urlscan.io logo urlscan.io
SecurityTrails logo

userdashboard.dtttd-w01fgang.lol Open in urlscan Pro
13.225.80.96  Public Scan

Go To Rescan Add Verdict Report
URL: https://userdashboard.dtttd-w01fgang.lol/
Submission: On January 28 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 13.225.80.96, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is userdashboard.dtttd-w01fgang.lol.
TLS certificate: Issued by Amazon on January 28th 2021. Valid for: a year.
This is the only time userdashboard.dtttd-w01fgang.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 13.225.80.96 16509 (AMAZON-02)
1 13.225.80.125 16509 (AMAZON-02)
1 52.210.108.40 16509 (AMAZON-02)
1 52.18.135.71 16509 (AMAZON-02)
2 54.82.179.127 14618 (AMAZON-AES)
1 65.9.7.98 16509 (AMAZON-02)
2 13.224.194.49 16509 (AMAZON-02)
3 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:20e... 16509 (AMAZON-02)
18 10
3    13.225.80.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-96.fra2.r.cloudfront.net
userdashboard.dtttd-w01fgang.lol
1    13.225.80.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-125.fra2.r.cloudfront.net
d1l6p2sc9645hc.cloudfront.net
1    52.210.108.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-108-40.eu-west-1.compute.amazonaws.com
analytics.dtttd-w01fgang.lol
1    52.18.135.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-135-71.eu-west-1.compute.amazonaws.com
user-dashboard-api.dtttd-w01fgang.lol
2    54.82.179.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-179-127.compute-1.amazonaws.com
data2.gosquared.com
1    65.9.7.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
js.gs-chat.com
2    13.224.194.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-49.fra2.r.cloudfront.net
static.gosquared.com
3    2600:9000:206f:2600:b:4655:a540:93a1 (United States)

ASN16509 (AMAZON-02, US)
api-cdn.gosquared.com
2    2600:9000:20eb:4800:1a:757b:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
metrics.gs-chat.com
Domain Requested by
3 api-cdn.gosquared.com js.gs-chat.com
3 userdashboard.dtttd-w01fgang.lol userdashboard.dtttd-w01fgang.lol
2 metrics.gs-chat.com js.gs-chat.com
2 static.gosquared.com userdashboard.dtttd-w01fgang.lol
2 data2.gosquared.com d1l6p2sc9645hc.cloudfront.net
1 js.gs-chat.com d1l6p2sc9645hc.cloudfront.net
1 user-dashboard-api.dtttd-w01fgang.lol userdashboard.dtttd-w01fgang.lol
1 analytics.dtttd-w01fgang.lol userdashboard.dtttd-w01fgang.lol
1 d1l6p2sc9645hc.cloudfront.net userdashboard.dtttd-w01fgang.lol
18 9

This site contains links to these domains. Also see Links.

Domain
gs-chat.com
Subject Issuer Validity Valid
userdashboard.dtttd-w01fgang.lol
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
analytics.dtttd-w01fgang.lol
Amazon		 2020-08-27 -
2021-09-26		 a year crt.sh
gosquared.com
Amazon		 2020-11-19 -
2021-12-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://userdashboard.dtttd-w01fgang.lol/
Frame ID: 37954209461BAE92D66A67A3C40E9E09
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i

Page Statistics

18
Requests

89 %
HTTPS

22 %
IPv6

4
Domains

9
Subdomains

10
IPs

2
Countries

379 kB
Transfer

962 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
userdashboard.dtttd-w01fgang.lol/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://userdashboard.dtttd-w01fgang.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
467cceab35855db89ed04a51dda5b4c7b574d2549cdfdd0b905b6adb8588736d

Request headers

:method
GET
:authority
userdashboard.dtttd-w01fgang.lol
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html
last-modified
Thu, 28 Jan 2021 17:09:24 GMT
server
AmazonS3
content-encoding
gzip
date
Thu, 28 Jan 2021 17:21:20 GMT
cache-control
public, max-age=120
etag
W/"09b792ec892d693dfedf94abbc9674a7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zFYIv4-c03dUV4LJer9pa5nTu0QhQFmxRfOOgKJ7-QwwXW9jMkW8Xg==
2.0e9157bc.chunk.js
userdashboard.dtttd-w01fgang.lol/static/js/ 		586 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userdashboard.dtttd-w01fgang.lol/static/js/2.0e9157bc.chunk.js
Requested by
Host: userdashboard.dtttd-w01fgang.lol
URL: https://userdashboard.dtttd-w01fgang.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
082492513c0d918cb1ed3d3d29d5d8005e64647f2f787fb9f0f2defbbab1c1be

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:20 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 17:09:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"58c8583a6589ce5e74424f2a1e692f23"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
8_lsp7UfX9-BTHtDLlAnSfYwdMSIWnfByww4e8sza2j_kg2pbaIYCA==
main.93a9efcf.chunk.js
userdashboard.dtttd-w01fgang.lol/static/js/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userdashboard.dtttd-w01fgang.lol/static/js/main.93a9efcf.chunk.js
Requested by
Host: userdashboard.dtttd-w01fgang.lol
URL: https://userdashboard.dtttd-w01fgang.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6ea5962c7eb6127e69c354bef9381780f3607f17572428ba183dceb8252f290

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:20 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 17:09:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
W/"f0ca90a90d30ceb6cabc28ab77447cf2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
OnLzKUluPgDVP73oG2ifyMM0XmUZjaH1yJHcgIvUadFjG1SC80MdhA==
tracker.js
d1l6p2sc9645hc.cloudfront.net/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Requested by
Host: userdashboard.dtttd-w01fgang.lol
URL: https://userdashboard.dtttd-w01fgang.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-125.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a91777b82ca18217506ac7a9bcc1fe229673e18747df9c0cc40768eb83cd666

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 07:14:11 GMT
content-encoding
gzip
last-modified
Tue, 08 Dec 2020 09:52:00 GMT
server
AmazonS3
age
36429
etag
W/"5af7891196febc3b7ed04a5bfbd7b679"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
cache-control
max-age=43200, public
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
T9jgrju4CmiCfxVMtGghaP0IRmm1L6uWiVRD8PG91_X-GZJk_yPCKA==
track
analytics.dtttd-w01fgang.lol/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.dtttd-w01fgang.lol/track
Requested by
Host: userdashboard.dtttd-w01fgang.lol
URL: https://userdashboard.dtttd-w01fgang.lol/static/js/main.93a9efcf.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.108.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-108-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST
user-dashboard-state
user-dashboard-api.dtttd-w01fgang.lol/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://user-dashboard-api.dtttd-w01fgang.lol/user-dashboard-state?cid=no_company_defined&did=deviceId_is_missing
Protocol
H2
Server
52.18.135.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-135-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://userdashboard.dtttd-w01fgang.lol
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 28 Jan 2021 17:21:19 GMT
x-amzn-requestid
cfce69ff-1d4d-4258-a886-298f9a0c9330
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
Z3rWfHJOjoEFXng=
access-control-allow-methods
GET
user-dashboard-state
user-dashboard-api.dtttd-w01fgang.lol/ 		0
0
pv
data2.gosquared.com/ 		314 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data2.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1600&sh=1200&dp=1&pu=https%3A%2F%2Fuserdashboard.dtttd-w01fgang.lol%2F&pt=Dashboard&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&aip=1&tz=-60&cp=id%3DsdeviceId_is_missing%26company%3Doname%253Dsno_company_defined&rc=1&cb=0&a=GSN-240156-H&id=fb390975ea70d281f727fab6863720f0&cid=deviceId_is_missing&tv=6.5.1920
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.179.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-179-127.compute-1.amazonaws.com
Software
/
Resource Hash
7c832a6e3d0ea5ab147411b798d19e98edf8bda7e9e72fe8edcc16e2c6aa2d06

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:20 GMT
content-length
314
content-type
text/javascript
chat.js
js.gs-chat.com/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gs-chat.com/chat.js?53f9ab06285fbea4
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08b4be6c7697199b44f0956b79fb80b22b39461ef45e398c4df6f9d632013214

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 12:30:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 11:34:19 GMT
server
AmazonS3
age
17445
etag
W/"3441aedef2490925d4331b14bddc41ae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
TEvObY4YW2_5SusIQxIWQ06gs2DgXkZD9a8b5gX-08lvL0dY5522lg==
Inter.latin.var.woff2
static.gosquared.com/fonts/inter/2020-11/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.latin.var.woff2
Requested by
Host: userdashboard.dtttd-w01fgang.lol
URL: https://userdashboard.dtttd-w01fgang.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-49.fra2.r.cloudfront.net
Software
GS /
Resource Hash
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Origin
https://userdashboard.dtttd-w01fgang.lol
Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 18:20:47 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
age
82833
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
75000
x-xss-protection
1; mode=block
server
GS
etag
"4ed1a31b78396d06cb26a922ed5f2132"
strict-transport-security
max-age=31536000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
1WBA0GZ6VMSnbp7ipkigIuEXdV_hsNEmI6zbGH2SWmM_3gZ11Z3R7A==
identifiedClientAuth
api-cdn.gosquared.com/chat/v1/ 		249 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.gosquared.com/chat/v1/identifiedClientAuth?person_id=deviceId_is_missing&site_token=GSN-240156-H&_=0.17063511171457169
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?53f9ab06285fbea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
592d4be07c270ecc2e7a922f53d1cc28abb8ae3584f0b3fa5c060663b47d7e07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
17
strict-transport-security
max-age=31536000
request-id
2d15aeb9-4d38-4db4-8e10-db14a131162f
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-28598
access-control-allow-origin
https://userdashboard.dtttd-w01fgang.lol
server
GoSquared
etag
W/"fd2ccfb735fee1bdc7f6fbe700253184"
content-md5
/SzPtzX+4b3H9vvnACUxhA==
content-type
application/json; charset=utf-8
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
x-amz-cf-id
ClqlZ00jFyfbmRASDzMpjJyAmmKXjY5ZFF8YKfFDZ3I60jpMrL7Njg==
Inter.symbols.var.woff2
static.gosquared.com/fonts/inter/2020-11/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.symbols.var.woff2
Requested by
Host: userdashboard.dtttd-w01fgang.lol
URL: https://userdashboard.dtttd-w01fgang.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-49.fra2.r.cloudfront.net
Software
GS /
Resource Hash
434d510fdf225407a39dbf4e969557607bf55b85bda4abf7298e3990c6cf9305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Origin
https://userdashboard.dtttd-w01fgang.lol
Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
etag
"8c8b864fe2023fa4c2c7f08c12435d9f"
age
71842
x-cache
Hit from cloudfront
content-length
28288
x-xss-protection
1; mode=block
server
GS
date
Thu, 28 Jan 2021 12:25:46 GMT
access-control-max-age
3000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
eMVY8SvMHSB8rjnBp1QlP4pNLQ3nftKvcpCGGB6XP6TtVAqFD2mjGw==
stream
api-cdn.gosquared.com/chat/v1/ 		197 B
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.gosquared.com/chat/v1/stream?language=en-US&site_token=GSN-240156-H&person_id=deviceId_is_missing&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRldmljZUlkX2lzX21pc3NpbmciLCJzY29wZXMiOlsiaW5zZWN1cmVfY2xpZW50Il0sImlzQW5vbiI6ZmFsc2UsInNpdGVfdG9rZW4iOiJHU04tMjQwMTU2LUgiLCJpYXQiOjE2MTE4NTQ0ODB9.I5xjPzxzG0WQ6RExtExXMrmusyEwby4EF5LXGbOStbg&_=0.6289550132445547
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?53f9ab06285fbea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
78b901cd0e1593045c9af2ef835ae608420d6508c4e1111163a6974cf953a4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-bucket
insecure
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
29
x-ratelimit-remaining
50
strict-transport-security
max-age=31536000
x-ratelimit-cost
5
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-30067
access-control-allow-origin
https://userdashboard.dtttd-w01fgang.lol
server
GoSquared
content-md5
ijdIMlc6Pglq0lNwbSukww==
content-type
application/json; charset=utf-8
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-ratelimit-full
2
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
request-id
81891c25-f525-4845-bfb7-77d37d19e8fb
x-ratelimit-limit
60
x-amz-cf-id
tfGFSeAs4Vl4jaSn4i5SfFJh54e5sjHnHMz0rZ728IV6X4AZqLk-Uw==
messages
api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/ 		27 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/messages?limit=100&site_token=GSN-240156-H&person_id=deviceId_is_missing&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRldmljZUlkX2lzX21pc3NpbmciLCJzY29wZXMiOlsiaW5zZWN1cmVfY2xpZW50Il0sImlzQW5vbiI6ZmFsc2UsInNpdGVfdG9rZW4iOiJHU04tMjQwMTU2LUgiLCJpYXQiOjE2MTE4NTQ0ODB9.I5xjPzxzG0WQ6RExtExXMrmusyEwby4EF5LXGbOStbg&_=0.7969483466168283
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?53f9ab06285fbea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:b:4655:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GoSquared / GoSquared
Resource Hash
8cb577650a65acca1dcd67b68127fc0b498bbbb373905c7734544b68bc8e33e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-ratelimit-bucket
insecure
x-api-version
1
x-amz-cf-pop
FRA56-C1
x-powered-by
GoSquared
x-cache
Miss from cloudfront
response-time
3038
x-ratelimit-remaining
55
strict-transport-security
max-age=31536000
x-ratelimit-cost
5
vary
origin
timezone
Europe/Rome
x-xss-protection
1; mode=block
x-served-by
api-28598
access-control-allow-origin
https://userdashboard.dtttd-w01fgang.lol
server
GoSquared
etag
W/"ddeb9024dd540b420581f0646f1db9b3"
content-md5
3euQJN1UC0IFgfBkbx25sw==
content-type
application/json; charset=utf-8
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-ratelimit-full
1
access-control-expose-headers
etag, api-version, content-length, content-md5, content-type, date, request-id, response-time
request-id
c9123d1d-3824-40ed-954f-57caadbf1116
x-ratelimit-limit
60
x-amz-cf-id
_CMkCzqoHcEjf0Y4bHBdcx_v70_DlENhRmK2I2YANXGeKUzsO7dovQ==
messages
api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/ 		0
0
ping
data2.gosquared.com/ 		6 B
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data2.gosquared.com/ping?vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&i=0&et=5347&rc=1&cb=1&a=GSN-240156-H&id=fb390975ea70d281f727fab6863720f0&cid=deviceId_is_missing&tv=6.5.1920
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.179.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-179-127.compute-1.amazonaws.com
Software
/
Resource Hash
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/error?error=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 17:21:25 GMT
content-length
6
content-type
text/javascript
m
metrics.gs-chat.com/ 		11 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.gs-chat.com/m?
Requested by
Host: js.gs-chat.com
URL: https://js.gs-chat.com/chat.js?53f9ab06285fbea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4800:1a:757b:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

Referer
https://userdashboard.dtttd-w01fgang.lol/error?error=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 28 Jan 2021 17:21:25 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
access-control-max-age
7200
access-control-allow-methods
OPTIONS, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
etag, content-length, content-type, date
x-cache
Miss from cloudfront
content-length
11
x-amz-cf-id
qN9dHK6a_IgUqntJ4-iE7kveSCBKiPSt1K5wTP2PQRVRVvgq5MAkoQ==
m
metrics.gs-chat.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://metrics.gs-chat.com/m?
Protocol
H2
Server
2600:9000:20eb:4800:1a:757b:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://userdashboard.dtttd-w01fgang.lol
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 28 Jan 2021 14:58:20 GMT
access-control-allow-methods
OPTIONS, GET, POST
access-control-allow-origin
*
access-control-max-age
7200
access-control-allow-headers
content-type
access-control-expose-headers
etag, content-length, content-type, date
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-cache
Hit from cloudfront
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
pnbYHqWkT7fveOJsKqJ5gA_L-87ZDayJFz3ljrx0mCX-UtJeBUtuFA==
age
8584

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
user-dashboard-api.dtttd-w01fgang.lol
URL
https://user-dashboard-api.dtttd-w01fgang.lol/user-dashboard-state?cid=no_company_defined&did=deviceId_is_missing
Domain
api-cdn.gosquared.com
URL
https://api-cdn.gosquared.com/chat/v1/chats/deviceId_is_missing/messages?limit=100&site_token=GSN-240156-H&person_id=deviceId_is_missing&auth=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRldmljZUlkX2lzX21pc3NpbmciLCJzY29wZXMiOlsiaW5zZWN1cmVfY2xpZW50Il0sImlzQW5vbiI6ZmFsc2UsInNpdGVfdG9rZW4iOiJHU04tMjQwMTU2LUgiLCJpYXQiOjE2MTE4NTQ0ODB9.I5xjPzxzG0WQ6RExtExXMrmusyEwby4EF5LXGbOStbg&_=0.06160251924828852

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| _gs object| webpackJsonpdashboard object| regeneratorRuntime object| scCGSHMRCache object| __SENTRY__

2 Cookies

Domain/Path Name / Value
userdashboard.dtttd-w01fgang.lol/ Name: gs_u_GSN-240156-H
Value: fb390975ea70d281f727fab6863720f0:2567:5000:1611854479728
userdashboard.dtttd-w01fgang.lol/ Name: gs_v_GSN-240156-H
Value: deviceId_is_missing

3 Console Messages

Source Level URL
Text
console-api log URL: https://userdashboard.dtttd-w01fgang.lol/static/js/main.93a9efcf.chunk.js(Line 1)
Message:
Send event call [object Object]
console-api log URL: https://userdashboard.dtttd-w01fgang.lol/static/js/main.93a9efcf.chunk.js(Line 1)
Message:
sendBeacon(): Successfully queued the analytics data
console-api error URL: https://userdashboard.dtttd-w01fgang.lol/static/js/main.93a9efcf.chunk.js(Line 1)
Message:
Error occurred on fetching tiles Failed to fetch TypeError: Failed to fetch

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.dtttd-w01fgang.lol
api-cdn.gosquared.com
d1l6p2sc9645hc.cloudfront.net
data2.gosquared.com
js.gs-chat.com
metrics.gs-chat.com
static.gosquared.com
user-dashboard-api.dtttd-w01fgang.lol
userdashboard.dtttd-w01fgang.lol
api-cdn.gosquared.com
user-dashboard-api.dtttd-w01fgang.lol
13.224.194.49
13.225.80.125
13.225.80.96
2600:9000:206f:2600:b:4655:a540:93a1
2600:9000:20eb:4800:1a:757b:b180:93a1
52.18.135.71
52.210.108.40
54.82.179.127
65.9.7.98
082492513c0d918cb1ed3d3d29d5d8005e64647f2f787fb9f0f2defbbab1c1be
08b4be6c7697199b44f0956b79fb80b22b39461ef45e398c4df6f9d632013214
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
434d510fdf225407a39dbf4e969557607bf55b85bda4abf7298e3990c6cf9305
467cceab35855db89ed04a51dda5b4c7b574d2549cdfdd0b905b6adb8588736d
592d4be07c270ecc2e7a922f53d1cc28abb8ae3584f0b3fa5c060663b47d7e07
78b901cd0e1593045c9af2ef835ae608420d6508c4e1111163a6974cf953a4d2
7c832a6e3d0ea5ab147411b798d19e98edf8bda7e9e72fe8edcc16e2c6aa2d06
8cb577650a65acca1dcd67b68127fc0b498bbbb373905c7734544b68bc8e33e2
9a91777b82ca18217506ac7a9bcc1fe229673e18747df9c0cc40768eb83cd666
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0
f6ea5962c7eb6127e69c354bef9381780f3607f17572428ba183dceb8252f290