeral.blameless.io
2 app.launchdarkly.com gojek-security.ephemeral.blameless.io
1 events.launchdarkly.com gojek-security.ephemeral.blameless.io
1 clientstream.launchdarkly.com gojek-security.ephemeral.blameless.io
1 rs.fullstory.com edge.fullstory.com
1 edge.fullstory.com gojek-security.ephemeral.blameless.io
1 fullstory.com 1 redirects
1 cdn.amplitude.com gojek-security.ephemeral.blameless.io
1 cdn.auth0.com gojek-security.ephemeral.blameless.io
1 cdn.ravenjs.com gojek-security.ephemeral.blameless.io
1 cdn.headwayapp.co gojek-security.ephemeral.blameless.io
1 maxcdn.bootstrapcdn.com gojek-security.ephemeral.blameless.io
19 13

This site contains no links.

Subject Issuer Validity Valid
gojek-security.ephemeral.blameless.io
Let's Encrypt Authority X3		 2020-05-22 -
2020-08-20		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
1529036741.rsc.cdn77.org
Let's Encrypt Authority X3		 2020-03-31 -
2020-06-29		 3 months crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-20 -
2020-12-18		 7 months crt.sh
*.auth0.com
Amazon		 2019-06-21 -
2020-07-21		 a year crt.sh
cdn.amplitude.com
Amazon		 2019-12-16 -
2021-01-16		 a year crt.sh
edge.fullstory.com
GTS CA 1D2		 2020-05-03 -
2020-08-01		 3 months crt.sh
*.fullstory.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-27 -
2021-03-26		 3 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-22 -
2021-04-23		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
clientstream.launchdarkly.com
Amazon		 2019-11-19 -
2020-12-19		 a year crt.sh
*.launchdarkly.com
Gandi Pro SSL CA 2		 2018-09-12 -
2020-10-30		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://gojek-security.ephemeral.blameless.io/
Frame ID: 6DCE10C2EA163CD38B92C4F676C100C8
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.amplitude\.com/i

Page Statistics

19
Requests

100 %
HTTPS

31 %
IPv6

9
Domains

13
Subdomains

12
IPs

4
Countries

2572 kB
Transfer

8201 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://fullstory.com/s/fs.js HTTP 301
  • https://edge.fullstory.com/s/fs.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gojek-security.ephemeral.blameless.io/ 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.224.187.50 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.187.224.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
491b0b4f16ed996b821cb7278bd5e672010b2256ad725a00412aba28ce92d9ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
gojek-security.ephemeral.blameless.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx/1.15.9
date
Fri, 22 May 2020 22:00:25 GMT
content-type
text/html
last-modified
Fri, 22 May 2020 16:39:53 GMT
etag
W/"5ec80059-2242"
x-frame-options
SAMEORIGIN
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6662
widget.js
cdn.headwayapp.co/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.headwayapp.co/widget.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.48 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-48.datapacket.com
Software
CDN77-Turbo /
Resource Hash
727eba1924bdd1f2c8b502b502c5690079b6351301bfd8dd2dd1f26c1c298105

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:25 GMT
via
1.1 616f617776e843142ab5d87231cb3526.cloudfront.net (CloudFront)
age
23
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-hello
headway
content-encoding
br
last-modified
Wed, 20 May 2020 04:57:30 GMT
server
CDN77-Turbo
etag
W/"5ec4b8ba-6083"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=60, public
x-edge-ip
195.181.175.47
x-amz-cf-pop
FRA54
x-age
37
x-amz-cf-id
Uygw0xNesofUrs1lUGq637P0x8bVt3tRkuUvfuzumx_npBtlI07rCA==
expires
Wed, 20 May 2020 04:59:48 GMT
raven.min.js
cdn.ravenjs.com/3.26.2/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.26.2/raven.min.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gojek-security.ephemeral.blameless.io/
Origin
https://gojek-security.ephemeral.blameless.io

Response headers

date
Fri, 22 May 2020 22:00:25 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 15:59:55 GMT
server
Fastly
age
54168
etag
"1419f17d4165274db4b1ad69fc9721c5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13696
auth0.min.js
cdn.auth0.com/js/auth0/9.0.1/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.0.1/auth0.min.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.156.231 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-156-231.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91158140a23870e6f00d30f5505f326cddc31e5d4eb18e17d8737324fed7eeb8

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
zTOzpTB5RHYC3kBbR16oiUJ6xb8rQ5nG
content-encoding
gzip
last-modified
Tue, 26 Dec 2017 18:38:03 GMT
server
AmazonS3
age
56988
date
Fri, 22 May 2020 06:10:37 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=2628000,public
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA53
x-amz-cf-id
pAIhMygLP54RuGXXy14-I25ZVu4HT30VOVehDiyI6Owj8wUCyE09LQ==
via
1.1 b74a7a3f7ddfd685212e870d027c332d.cloudfront.net (CloudFront)
bundle.b7738252c5fbbc630d89.js
gojek-security.ephemeral.blameless.io/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.224.187.50 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.187.224.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
385e62cb9b5767144b5edce065e18bdc0456c348c838516bee3f8b7507ac9559
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:25 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 16:39:53 GMT
server
nginx/1.15.9
etag
W/"5ec80059-50cacc"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
amplitude-4.4.0-min.gz.js
cdn.amplitude.com/libs/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-140.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 04 Mar 2020 23:40:11 GMT
content-encoding
gzip
age
6819614
x-cache
Hit from cloudfront
status
200
content-length
25521
last-modified
Mon, 21 Oct 2019 15:45:35 GMT
server
AmazonS3
etag
"0ac70c6a5de910a09be49cfefd77c771"
x-amz-version-id
5wXGiWTByEVk3DSg02L19x7h8A..ke3l
via
1.1 44d7d28132a47c2b5760c4ec3dd7aa89.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
OqCgaQyMIAbXo1KfB73eT7WW5GhzCDt5SeJOAthXzI6Ixm7SFM-XLA==
fs.js
edge.fullstory.com/s/
Redirect Chain
  • https://fullstory.com/s/fs.js
  • https://edge.fullstory.com/s/fs.js
191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a05a9d31e8a00d12f075b661d41b880f1631f5875073f4193d338ae91487a6ee

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 21:50:32 GMT
content-encoding
gzip
age
593
x-guploader-uploadid
AAANsUm__0wsi-wu6SSd1VP5PnlX_djKYKLWKajbyVYc5YNBXuZMIJpk4Yz8oi12g_AbPZfOafNfjo3Fp6S24gYn2A
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
58426
last-modified
Tue, 19 May 2020 18:57:29 GMT
server
UploadServer
etag
"fcc27279d9ed1731f7610a9a045f26ee"
x-goog-hash
crc32c=8iQq7Q==, md5=/MJyedntFzH3YQqaBF8m7g==
x-goog-generation
1589914649717711
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=600,no-transform
x-goog-stored-content-length
58426
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 22 May 2020 22:00:32 GMT

Redirect headers

date
Thu, 14 May 2020 23:45:15 GMT
via
1.1 google
age
684910
status
301
location
https://edge.fullstory.com/s/fs.js
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=63072000
timing-allow-origin
*
alt-svc
clear
content-length
0
page
rs.fullstory.com/rec/ 		49 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8c8bac2cb88f3745cb7605f10dd011dd2a2d45ab53606b2ffc7f73cd19cf6e71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 May 2020 22:00:26 GMT
via
1.1 google
x-content-type-options
nosniff
status
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gojek-security.ephemeral.blameless.io
access-control-allow-credentials
true
alt-svc
clear
content-length
49
5b75bf4e40fd9d163928ca69
app.launchdarkly.com/sdk/goals/ 		2 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5b75bf4e40fd9d163928ca69
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

X-LaunchDarkly-User-Agent
JSClient/3.1.0
Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:27 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
MISS
status
200
access-control-max-age
300
content-length
26
x-served-by
cache-hhn4053-HHN
access-control-allow-origin
*
x-timer
S1590184827.190568,VS0,VE97
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
eyJrZXkiOiJnb2play1zZWN1cml0eS5lcGhlbWVyYWwuYmxhbWVsZXNzLmlvIiwiY3VzdG9tIjp7Imhvc3RuYW1lIjoiZ29qZWstc2VjdXJpdHkuZXBoZW1lcmFsLmJsYW1lbGVzcy5pbyIsImdyb3VwcyI6ImJldGEifX0
app.launchdarkly.com/sdk/evalx/5b75bf4e40fd9d163928ca69/users/ 		5 KB
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5b75bf4e40fd9d163928ca69/users/eyJrZXkiOiJnb2play1zZWN1cml0eS5lcGhlbWVyYWwuYmxhbWVsZXNzLmlvIiwiY3VzdG9tIjp7Imhvc3RuYW1lIjoiZ29qZWstc2VjdXJpdHkuZXBoZW1lcmFsLmJsYW1lbGVzcy5pbyIsImdyb3VwcyI6ImJldGEifX0
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3006ff433370ba4bad2191994c3cf78d03562e550c9e08f9390797d3646defc8

Request headers

X-LaunchDarkly-User-Agent
JSClient/3.1.0
Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:27 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
access-control-max-age
300
content-length
842
x-served-by
cache-hhn4053-HHN
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1590184827.184391,VS0,VE95
etag
"1965ba"
vary
Accept-Encoding, Accept-Encoding, Authorization
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
auth
gojek-security.ephemeral.blameless.io/api/v1/info/ 		203 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gojek-security.ephemeral.blameless.io/api/v1/info/auth
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.224.187.50 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.187.224.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
ccf680e835654f014cb7120ceb454abcec6979d85e4e273cfe1831a8261dd145
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 22 May 2020 22:00:27 GMT
server
nginx/1.15.9
content-length
203
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json;charset=UTF-8
Inter-Regular.woff2
storage.googleapis.com/blameless-showcase/inter/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/blameless-showcase/inter/Inter-Regular.woff2
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
03c75b1b36edb0aad6ff58705f95e22682862b05a6a5e7bfe1005cc8bb260bd2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gojek-security.ephemeral.blameless.io/
Origin
https://gojek-security.ephemeral.blameless.io

Response headers

x-goog-meta-access-control-allow-origin
*
date
Fri, 22 May 2020 22:00:27 GMT
x-guploader-uploadid
AAANsUkjpWm8W8bW4CA0qEodiJ2bvdywX0wGEUH06_Nvwu6gHpkuxZt3f43eYGFPjef7D1IXzlqrUSi648esImKgAg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
7
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88816
last-modified
Tue, 27 Aug 2019 22:38:15 GMT
server
UploadServer
etag
"d55e957612a3b2a373925d920f4af6b1"
x-goog-hash
crc32c=2hy73A==, md5=1V6VdhKjsqNzkl2SD0r2sQ==
x-goog-generation
1566945495318063
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
88816
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 22 May 2020 23:00:27 GMT
vendor.8fa3693df21dcc32f571.js
gojek-security.ephemeral.blameless.io/ 		2 MB
684 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gojek-security.ephemeral.blameless.io/vendor.8fa3693df21dcc32f571.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.224.187.50 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.187.224.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
5af5892a8de195dd922eeff6caa526b04e18d7ef16750021d2115ecdf4efe3b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:27 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 16:39:53 GMT
server
nginx/1.15.9
etag
W/"5ec80059-20a034"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
38.40a139abafcdd2f785e8.js
gojek-security.ephemeral.blameless.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gojek-security.ephemeral.blameless.io/38.40a139abafcdd2f785e8.js
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.224.187.50 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.187.224.35.bc.googleusercontent.com
Software
nginx/1.15.9 /
Resource Hash
da9662af596473342f9ef6c7a3d5dcca6bcac30b9601b94a7fb1cc2ed195a071
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:27 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 16:39:53 GMT
server
nginx/1.15.9
etag
W/"5ec80059-1039"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
strict-transport-security
max-age=15724800; includeSubDomains
eyJrZXkiOiJnb2play1zZWN1cml0eS5lcGhlbWVyYWwuYmxhbWVsZXNzLmlvIiwiY3VzdG9tIjp7Imhvc3RuYW1lIjoiZ29qZWstc2VjdXJpdHkuZXBoZW1lcmFsLmJsYW1lbGVzcy5pbyIsImdyb3VwcyI6ImJldGEifX0
clientstream.launchdarkly.com/eval/5b75bf4e40fd9d163928ca69/ 		6 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/5b75bf4e40fd9d163928ca69/eyJrZXkiOiJnb2play1zZWN1cml0eS5lcGhlbWVyYWwuYmxhbWVsZXNzLmlvIiwiY3VzdG9tIjp7Imhvc3RuYW1lIjoiZ29qZWstc2VjdXJpdHkuZXBoZW1lcmFsLmJsYW1lbGVzcy5pbyIsImdyb3VwcyI6ImJldGEifX0
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 22 May 2020 22:00:27 GMT
Ld-Region
eu-west-1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
text/event-stream; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
300
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-LaunchDarkly-User-Agent
circle.png
storage.googleapis.com/blameless-showcase/ 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/blameless-showcase/circle.png
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22d4643714200d587cd82b56feec2e76fced11c4d845b2cbbacae2a36ef7497b

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 22:00:27 GMT
x-guploader-uploadid
AAANsUmFONCw2_rhupXWw6LlKf-uK9IkiK9asi2_nW9StdI3D7pSDaCpx2rTOekFYvabDDkDlMC6Ceq1nQZvCYuAyw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290236
last-modified
Fri, 28 Sep 2018 06:06:49 GMT
server
UploadServer
etag
"94070d4b3e275737bb922fc1238c2413"
x-goog-hash
crc32c=6rVJKA==, md5=lAcNSz4nVze7ki/BI4wkEw==
x-goog-generation
1538114809225649
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=3600
x-goog-stored-content-length
290236
accept-ranges
bytes
content-type
image/png
expires
Fri, 22 May 2020 23:00:27 GMT
Inter-Light-BETA.woff2
storage.googleapis.com/blameless-showcase/inter/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/blameless-showcase/inter/Inter-Light-BETA.woff2
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
42b85ccdba2f07f36e65df9023a51bf5fcb57da7fba0f9d8d99033cd6500fe68

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gojek-security.ephemeral.blameless.io/
Origin
https://gojek-security.ephemeral.blameless.io

Response headers

x-goog-meta-access-control-allow-origin
*
date
Fri, 22 May 2020 22:00:27 GMT
x-guploader-uploadid
AAANsUk-FAAHforTcBIejwuGU17ZJpltdAzUG0KgCSX6P_Pl8XCCIfwFdGysn4T18YVd-T8DV0d1Il43joILG3da4Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97284
last-modified
Tue, 27 Aug 2019 22:38:13 GMT
server
UploadServer
etag
"b8eaadf08a711633a8652116fb4d677f"
x-goog-hash
crc32c=ZtOZsQ==, md5=uOqt8IpxFjOoZSEW+01nfw==
x-goog-generation
1566945493615907
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
97284
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 22 May 2020 23:00:27 GMT
5b75bf4e40fd9d163928ca69
events.launchdarkly.com/events/bulk/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5b75bf4e40fd9d163928ca69
Requested by
Host: gojek-security.ephemeral.blameless.io
URL: https://gojek-security.ephemeral.blameless.io/bundle.b7738252c5fbbc630d89.js?22949587a901f9ea4367
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.85.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-85-145.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gojek-security.ephemeral.blameless.io/
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/3.1.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 22 May 2020 22:00:30 GMT
Access-Control-Max-Age
300
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length
0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| amplitude boolean| _fs_debug string| _fs_host string| _fs_org string| _fs_namespace function| FS object| Raven object| auth0 string| _fs_loaded function| _fs_shutdown object| Headway object| webpackJsonp number| 2f1acc6c3a606b082e5eef5e54414ffb object| __core-js_shared__ object| core function| _ function| setImmediate function| clearImmediate object| __SENTRY__ object| ldClient object| timerLog

1 Cookies

Domain/Path Name / Value
.blameless.io/ Name: amplitude_id_932cd36c7b63b240b2dd78d4b705d9afblameless.io
Value: eyJkZXZpY2VJZCI6ImIzMmEzYjJmLTI1Y2YtNGQyNC05YWI1LWZiMDM0MWFmMmQzZVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU5MDE4NDgyNTk2MSwibGFzdEV2ZW50VGltZSI6MTU5MDE4NDgyNTk2MSwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.amplitude.com
cdn.auth0.com
cdn.headwayapp.co
cdn.ravenjs.com
clientstream.launchdarkly.com
edge.fullstory.com
events.launchdarkly.com
fullstory.com
gojek-security.ephemeral.blameless.io
maxcdn.bootstrapcdn.com
rs.fullstory.com
storage.googleapis.com
151.101.114.2
195.181.175.48
2001:4de0:ac19::1:b:1b
2600:1901:0:2470::
2a00:1450:4001:817::2010
2a04:4e42:200::729
35.186.194.58
35.201.112.186
35.224.187.50
52.222.156.231
52.222.157.140
54.85.85.145
76.223.31.44
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
03c75b1b36edb0aad6ff58705f95e22682862b05a6a5e7bfe1005cc8bb260bd2
22d4643714200d587cd82b56feec2e76fced11c4d845b2cbbacae2a36ef7497b
3006ff433370ba4bad2191994c3cf78d03562e550c9e08f9390797d3646defc8
385e62cb9b5767144b5edce065e18bdc0456c348c838516bee3f8b7507ac9559
42b85ccdba2f07f36e65df9023a51bf5fcb57da7fba0f9d8d99033cd6500fe68
491b0b4f16ed996b821cb7278bd5e672010b2256ad725a00412aba28ce92d9ee
4b6d78009e6e369507e7d50925b9f2864e05b27820a92862f8b6bcf5c27a8430
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5af5892a8de195dd922eeff6caa526b04e18d7ef16750021d2115ecdf4efe3b5
727eba1924bdd1f2c8b502b502c5690079b6351301bfd8dd2dd1f26c1c298105
8c8bac2cb88f3745cb7605f10dd011dd2a2d45ab53606b2ffc7f73cd19cf6e71
91158140a23870e6f00d30f5505f326cddc31e5d4eb18e17d8737324fed7eeb8
a05a9d31e8a00d12f075b661d41b880f1631f5875073f4193d338ae91487a6ee
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
ccf680e835654f014cb7120ceb454abcec6979d85e4e273cfe1831a8261dd145
da9662af596473342f9ef6c7a3d5dcca6bcac30b9601b94a7fb1cc2ed195a071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855