urlscan.io logo urlscan.io
SecurityTrails logo

cpasselfserve.woohoo.in Open in urlscan Pro
54.239.192.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cpasselfserve.woohoo.in/
Effective URL: https://cpasselfserve.woohoo.in/
Submission: On November 13 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main IP is 54.239.192.128, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is cpasselfserve.woohoo.in.
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 9th 2019. Valid for: 2 years.
This is the only time cpasselfserve.woohoo.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 54.239.192.128 16509 (AMAZON-02)
6 143.204.214.36 16509 (AMAZON-02)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 51.255.77.86 16276 (OVH)
3 54.239.192.39 16509 (AMAZON-02)
17 7
5    54.239.192.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-128.waw50.r.cloudfront.net
cpasselfserve.woohoo.in
6    143.204.214.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-36.fra53.r.cloudfront.net
d1o7uku192uawx.cloudfront.net
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    51.255.77.86 (France)

ASN16276 (OVH, FR)
PTR: ns3433562.ip-51-255-77.eu
cdn.page-source.com
3    54.239.192.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-39.waw50.r.cloudfront.net
stage.woohoo.in
Domain Requested by
6 d1o7uku192uawx.cloudfront.net cpasselfserve.woohoo.in
d1o7uku192uawx.cloudfront.net
5 cpasselfserve.woohoo.in 1 redirects cpasselfserve.woohoo.in
d1o7uku192uawx.cloudfront.net
3 stage.woohoo.in cpasselfserve.woohoo.in
2 www.googletagmanager.com d1o7uku192uawx.cloudfront.net
1 cdn.page-source.com
1 cdn.polyfill.io cpasselfserve.woohoo.in
17 6

This site contains no links.

Subject Issuer Validity Valid
*.woohoo.in
RapidSSL RSA CA 2018		 2019-05-09 -
2021-08-07		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.page-source.com
COMODO RSA Domain Validation Secure Server CA		 2019-01-08 -
2021-01-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://cpasselfserve.woohoo.in/
Frame ID: C605E52A95F1E5C6FA23D83B9F7C8D00
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cpasselfserve.woohoo.in/ HTTP 301
    https://cpasselfserve.woohoo.in/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

666 kB
Transfer

1407 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cpasselfserve.woohoo.in/ HTTP 301
    https://cpasselfserve.woohoo.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cpasselfserve.woohoo.in/
Redirect Chain
  • http://cpasselfserve.woohoo.in/
  • https://cpasselfserve.woohoo.in/
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpasselfserve.woohoo.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-128.waw50.r.cloudfront.net
Software
nginx /
Resource Hash
6a78e4a1f2e08a79e050c4abf18ce629fd08f8b267754ca335208ae7bd3aaa2d
Security Headers
Name Value
Content-Security-Policy default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
Strict-Transport-Security max-age=60000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cpasselfserve.woohoo.in
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
date
Fri, 13 Nov 2020 08:51:24 GMT
server
nginx
set-cookie
language=en-US; Path=/
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=60000; includeSubdomains
x-xss-protection
1; mode=block
content-security-policy
default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
0
etag
W/"17cb-up5jXhSnNkf39zHRVs71nJlXi2k"
vary
Accept-Encoding
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 89b8117bd9270d922b4549a30cd5ce50.cloudfront.net (CloudFront)
x-amz-cf-pop
WAW50-C1
x-amz-cf-id
fxqoXmZk6Q7u_jQaYLncOP8vxxxq3p3h8ggLTTkSGQcpJhZopSbA5g==

Redirect headers

Server
CloudFront
Date
Fri, 13 Nov 2020 08:51:24 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://cpasselfserve.woohoo.in/
X-Cache
Redirect from cloudfront
Via
1.1 dce4c8b7b9f77858bc00bb5154e30f3c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
WAW50-C1
X-Amz-Cf-Id
A4NUkMvs4Y8b9QpEt7HMDwYvZnS2Gb4OOniWRkkBHawwmWanJCNmgw==
styles.a01e4e2d1c926abedf98.css
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/style/ 		196 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/style/styles.a01e4e2d1c926abedf98.css
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af0e2ad4516ae0945710425c724e6c5fe043063adcf870b09d06d2f43b83123e

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 12:08:54 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 15 Oct 2020 17:20:17 GMT
Server
AmazonS3
Age
420151
ETag
W/"e747243dfc337bcaeb1567e66e0da6dc"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css; charset=utf-8
Via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
Cache-Control
max-age=2628000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
jZt3-hgk7sRpajVWwWS6rfsAYmde48d9r4SAj3AwL2Q9rkyYsB4WVA==
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Array.prototype.includes,Array.prototype.entries
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
71732
detected-user-agent
Chrome/83.0.4103
status
200
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, MISS-CLUSTER, fastly;desc="Edge time";dur=16
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Nov 2020 18:54:12 GMT
date
Fri, 13 Nov 2020 08:51:24 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
default.vendors~client.251ae8686a899105ce4d.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		534 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.vendors~client.251ae8686a899105ce4d.js
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff24d6a4990a0f54e98221e46fbaeda7c8fb73f616765c4c64bb92b76a6b71b0

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 05 Nov 2020 19:19:37 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 05 Nov 2020 16:06:43 GMT
Server
AmazonS3
Age
653508
ETag
W/"51fffd4ed76d9e5e1a266b59007282c2"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
Cache-Control
max-age=2628000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
4R6vIk_ut1mwUHaLAefuLzhc-CRKwQsfbrpNqhwaZ2puVNQ1vVgfwQ==
default.client.339d0eb7015f0e9bd1c8.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		118 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eeeb3c47fc159e5c59deda1cf37d1581320f766a7e83c043e5bd16af732737d4

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 12:08:54 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 05 Nov 2020 16:06:42 GMT
Server
AmazonS3
Age
420151
ETag
W/"f01f05beecb2210064fa758e46a2ec6f"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
Cache-Control
max-age=2628000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
76UWRzDa5yVqGwU8jIqy0kT1Z3_By80VMn0qOr5OgHE0EuFLkS-BpQ==
default.styles.032c8878b62fd232bb8d.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		6 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.styles.032c8878b62fd232bb8d.js
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86f11ddd1d9e1f99cfa70fed0041ef8ac9471ced0b13f736303bac59d802ed2a

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 12:08:54 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 15 Oct 2020 17:20:14 GMT
Server
AmazonS3
Age
420151
ETag
W/"9154088404a60faf6f603be2a67b766b"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Cache-Control
max-age=2628000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
C9uppueHijBICxAI2L9CITItPjj_r_NmL2rrds-SptlSCJ81K9kpoQ==
default.js
cpasselfserve.woohoo.in/js/ 		721 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpasselfserve.woohoo.in/js/default.js
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-128.waw50.r.cloudfront.net
Software
nginx /
Resource Hash
3d738368f4022ffa3f34668a5bd032f524b3b5bd080b9032b627dcae66aaf371

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:51:24 GMT
via
1.1 89b8117bd9270d922b4549a30cd5ce50.cloudfront.net (CloudFront)
last-modified
Thu, 05 Nov 2020 13:43:04 GMT
server
nginx
x-amz-cf-pop
WAW50-C1
etag
W/"2d1-17598a57e40"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-length
721
x-amz-cf-id
ukGQSRigPv2LNwwQYvQ_WUJTPlmYdfNzW8FxfESZ67b8ZnRtZoktuA==
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
settings
cpasselfserve.woohoo.in/proxy/ 		28 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpasselfserve.woohoo.in/proxy/settings
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-128.waw50.r.cloudfront.net
Software
nginx /
Resource Hash
3a04b235c6cadafda20aa6b5db9cb8d10ef5802008fbb13e949899e7e4584c56
Security Headers
Name Value
Content-Security-Policy default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
Strict-Transport-Security max-age=60000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://cpasselfserve.woohoo.in/
x-user-email
false
x-api
settings
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
content-encoding
gzip
etag
W/"70b0-Uz5qdDzCz5FOgJjGwkyOZmobf/A"
x-amz-cf-pop
WAW50-C1
x-cache
Miss from cloudfront
status
200
strict-transport-security
max-age=60000; includeSubdomains
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
date
Fri, 13 Nov 2020 08:51:25 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 89b8117bd9270d922b4549a30cd5ce50.cloudfront.net (CloudFront)
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
fPIbcuXj69hMnK95qqDXczClrw5pJ3uaDDbFNyjQhFRZBmPhSAaAaw==
expires
0
resizeimage.ashx
cdn.page-source.com/ 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.page-source.com/resizeimage.ashx?ig=cpasselfserve.woohoo.in&sz=109402
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.255.77.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3433562.ip-51-255-77.eu
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Fri, 13 Nov 2020 08:51:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/plain
Cache-Control
private
Content-Length
0
default.6.82bf9a6ee74ef596bf29.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.6.82bf9a6ee74ef596bf29.js
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff7a1f1c688a1871fcae155f593f7a0010dcbe6ddd40ec2cfb4c0570efa05ad

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 07:40:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 28 Oct 2020 17:01:38 GMT
Server
AmazonS3
Age
349860
ETag
W/"689f650c2ceaa83ee5e007c38b642b5e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
Cache-Control
max-age=2628000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
9qUTopF6MC7C-MgOIEs0vYymGRexmUN4DUubZGNSUOhGpkG3jcDIgw==
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cpasselfserve.woohoo.in/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
default.1.62fce94f136d884b8a61.js
d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/ 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.1.62fce94f136d884b8a61.js
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-36.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66675d4dc2a95a9b87f914eddab7d2dada21afc5cdb43ecee810e04b3378f167

Request headers

Referer
https://cpasselfserve.woohoo.in/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 12:09:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 15 Oct 2020 17:20:00 GMT
Server
AmazonS3
Age
420146
ETag
W/"a1a55e0b5afcb19495418dbec5c73aa3"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
Cache-Control
max-age=2628000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
XCitBc4t0lgwI_pVvUZiSXZ6Wm4wYacXSzmIiKn1u4qQ-UKPm9zBeA==
Amazon_Logo.jpg
stage.woohoo.in/media/Logo/websites/232/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.woohoo.in/media/Logo/websites/232/Amazon_Logo.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-39.waw50.r.cloudfront.net
Software
Apache /
Resource Hash
f8dc057b9c60c353342fdd9d75a5f7c144520b644453fadb4e0872d21265c640

Request headers

Referer
https://cpasselfserve.woohoo.in/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:51:26 GMT
via
1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
last-modified
Mon, 14 Sep 2020 10:22:45 GMT
server
Apache
x-amz-cf-pop
WAW50-C1
etag
"49a5-5af436a5865a8"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
18853
x-amz-cf-id
xcz1WiqowtxrnQr84PN8yTbLuxKvSljyvqkZ8I47WFotjpnWGGuOAg==
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4284277e4696a5b82d04d70ae4e5d2d5af02c2b97400d98fe8fcfe4aa8d5a212

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		280 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e54289aa0f669f36f9f3ef196616fd516ce38dc3108a43dac9e95b165f4092c4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7f5388221b80e0c0748c7af826856d54854c2d027867968bf33031c0a34383a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
AmazonPayLogo2.jpg
stage.woohoo.in/media/CPAS/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.woohoo.in/media/CPAS/AmazonPayLogo2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-39.waw50.r.cloudfront.net
Software
Apache /
Resource Hash
da701ff04eab3c9a1b1b0fcc90a2d39e9b2fc17850808cad9b70468531c4078b

Request headers

Referer
https://cpasselfserve.woohoo.in/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:51:26 GMT
via
1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jul 2020 17:35:59 GMT
server
Apache
x-amz-cf-pop
WAW50-C1
etag
"1d25-5ab3367f1a9f0"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
7461
x-amz-cf-id
HOj17ABoNc-PNKp9dzZkM8uhkaQ7sN4uWV7ZjnhBMPteIYTo9vURYg==
blocks
cpasselfserve.woohoo.in/proxy/v3/cms/ 		40 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cpasselfserve.woohoo.in/proxy/v3/cms/blocks?identifiers[0]=login_page_footer&
Requested by
Host: d1o7uku192uawx.cloudfront.net
URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.client.339d0eb7015f0e9bd1c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-128.waw50.r.cloudfront.net
Software
nginx /
Resource Hash
72e9beef74cd1d873713b6f2ff363efee1fd7ef29d2e7d36cd55eb172c53c1a2
Security Headers
Name Value
Content-Security-Policy default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
Strict-Transport-Security max-age=60000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://cpasselfserve.woohoo.in/login
x-user-email
false
x-api
blocks
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Nov 2020 08:51:26 GMT
via
1.1 89b8117bd9270d922b4549a30cd5ce50.cloudfront.net (CloudFront)
vary
Accept-Encoding
x-amz-cf-pop
WAW50-C1
x-cache
Error from cloudfront
status
403
content-length
40
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"28-GJgJZyOCNrS4udWcE7KRC9gUVaI"
strict-transport-security
max-age=60000; includeSubdomains
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
x-amz-cf-id
1Toc1kcm9QX1h6FCgt5urkyGiR7EyHtoSIRq9nnZCJDvwYvLpTMD0Q==
expires
0
desknew886x768_1_1_.jpg
stage.woohoo.in/media/login/bg/websites/232/ 		365 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.woohoo.in/media/login/bg/websites/232/desknew886x768_1_1_.jpg
Requested by
Host: cpasselfserve.woohoo.in
URL: https://cpasselfserve.woohoo.in/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.239.192.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-239-192-39.waw50.r.cloudfront.net
Software
Apache /
Resource Hash
6cd039ab1d5613b5b5fa0cd208dcd76b2f1e51b357b1d8b539deb56b05c170d9

Request headers

Referer
https://cpasselfserve.woohoo.in/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:51:26 GMT
via
1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
last-modified
Mon, 05 Oct 2020 11:31:14 GMT
server
Apache
x-amz-cf-pop
WAW50-C1
etag
"5b503-5b0ead1ed1260"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
374019
x-amz-cf-id
Qz6FgKLo5xj10ZDPAFmwOvbPKu2kccq1qht3SL-T2oEhlIG5SxKFTQ==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| __INITIAL_STATE object| __LOADABLE_LOADED_CHUNKS__ function| _ object| scCGSHMRCache object| dataLayer

1 Cookies

Domain/Path Name / Value
cpasselfserve.woohoo.in/ Name: language
Value: en-US

1 Console Messages

Source Level URL
Text
console-api warning URL: https://d1o7uku192uawx.cloudfront.net/woohoo/corpwoohoo/b2b2c/qwikserve/default/js/default.vendors~client.251ae8686a899105ce4d.js(Line 14)
Message:
<GoogleReCaptchaProvider /> recaptcha key not provided

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';connect-src 'self' *.cloudfront.net *.qubit.com *.branch.io *.loggly.com;frame-src *.google.com vars.hotjar.com *.doubleclick.net *.youtube.com giftbig.wufoo.com *.googletagmanager.com;img-src 'self' data: 'unsafe-eval' cdn.page-source.com *.googletagmanager.com metrics.makemytrip.com *.woohoo.in bat.bing.com *.scorecardresearch.com *.google.com *.google.co.in 'unsafe-inline' *.doubleclick.net *.images-home.com *.google-analytics.com *.amazonaws.com *.woohoo.in *.cloudfront.net *.facebook.com *.googleadservices.com;script-src 'self' 'unsafe-eval' 'unsafe-inline' *.bing.com *.scorecardresearch.com script.hotjar.com cdn-3.convertexperiments.com script.crazyegg.com static.hotjar.com static.tacdn.com customs.affilired.com *.makemytrip.com *.qubit.com *.loggly.com *.gstatic.com *.doubleclick.net app.link *.googletagmanager.com *.branch.io *.facebook.net *.wufoo.com *.images-home.com *.google-analytics.com cdn.polyfill.io google-analytics.com *.cloudfront.net *.google.com *.bs.serving-sys.com *.connect.facebook.net *.googleadservices.com *.googletagmanager.com;style-src 'self' 'unsafe-inline' *.cloudfront.net *.googleapis.com;font-src 'self' data: *.cloudfront.net *.gstatic.com fonts.googleapis.com;
Strict-Transport-Security max-age=60000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.page-source.com
cdn.polyfill.io
cpasselfserve.woohoo.in
d1o7uku192uawx.cloudfront.net
stage.woohoo.in
www.googletagmanager.com
143.204.214.36
2a00:1450:4001:820::2008
2a04:4e42:1b::621
51.255.77.86
54.239.192.128
54.239.192.39
3a04b235c6cadafda20aa6b5db9cb8d10ef5802008fbb13e949899e7e4584c56
3d738368f4022ffa3f34668a5bd032f524b3b5bd080b9032b627dcae66aaf371
4284277e4696a5b82d04d70ae4e5d2d5af02c2b97400d98fe8fcfe4aa8d5a212
66675d4dc2a95a9b87f914eddab7d2dada21afc5cdb43ecee810e04b3378f167
6a78e4a1f2e08a79e050c4abf18ce629fd08f8b267754ca335208ae7bd3aaa2d
6cd039ab1d5613b5b5fa0cd208dcd76b2f1e51b357b1d8b539deb56b05c170d9
72e9beef74cd1d873713b6f2ff363efee1fd7ef29d2e7d36cd55eb172c53c1a2
7ff7a1f1c688a1871fcae155f593f7a0010dcbe6ddd40ec2cfb4c0570efa05ad
86f11ddd1d9e1f99cfa70fed0041ef8ac9471ced0b13f736303bac59d802ed2a
af0e2ad4516ae0945710425c724e6c5fe043063adcf870b09d06d2f43b83123e
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
da701ff04eab3c9a1b1b0fcc90a2d39e9b2fc17850808cad9b70468531c4078b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54289aa0f669f36f9f3ef196616fd516ce38dc3108a43dac9e95b165f4092c4
e7f5388221b80e0c0748c7af826856d54854c2d027867968bf33031c0a34383a
eeeb3c47fc159e5c59deda1cf37d1581320f766a7e83c043e5bd16af732737d4
f8dc057b9c60c353342fdd9d75a5f7c144520b644453fadb4e0872d21265c640
ff24d6a4990a0f54e98221e46fbaeda7c8fb73f616765c4c64bb92b76a6b71b0