URL: https://userdashboard.gniripsnitibah.net/
Submission: On December 10 via automatic, source certstream-suspicious

Summary

This website contacted 9 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 143.204.55.120, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is userdashboard.gniripsnitibah.net.
TLS certificate: Issued by Amazon on December 10th 2020. Valid for: a year.
This is the only time userdashboard.gniripsnitibah.net was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
3 143.204.55.120 16509 (AMAZON-02)
1 65.9.68.84 16509 (AMAZON-02)
1 54.77.134.232 16509 (AMAZON-02)
2 54.82.179.127 14618 (AMAZON-AES)
1 65.9.73.89 16509 (AMAZON-02)
2 65.9.68.68 16509 (AMAZON-02)
4 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
18 9
Domain Requested by
4 api-cdn.gosquared.com js.gs-chat.com
3 userdashboard.gniripsnitibah.net userdashboard.gniripsnitibah.net
2 metrics.gs-chat.com js.gs-chat.com
2 static.gosquared.com userdashboard.gniripsnitibah.net
2 data2.gosquared.com d1l6p2sc9645hc.cloudfront.net
1 js.gs-chat.com d1l6p2sc9645hc.cloudfront.net
1 analytics.gniripsnitibah.net userdashboard.gniripsnitibah.net
1 d1l6p2sc9645hc.cloudfront.net userdashboard.gniripsnitibah.net
0 user-dashboard-api.qa2.gniripsnitibah.net Failed userdashboard.gniripsnitibah.net
18 9

This site contains links to these domains. Also see Links.

Domain
gs-chat.com
Subject Issuer Validity Valid
userdashboard.gniripsnitibah.net
Amazon
2020-12-10 -
2022-01-08
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
analytics.gniripsnitibah.net
Amazon
2020-07-21 -
2021-08-21
a year crt.sh
gosquared.com
Amazon
2020-11-19 -
2021-12-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://userdashboard.gniripsnitibah.net/
Frame ID: 6EECA7AB782CFA643523EC9B41098A08
Requests: 16 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

18
Requests

89 %
HTTPS

25 %
IPv6

4
Domains

9
Subdomains

9
IPs

2
Countries

373 kB
Transfer

943 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
userdashboard.gniripsnitibah.net/
4 KB
3 KB
Document
General
Full URL
https://userdashboard.gniripsnitibah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-120.osl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
536af3026c47965b341b22f90e931f158da5971fa99166d3175a1764dd3ce5dd

Request headers

:method
GET
:authority
userdashboard.gniripsnitibah.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html
date
Thu, 10 Dec 2020 21:33:19 GMT
cache-control
public, max-age=120
last-modified
Thu, 10 Dec 2020 20:26:21 GMT
etag
W/"406ea0c318e173cbfbc26d538d198f60"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 a7d2a4ec2f50830f128dc406960aef9b.cloudfront.net (CloudFront)
x-amz-cf-pop
OSL50-C1
x-amz-cf-id
x4WJT6mbrxAQbIfpOlZGsQtq47lSmM17qyB96npACLn2k0J0KQuSgQ==
2.817080da.chunk.js
userdashboard.gniripsnitibah.net/static/js/
602 KB
185 KB
Script
General
Full URL
https://userdashboard.gniripsnitibah.net/static/js/2.817080da.chunk.js
Requested by
Host: userdashboard.gniripsnitibah.net
URL: https://userdashboard.gniripsnitibah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-120.osl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0da12a1c0648d289dd206ba02ed899a98ab5e8194565e2039f0aa2fd5f147e97

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:19 GMT
content-encoding
gzip
last-modified
Thu, 10 Dec 2020 20:26:21 GMT
server
AmazonS3
x-amz-cf-pop
OSL50-C1
etag
W/"12d71a7e61844d7363bf7feb360cad6a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 a7d2a4ec2f50830f128dc406960aef9b.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
llzrVa7rbjJqP3Hxq0p3b_mW6a1Ro7mhAJCXkVBRYpacxjs6DbKaCA==
main.43e05a69.chunk.js
userdashboard.gniripsnitibah.net/static/js/
82 KB
24 KB
Script
General
Full URL
https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js
Requested by
Host: userdashboard.gniripsnitibah.net
URL: https://userdashboard.gniripsnitibah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-120.osl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28069769726c8249d5e737e4e8cff7f4c997554ae1f9ccd104cc2f2b5240ca72

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:19 GMT
content-encoding
gzip
last-modified
Thu, 10 Dec 2020 20:26:21 GMT
server
AmazonS3
x-amz-cf-pop
OSL50-C1
etag
W/"f823ec8e83b341d174209e49aa85eafa"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 a7d2a4ec2f50830f128dc406960aef9b.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
_WPUb3MOv8LvVDnNJLHT-7__DqtONcM4u8L6uTrrdjveHsYsWJoLEw==
tracker.js
d1l6p2sc9645hc.cloudfront.net/
9 KB
5 KB
Script
General
Full URL
https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Requested by
Host: userdashboard.gniripsnitibah.net
URL: https://userdashboard.gniripsnitibah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a91777b82ca18217506ac7a9bcc1fe229673e18747df9c0cc40768eb83cd666

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 09:52:49 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 09:52:00 GMT
server
AmazonS3
age
42030
etag
"5af7891196febc3b7ed04a5bfbd7b679"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
max-age=43200, public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ROcaf1iJX9M_KcGHHfTda2MfDrB-ayrqcUmulW3bcWTYromnetXTKw==
track
analytics.gniripsnitibah.net/
0
0
Other
General
Full URL
https://analytics.gniripsnitibah.net/track
Requested by
Host: userdashboard.gniripsnitibah.net
URL: https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.134.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-134-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST
user-dashboard-state
user-dashboard-api.qa2.gniripsnitibah.net/
0
0

user-dashboard-state
user-dashboard-api.qa2.gniripsnitibah.net/
0
0

pv
data2.gosquared.com/
196 B
267 B
Script
General
Full URL
https://data2.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1600&sh=1200&dp=1&pu=https%3A%2F%2Fuserdashboard.gniripsnitibah.net%2F&pt=Dashboard&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&aip=1&tz=-60&cp=id%3DsdeviceId_is_missing%26company%3Doname%253Dsno_company_defined&rc=1&cb=0&a=GSN-913440-W&id=a24518f3a295961f455ca6cbb9e5320f&cid=deviceId_is_missing&tv=6.5.1920
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.179.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-179-127.compute-1.amazonaws.com
Software
/
Resource Hash
f23d72ccccfe5006728afc6103c3ce26f84c2d74dcf694b49a38ae392db64649

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:19 GMT
content-length
196
content-type
text/javascript
chat.js
js.gs-chat.com/
144 KB
50 KB
Script
General
Full URL
https://js.gs-chat.com/chat.js?37911a16c7f2d9a3
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796b612b407e3671d08937c46034070f2b8a9efe09cd6dfe2fcfa943634c1aea

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 18:03:56 GMT
content-encoding
br
last-modified
Thu, 10 Dec 2020 18:03:54 GMT
server
AmazonS3
age
12564
etag
W/"dfed4320723227f1d4e0cba1003549b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
via
1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
OHcPkGmQaitKJ2d95FTBciTmJ1xoSJnn3maUyfYqWGuNeiDNTYmHUA==
Inter.latin.var.woff2
static.gosquared.com/fonts/inter/2020-11/
73 KB
74 KB
Font
General
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.latin.var.woff2
Requested by
Host: userdashboard.gniripsnitibah.net
URL: https://userdashboard.gniripsnitibah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GS /
Resource Hash
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Origin
https://userdashboard.gniripsnitibah.net
Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 12:56:28 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
age
31011
x-cache
Hit from cloudfront
content-length
75000
x-xss-protection
1; mode=block
server
GS
etag
"4ed1a31b78396d06cb26a922ed5f2132"
strict-transport-security
max-age=31536000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
jegBRG-gxFLE0fs0gCrFmKtIsfsnR7i1hQttzNTihw_nKRiLn1D91A==
identifiedClientAuth
api-cdn.gosquared.com/chat/v1/
249 B
916 B
XHR
General
Full URL
https://api-cdn.gosquared.com/chat/v1/identifiedClientAuth?person_id=deviceId_is_missing&site_token=GSN-913440-W&_=0.6058887512787452
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?37911a16c7f2d9a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
a3eaf4823cb0fac7ff9ab490ed95738b12938ce7016831141e6d6b1b4d60b779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
3
strict-transport-security
max-age=31536000
request-id
a9f67c34-fc65-41a5-9532-e0cb97270626
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-28598
access-control-allow-origin
https://userdashboard.gniripsnitibah.net
server
GoSquared
etag
W/"bdd9489ac037a8aea6f8be0c3cdc1eda"
content-md5
vdlImsA3qK6m+L4MPNwe2g==
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
x-amz-cf-id
y7pPtk3kWFXqHmCUmdPG7RGX0Lpm7KnZT6La-oFv6Z76Xv0kVaTzHw==
Inter.symbols.var.woff2
static.gosquared.com/fonts/inter/2020-11/
28 KB
28 KB
Font
General
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.symbols.var.woff2
Requested by
Host: userdashboard.gniripsnitibah.net
URL: https://userdashboard.gniripsnitibah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GS /
Resource Hash
434d510fdf225407a39dbf4e969557607bf55b85bda4abf7298e3990c6cf9305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Origin
https://userdashboard.gniripsnitibah.net
Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
etag
"8c8b864fe2023fa4c2c7f08c12435d9f"
age
48547
x-cache
Hit from cloudfront
content-length
28288
x-xss-protection
1; mode=block
server
GS
date
Thu, 10 Dec 2020 08:04:13 GMT
access-control-max-age
3000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
q2Eno_v4qcLDzEgg6D-o8Qgf6a3Sykx05uQvTmBXkK99RUpOpgAW9A==
stream
api-cdn.gosquared.com/chat/v1/
197 B
922 B
XHR
General
Full URL
https://api-cdn.gosquared.com/chat/v1/stream?language=en-US&site_token=GSN-913440-W&person_id=deviceId_is_missing&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRldmljZUlkX2lzX21pc3NpbmciLCJzY29wZXMiOlsiaW5zZWN1cmVfY2xpZW50Il0sImlzQW5vbiI6ZmFsc2UsInNpdGVfdG9rZW4iOiJHU04tOTEzNDQwLVciLCJpYXQiOjE2MDc2MzU5OTl9.Z-lo-1DMwxV_wS6pi3Jr2CnGo7mFowO-HToBvcEyHK8&_=0.14544396084198707
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?37911a16c7f2d9a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
f22c09bdf1776615fcdfea6c979ee5c74b0dded7fddc47b6d8589427f5889c7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-bucket
insecure
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
12
x-ratelimit-remaining
55
strict-transport-security
max-age=31536000
x-ratelimit-cost
5
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-28598
access-control-allow-origin
https://userdashboard.gniripsnitibah.net
server
GoSquared
content-md5
uS4C9R70JfGZVFE/A3i3Kg==
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-ratelimit-full
1
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
request-id
9b51f3f7-e91e-423c-a399-0277c79534fa
x-ratelimit-limit
60
x-amz-cf-id
PVdjjODk_haakyqp_3ogRHRX4WMvyXx0nKl6sAzEHagdZbPTfk1JnQ==
messages
api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/
162 B
921 B
XHR
General
Full URL
https://api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/messages?limit=100&site_token=GSN-913440-W&person_id=deviceId_is_missing&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRldmljZUlkX2lzX21pc3NpbmciLCJzY29wZXMiOlsiaW5zZWN1cmVfY2xpZW50Il0sImlzQW5vbiI6ZmFsc2UsInNpdGVfdG9rZW4iOiJHU04tOTEzNDQwLVciLCJpYXQiOjE2MDc2MzU5OTl9.Z-lo-1DMwxV_wS6pi3Jr2CnGo7mFowO-HToBvcEyHK8&_=0.2632802712148259
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?37911a16c7f2d9a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
b52ea223186bd27321247264aa54cc2317df3c410716113c29bf10ca1d2ceec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-bucket
insecure
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
37
x-ratelimit-remaining
50
strict-transport-security
max-age=31536000
x-ratelimit-cost
5
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-28598
access-control-allow-origin
https://userdashboard.gniripsnitibah.net
server
GoSquared
etag
W/"52cfd7b521057d55e050eaf01dc05038"
content-md5
Us/XtSEFfVXgUOrwHcBQOA==
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-ratelimit-full
2
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
request-id
e627b284-f960-48fa-a45c-fd48ea229119
x-ratelimit-limit
60
x-amz-cf-id
y-fvcUx5L7xFi7v8ibtk9N1-XgM-6HtTX7xwdscKgExq1NATdlAYkQ==
messages
api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/
162 B
931 B
XHR
General
Full URL
https://api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/messages?from=1602840100016&limit=100&site_token=GSN-913440-W&person_id=deviceId_is_missing&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRldmljZUlkX2lzX21pc3NpbmciLCJzY29wZXMiOlsiaW5zZWN1cmVfY2xpZW50Il0sImlzQW5vbiI6ZmFsc2UsInNpdGVfdG9rZW4iOiJHU04tOTEzNDQwLVciLCJpYXQiOjE2MDc2MzU5OTl9.Z-lo-1DMwxV_wS6pi3Jr2CnGo7mFowO-HToBvcEyHK8&_=0.6223903861997508
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?37911a16c7f2d9a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
b52ea223186bd27321247264aa54cc2317df3c410716113c29bf10ca1d2ceec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-bucket
insecure
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
17
x-ratelimit-remaining
49
strict-transport-security
max-age=31536000
x-ratelimit-cost
5
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-28598
access-control-allow-origin
https://userdashboard.gniripsnitibah.net
server
GoSquared
etag
W/"52cfd7b521057d55e050eaf01dc05038"
content-md5
Us/XtSEFfVXgUOrwHcBQOA==
content-type
application/json; charset=utf-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-ratelimit-full
2
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
request-id
03250627-eeb9-4bbb-9935-34e23e516ad1
x-ratelimit-limit
60
x-amz-cf-id
oXYysf-DBAYFg69rmFzsIZz2ClB8wyqVenVROOkQPKiIZvQK1tDpfg==
ping
data2.gosquared.com/
6 B
74 B
Script
General
Full URL
https://data2.gosquared.com/ping?vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&i=0&et=5367&rc=1&cb=1&a=GSN-913440-W&id=a24518f3a295961f455ca6cbb9e5320f&cid=deviceId_is_missing&tv=6.5.1920
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.179.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-179-127.compute-1.amazonaws.com
Software
/
Resource Hash
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Dec 2020 21:33:24 GMT
content-length
6
content-type
text/javascript
m
metrics.gs-chat.com/
11 B
413 B
XHR
General
Full URL
https://metrics.gs-chat.com/m?
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?37911a16c7f2d9a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e00:1a:757b:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

Referer
https://userdashboard.gniripsnitibah.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Dec 2020 21:33:24 GMT
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
access-control-max-age
7200
access-control-allow-methods
OPTIONS, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
etag, content-length, content-type, date
x-cache
Miss from cloudfront
content-length
11
x-amz-cf-id
e0eGAvn5DJr3i6np_-W9caNvHKMF5hVFFOxrXQe-y3DFZTf24XsFUQ==
m
metrics.gs-chat.com/
0
0
Other
General
Full URL
https://metrics.gs-chat.com/m?
Protocol
H2
Server
2600:9000:206f:e00:1a:757b:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://userdashboard.gniripsnitibah.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Dec 2020 10:51:06 GMT
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
*
access-control-max-age
7200
access-control-allow-headers
content-type
access-control-expose-headers
etag, content-length, content-type, date
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-cache
Hit from cloudfront
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Q4Udf7YYg-Bgiqe2hF5wmI_cKTvkOEphstUQK_f-MVGol7QNcdYDRA==
age
38538

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
user-dashboard-api.qa2.gniripsnitibah.net
URL
https://user-dashboard-api.qa2.gniripsnitibah.net/user-dashboard-state?cid=no_company_defined&did=deviceId_is_missing
Domain
user-dashboard-api.qa2.gniripsnitibah.net
URL
https://user-dashboard-api.qa2.gniripsnitibah.net/user-dashboard-state?cid=no_company_defined&did=deviceId_is_missing

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _gs object| webpackJsonpdashboard object| scCGSHMRCache object| regeneratorRuntime object| __SENTRY__

2 Cookies

Domain/Path Name / Value
userdashboard.gniripsnitibah.net/ Name: gs_u_GSN-913440-W
Value: a24518f3a295961f455ca6cbb9e5320f:2567:5000:1607635998717
userdashboard.gniripsnitibah.net/ Name: gs_v_GSN-913440-W
Value: deviceId_is_missing

5 Console Messages

Source Level URL
Text
console-api log URL: https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js(Line 1)
Message:
Send event call [object Object]
console-api log URL: https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js(Line 1)
Message:
sendBeacon(): Successfully queued the analytics data
console-api log URL: https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js(Line 1)
Message:
hi WebSocket connection error [object Event]
console-api log URL: https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js(Line 1)
Message:
hi WebSocket connection closed
console-api error URL: https://userdashboard.gniripsnitibah.net/static/js/main.43e05a69.chunk.js(Line 1)
Message:
e TypeError: Failed to fetch

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.gniripsnitibah.net
api-cdn.gosquared.com
d1l6p2sc9645hc.cloudfront.net
data2.gosquared.com
js.gs-chat.com
metrics.gs-chat.com
static.gosquared.com
user-dashboard-api.qa2.gniripsnitibah.net
userdashboard.gniripsnitibah.net
user-dashboard-api.qa2.gniripsnitibah.net
143.204.55.120
2600:9000:206f:6e00:b:4655:a540:93a1
2600:9000:206f:e00:1a:757b:b180:93a1
54.77.134.232
54.82.179.127
65.9.68.68
65.9.68.84
65.9.73.89
0da12a1c0648d289dd206ba02ed899a98ab5e8194565e2039f0aa2fd5f147e97
28069769726c8249d5e737e4e8cff7f4c997554ae1f9ccd104cc2f2b5240ca72
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
434d510fdf225407a39dbf4e969557607bf55b85bda4abf7298e3990c6cf9305
536af3026c47965b341b22f90e931f158da5971fa99166d3175a1764dd3ce5dd
796b612b407e3671d08937c46034070f2b8a9efe09cd6dfe2fcfa943634c1aea
9a91777b82ca18217506ac7a9bcc1fe229673e18747df9c0cc40768eb83cd666
a3eaf4823cb0fac7ff9ab490ed95738b12938ce7016831141e6d6b1b4d60b779
b52ea223186bd27321247264aa54cc2317df3c410716113c29bf10ca1d2ceec2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0
f22c09bdf1776615fcdfea6c979ee5c74b0dded7fddc47b6d8589427f5889c7c
f23d72ccccfe5006728afc6103c3ce26f84c2d74dcf694b49a38ae392db64649