starwar.provisioning.govlast.com Open in urlscan Pro
52.62.174.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://starwar.provisioning.govlast.com/
Submission: On October 29 via automatic, source certstream-suspicious (October 29th 2020, 11:56:22 am UTC)

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 52.62.174.12, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is starwar.provisioning.govlast.com.
TLS certificate: Issued by Amazon on October 29th 2020. Valid for: a year.

This is the only time starwar.provisioning.govlast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	52.62.174.12 52.62.174.12	16509 (AMAZON-02) (AMAZON-02)
1	54.153.230.102 54.153.230.102	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 1	65.9.190.78 65.9.190.78	16509 (AMAZON-02) (AMAZON-02)
3	65.9.190.111 65.9.190.111	16509 (AMAZON-02) (AMAZON-02)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
22	9

8 52.62.174.12 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com

starwar.provisioning.govlast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.153.230.102 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-230-102.ap-southeast-2.compute.amazonaws.com

api.starwar.provisioning.govlast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.190.78 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.190.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	govlast.com starwar.provisioning.govlast.com api.starwar.provisioning.govlast.com	6 MB
4	googleapis.com maps.googleapis.com	124 KB
3	intercomcdn.com js.intercomcdn.com	106 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	sentry.io sentry.io
1	intercom.io 1 redirects widget.intercom.io	250 B
1	googletagmanager.com www.googletagmanager.com
22	7

	Domain	Requested by
8	starwar.provisioning.govlast.com	starwar.provisioning.govlast.com
4	maps.googleapis.com	starwar.provisioning.govlast.com maps.googleapis.com
3	js.intercomcdn.com	widget.intercom.io
2	www.google-analytics.com	starwar.provisioning.govlast.com www.google-analytics.com
1	sentry.io	starwar.provisioning.govlast.com
1	widget.intercom.io	1 redirects
1	www.googletagmanager.com	starwar.provisioning.govlast.com
1	api.starwar.provisioning.govlast.com	starwar.provisioning.govlast.com
22	8

This site contains no links.

Subject Issuer	Validity	Valid
starwar.provisioning.govlast.com Amazon	`2020-10-29` - `2021-11-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://starwar.provisioning.govlast.com/
Frame ID: 5187BB3BB329C6F4C4F8748436601453
Requests: 20 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f1234669.js
Frame ID: D5DAC591CAA29E04AFD5807B19E0EB53
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

91 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

6016 kB
Transfer

6525 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://widget.intercom.io/widget/undefined HTTP 302
https://js.intercomcdn.com/shim.latest.js

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
starwar.provisioning.govlast.com/ 1 KB
2 KB 942ms
311ms Document
text/html 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: e4236e21562b37d0daaa4f337ea0d413ae0e578d322f78b410bb13943e2f1319

Request headers

:method: GET
:authority: starwar.provisioning.govlast.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 11:56:03 GMT
content-type: text/html
content-length: 1464
server: nginx/1.10.3
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
etag: "5f9aac7f-5b8"
accept-ranges: bytes

GET
H2 200 app.86ff58bd77b6b9ad8d991266e70f1f37.css
starwar.provisioning.govlast.com/static/css/ 469 KB
470 KB 312ms
310ms Stylesheet
text/css 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: 8beef70cd40665a38d2a3529d25ff4932710475f5b9951e8bf607814114e60c6

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:03 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-7541e"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 480286

GET
H2 200 manifest.2ae2e69a05c33dfc65f8.js Show response
starwar.provisioning.govlast.com/static/js/ 799 B
958 B 602ms
601ms Script
application/javascript 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: 1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:03 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-31f"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 799

GET
H2 200 vendor.df5f31ffe695500f2d37.js Show response
starwar.provisioning.govlast.com/static/js/ 4 MB
4 MB 604ms
603ms Script
application/javascript 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: 0e62679eb6158be039b841766a8c03775ddf21f2318834adb209f3e02de048e9

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:03 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-3d5ad7"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4020951

GET
H2 200 app.d449063bcb86ec69cc15.js Show response
starwar.provisioning.govlast.com/static/js/ 1 MB
1 MB 606ms
606ms Script
application/javascript 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/js/app.d449063bcb86ec69cc15.js
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: 9b5dea9e469cf5726c549f2575c3bebeafb10992d34c80da5b6f2e4f008ccc20

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:03 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-149bb5"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1350581

OPTIONS
H2 503 authorize
api.starwar.provisioning.govlast.com/api/ Frame 0
0 859ms
280ms Other
text/html 54.153.230.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.starwar.provisioning.govlast.com/api/authorize
Protocol: H2
Server: 54.153.230.102 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-230-102.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://starwar.provisioning.govlast.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

GET
H2 200 titillium-web-v4-latin-regular.554608d.woff2
starwar.provisioning.govlast.com/static/fonts/ 11 KB
12 KB 310ms
310ms Font
application/octet-stream 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/fonts/titillium-web-v4-latin-regular.554608d.woff2
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: a837d6d36b73fb61264bf7d73d5a509445ed6b3980671b13ac0f3de207faca40

Request headers

Origin: https://starwar.provisioning.govlast.com
Referer: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:06 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-2dc0"
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 11712

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 127 KB
41 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBOEFP9f8wWElgLcq0jIAXbEj1SgBxZfwM&libraries=places&callback=vueGoogleMapsInit

Requested by

Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

40e14d8553e349960d39d724b396eb5920f6c0006e8619f3b6f32b6f9152e650

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:06 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=21
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42184
x-xss-protection: 0
expires: Thu, 29 Oct 2020 12:26:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 401
date: Thu, 29 Oct 2020 11:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 29 Oct 2020 13:49:25 GMT

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 26ms
26ms Script
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDBWQVR
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST authorize
api.starwar.provisioning.govlast.com/api/ 0
0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfde6178e693a3e805dff4470329811bddb43805e0305389b142901ea8b21580

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/undefined
https://js.intercomcdn.com/shim.latest.js

11 KB
5 KB

135ms
44ms

Script
application/javascript

65.9.190.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb565dad695cf6cd6642ae50ac0203e6b9e6683959fa881e8c2e34d45796ad73

Request headers

Referer: https://starwar.provisioning.govlast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:55:44 GMT
content-encoding: gzip
age: 23
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 4278
last-modified: Wed, 28 Oct 2020 17:00:25 GMT
server: AmazonS3
etag: "22c2843386015326f2223b876e56e724"
content-type: application/javascript; charset=UTF-8
via: 1.1 98e6142a124268fae259e9413f391903.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: nBzHK994v_lRYgr9bsCbVXpOkU4NvY6PdcLvbs7znBOewfLZhIgdzQ==

Redirect headers

date: Mon, 26 Oct 2020 09:03:58 GMT
via: 1.1 cd58d60f2b52ca321822f27453e5f098.cloudfront.net (CloudFront)
server: AmazonS3
age: 269529
status: 302
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: ZAG50-C1
content-length: 0
x-amz-cf-id: Xt0eeIvdylM5xiMATh0o0Sbvtxy7QCvP8AZg2kNftCMGcqMthc0ihg==

GET
H2 200 frame-modern.f1234669.js Show response
js.intercomcdn.com/ Frame D5DA 233 KB
63 KB 50ms
50ms Script
application/javascript 65.9.190.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.f1234669.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33bdeaea12588ffaec981b69a1f42a9ebbb2c6bc9e40ebbf96c5a2f60902f5bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:00:42 GMT
content-encoding: gzip
age: 3325
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 64410
last-modified: Wed, 28 Oct 2020 16:52:32 GMT
server: AmazonS3
etag: "84e637ddb32c4b24d7621a4493b0bac3"
content-type: application/javascript; charset=UTF-8
via: 1.1 98e6142a124268fae259e9413f391903.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: ZcDgGAzzBgupWIcTki0LtqxkjRAwAn8kemKntCjVp2yp2tyjd1vM8w==

GET
H2 200 vendor-modern.f585e527.js Show response
js.intercomcdn.com/ Frame D5DA 123 KB
38 KB 50ms
50ms Script
application/javascript 65.9.190.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.f585e527.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.190.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2115d67889ef9ee779fd47c169d0057c076767844771a2eb6fe918f09760e61

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 10:05:51 GMT
content-encoding: gzip
age: 6618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 38303
last-modified: Tue, 27 Oct 2020 10:27:05 GMT
server: AmazonS3
etag: "af39b5792e8c69d67c99c9ff6155bb17"
content-type: application/javascript; charset=UTF-8
via: 1.1 98e6142a124268fae259e9413f391903.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-amz-cf-id: uP03bb38DfNYBuFYXcJ1OHd9CN9MikA3cf5aMwwfIlvJRS9IUUEcKg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
421 B 47ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=2005826062&t=pageview&_s=1&dl=https%3A%2F%2Fstarwar.provisioning.govlast.com%2F&dp=%2Flogin%3Fredirect%3D%2F&ul=en-us&de=UTF-8&dt=Provisioning%20Vlast%20Example&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=1592652530&gjid=1802867191&cid=106086783.1603972566&tid=UA-156849103-1&_gid=1991050716.1603972566&_r=1&_slc=1&z=66879010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://starwar.provisioning.govlast.com/login?redirect=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 11:56:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://starwar.provisioning.govlast.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST logout
api.starwar.provisioning.govlast.com/api/oauth/ 0
0

GET
H2 200 open-sans-v13-latin-700.73437ad.woff2
starwar.provisioning.govlast.com/static/fonts/ 16 KB
16 KB 310ms
309ms Font
application/octet-stream 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/fonts/open-sans-v13-latin-700.73437ad.woff2
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Request headers

Origin: https://starwar.provisioning.govlast.com
Referer: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:07 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-3f94"
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 16276

GET
H2 200 open-sans-v13-latin-800.ebb3245.woff2
starwar.provisioning.govlast.com/static/fonts/ 16 KB
16 KB 309ms
309ms Font
application/octet-stream 52.62.174.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starwar.provisioning.govlast.com/static/fonts/open-sans-v13-latin-800.ebb3245.woff2
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.174.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-174-12.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.10.3 /
Resource Hash: d6bb784c1fe36582c7a60310fe712f494161e4fd42b94057b9cd9bc8a91cd5db

Request headers

Origin: https://starwar.provisioning.govlast.com
Referer: https://starwar.provisioning.govlast.com/static/css/app.86ff58bd77b6b9ad8d991266e70f1f37.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 11:56:07 GMT
last-modified: Thu, 29 Oct 2020 11:50:23 GMT
server: nginx/1.10.3
etag: "5f9aac7f-3f94"
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 16276

POST
H/1.1 200
OK /
sentry.io/api/1479110/store/ 0
0 530ms
139ms Other
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.io/api/1479110/store/?sentry_key=315ffb11bd8e4172a85d44b704771310&sentry_version=7
Requested by: Host: starwar.provisioning.govlast.com
URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 15.42.188.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://starwar.provisioning.govlast.com/login?redirect=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://starwar.provisioning.govlast.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/9/ 75 KB
28 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBOEFP9f8wWElgLcq0jIAXbEj1SgBxZfwM&libraries=places&callback=vueGoogleMapsInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starwar.provisioning.govlast.com/login?redirect=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 19:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 04:29:25 GMT
server: sffe
age: 58822
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28123
x-xss-protection: 0
expires: Thu, 28 Oct 2021 19:35:49 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/9/ 147 KB
54 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBOEFP9f8wWElgLcq0jIAXbEj1SgBxZfwM&libraries=places&callback=vueGoogleMapsInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://starwar.provisioning.govlast.com/login?redirect=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 28 Oct 2020 19:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 04:29:25 GMT
server: sffe
age: 58152
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55295
x-xss-protection: 0
expires: Thu, 28 Oct 2021 19:46:59 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
428 B 88ms
73ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fstarwar.provisioning.govlast.com%2Flogin%3Fredirect%3D%252F&4sAIzaSyBOEFP9f8wWElgLcq0jIAXbEj1SgBxZfwM&callback=_xdc_._by8l07&key=AIzaSyBOEFP9f8wWElgLcq0jIAXbEj1SgBxZfwM&token=53642

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9a67d3178490055826de230931af68518911fd58f7e9d1d507d7c7737fb0e755

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://starwar.provisioning.govlast.com/login?redirect=%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 11:56:11 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=45
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.starwar.provisioning.govlast.com
URL: https://api.starwar.provisioning.govlast.com/api/authorize

Domain: api.starwar.provisioning.govlast.com
URL: https://api.starwar.provisioning.govlast.com/api/oauth/logout

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.govlast.com/	1970-01-19 13:34:18	Name: _gid Value: GA1.2.1991050716.1603972566
			.govlast.com/	1970-01-20 07:04:04	Name: _ga Value: GA1.2.106086783.1603972566

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js(Line 1254) Message: Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api	info	URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js(Line 1254) Message: You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api	warning	URL: https://starwar.provisioning.govlast.com/static/js/vendor.df5f31ffe695500f2d37.js(Line 1254) Message: Error: Network Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.starwar.provisioning.govlast.com
js.intercomcdn.com
maps.googleapis.com
sentry.io
starwar.provisioning.govlast.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
api.starwar.provisioning.govlast.com
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:821::200a
35.188.42.15
52.62.174.12
54.153.230.102
65.9.190.111
65.9.190.78
0e62679eb6158be039b841766a8c03775ddf21f2318834adb209f3e02de048e9
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327
33bdeaea12588ffaec981b69a1f42a9ebbb2c6bc9e40ebbf96c5a2f60902f5bd
40e14d8553e349960d39d724b396eb5920f6c0006e8619f3b6f32b6f9152e650
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
8beef70cd40665a38d2a3529d25ff4932710475f5b9951e8bf607814114e60c6
9a67d3178490055826de230931af68518911fd58f7e9d1d507d7c7737fb0e755
9b5dea9e469cf5726c549f2575c3bebeafb10992d34c80da5b6f2e4f008ccc20
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61
a837d6d36b73fb61264bf7d73d5a509445ed6b3980671b13ac0f3de207faca40
bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e
d6bb784c1fe36582c7a60310fe712f494161e4fd42b94057b9cd9bc8a91cd5db
dfde6178e693a3e805dff4470329811bddb43805e0305389b142901ea8b21580
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4236e21562b37d0daaa4f337ea0d413ae0e578d322f78b410bb13943e2f1319
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f2115d67889ef9ee779fd47c169d0057c076767844771a2eb6fe918f09760e61
fb565dad695cf6cd6642ae50ac0203e6b9e6683959fa881e8c2e34d45796ad73

starwar.provisioning.govlast.com Open in urlscan Pro 52.62.174.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

44 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

6016 kBTransfer

6525 kBSize

2 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

starwar.provisioning.govlast.com Open in urlscan Pro
52.62.174.12 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

6016 kB
Transfer

6525 kB
Size

2
Cookies

22 HTTP transactions
1 data transactions