urlscan.io logo urlscan.io
SecurityTrails logo

app.prd.citizenplane.com Open in urlscan Pro
13.36.0.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.prd.citizenplane.com/
Effective URL: https://app.prd.citizenplane.com/auth/login
Submission: On February 07 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 16 HTTP transactions. The main IP is 13.36.0.114, located in Paris, France and belongs to AMAZON-02, US. The main domain is app.prd.citizenplane.com.
TLS certificate: Issued by R3 on February 5th 2023. Valid for: 3 months.
This is the only time app.prd.citizenplane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 13.36.0.114 16509 (AMAZON-02)
1 35.201.112.186 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
3 65.9.86.18 16509 (AMAZON-02)
1 2a00:1450:402... 15169 (GOOGLE)
16 7
9    13.36.0.114 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
app.prd.citizenplane.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
3    65.9.86.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-18.ams1.r.cloudfront.net
beacon-v2.helpscout.net
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
9 citizenplane.com
app.prd.citizenplane.com
2 MB
3 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 9771
33 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2037
rs.fullstory.com — Cisco Umbrella Rank: 1950
77 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
352 B
16 5
Domain Requested by
9 app.prd.citizenplane.com 1 redirects app.prd.citizenplane.com
3 beacon-v2.helpscout.net app.prd.citizenplane.com
beacon-v2.helpscout.net
2 www.google-analytics.com app.prd.citizenplane.com
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rs.fullstory.com edge.fullstory.com
1 edge.fullstory.com app.prd.citizenplane.com
16 6

This site contains no links.

Subject Issuer Validity Valid
app.prd.citizenplane.com
R3		 2023-02-05 -
2023-05-06		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.fullstory.com
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
*.helpscout.net
Amazon		 2022-04-18 -
2023-05-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.prd.citizenplane.com/auth/login
Frame ID: 4AAEDA30729300D8E93F37000BB886C0
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login to your private space - CitizenPlane

Page URL History Show full URLs

  1. https://app.prd.citizenplane.com/ HTTP 302
    https://app.prd.citizenplane.com/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

4
Countries

1804 kB
Transfer

5862 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.prd.citizenplane.com/ HTTP 302
    https://app.prd.citizenplane.com/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.prd.citizenplane.com/auth/
Redirect Chain
  • https://app.prd.citizenplane.com/
  • https://app.prd.citizenplane.com/auth/login
787 KB
411 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b266e52df8abfaab2249cdf4e348a2d184193f58000daf04a2fffd51d46bad84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 13:30:11 GMT
etag
"c4b47-EexH5AtdTeDxe0CTIcejcXj5EvE"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
x-envoy-upstream-service-time
48

Redirect headers

date
Tue, 07 Feb 2023 13:30:11 GMT
location
auth/login
strict-transport-security
max-age=15724800; includeSubDomains
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
x-envoy-upstream-service-time
15
069f87b.js
app.prd.citizenplane.com/_nuxt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/_nuxt/069f87b.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
72412d34cb774a43de78c56cc9aacb63e56ce0897c90abaadf6435164e987781
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:11 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:36 GMT
etag
W/"e20-18617b187a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
17
accept-ranges
bytes
20ca413.js
app.prd.citizenplane.com/_nuxt/ 		274 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/_nuxt/20ca413.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
5844ea97ebc350672d6d1260ada5f1653f2fb108b8a31c40a50d7592739449a1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:11 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:36 GMT
etag
W/"448df-18617b187a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
12
accept-ranges
bytes
86f4da2.js
app.prd.citizenplane.com/_nuxt/ 		3 MB
591 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/_nuxt/86f4da2.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
ca2b6cc72022a6234b76f2cfb573a6d604783c2aa8a7d8a645338f9cc7e4d181
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:11 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:36 GMT
etag
W/"2d9cee-18617b187a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
25
accept-ranges
bytes
dc20abb.js
app.prd.citizenplane.com/_nuxt/ 		1 MB
488 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/_nuxt/dc20abb.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
c8a8700c80531a96410a96b89577c629aa429f8585a339241f251d4f0fccc549
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:11 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:36 GMT
etag
W/"15402e-18617b187a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
15
accept-ranges
bytes
7b914be.js
app.prd.citizenplane.com/_nuxt/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/_nuxt/7b914be.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
87cb867403b1d889dca9f7aa7f3dc842277a74c413616e8d4b49db68a0970ffd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:11 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:36 GMT
etag
W/"20a2-18617b187a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
10
accept-ranges
bytes
logo-outline-vertical.bf5e603.svg
app.prd.citizenplane.com/_nuxt/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.prd.citizenplane.com/_nuxt/img/logo-outline-vertical.bf5e603.svg
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
139777f8efc637d205cb28971b2f15ca3df95e144da40b1d491e2a4fc3b4f014
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:11 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:35 GMT
etag
W/"7c9-18617b183b8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
5
accept-ranges
bytes
truncated
/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86f0fba8207948699010e952126819eac9ff6a806ba706fa1b7730aaf4c0966e

Request headers

Referer
Origin
https://app.prd.citizenplane.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0df29781d5d6b22b9801956637be16d9eb2364e2273b9be59b294858cc8033d

Request headers

Referer
Origin
https://app.prd.citizenplane.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
fs.js
edge.fullstory.com/s/ 		265 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/_nuxt/86f4da2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9995cbe566127ffb4effe0da08b0492a80758bca012a9420b1edd1c863fe5244

Request headers

Referer
https://app.prd.citizenplane.com/
Origin
https://app.prd.citizenplane.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 12:36:47 GMT
content-encoding
br
age
3205
x-guploader-uploadid
ADPycdsJM59rKB_t2q2wgKRKeVXLM1UH_JMgRSBd4q6094zlEScbNjDN7Fv_-HjKHSlDPXyAAqJkKmSMLuyxW1pNN-rAuw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78327
last-modified
Wed, 01 Feb 2023 20:03:20 GMT
server
UploadServer
etag
W/"4547e39ca3401fbced8e0e27d0449670"
vary
Accept-Encoding
x-goog-generation
1675281800350652
x-goog-hash
crc32c=y9+62w==, md5=RUfjnKNAH7ztjg4n0ESWcA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
271678
accept-ranges
none
content-type
application/javascript
expires
Tue, 07 Feb 2023 13:36:47 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/_nuxt/dc20abb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Feb 2023 13:12:08 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1084
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Feb 2023 15:12:08 GMT
page
rs.fullstory.com/rec/ 		82 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e17c592e75238b3e499edf2b39e2cf95f8b883ed3546193fe63cb5789f0201e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.prd.citizenplane.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 13:30:12 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://app.prd.citizenplane.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
collect
www.google-analytics.com/j/ 		4 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1049307328&t=pageview&_s=1&dl=https%3A%2F%2Fapp.prd.citizenplane.com%2Fauth%2Flogin&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Login%20to%20your%20private%20space%20-%20CitizenPlane&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1651950393&gjid=404065674&cid=318650395.1675776613&tid=UA-106827785-1&_gid=1278644453.1675776613&_r=1&_slc=1&z=2104648030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.prd.citizenplane.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 13:30:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.prd.citizenplane.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
beacon-v2.helpscout.net/ 		458 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/_nuxt/dc20abb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-18.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5f2e5bcefe1dbde7b2849210cc8c5a42e73f8f605b71e5d9a2893914048a8c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:28:37 GMT
content-encoding
gzip
via
1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:35 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
97
etag
"2daa9b8f974a64dadfb899d6b88c866b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=120, s-maxage=120, public
accept-ranges
bytes
content-length
327
x-amz-cf-id
7aYfpz1SWYlkQBzHNgQHnEHnf7W07vvPPkyf1QWg2Bf8xhEljYO7wA==
2a77e76.js
app.prd.citizenplane.com/_nuxt/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.prd.citizenplane.com/_nuxt/2a77e76.js
Requested by
Host: app.prd.citizenplane.com
URL: https://app.prd.citizenplane.com/_nuxt/069f87b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.36.0.114 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-0-114.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b25a3cf942543436ae560e7acfa952d9172b1a80afcaa29261d3e7d57f736262
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 13:30:12 GMT
content-encoding
gzip
x-envoy-decorator-operation
app.citizenplane.svc.cluster.local:8080/*
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 03 Feb 2023 14:32:36 GMT
etag
W/"70a9-18617b187a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
8
accept-ranges
bytes
collect
stats.g.doubleclick.net/j/ 		1 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-106827785-1&cid=318650395.1675776613&jid=1651950393&gjid=404065674&_gid=1278644453.1675776613&_u=YEBAAEAAAAAAACAAI~&z=1698640702
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.prd.citizenplane.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 Feb 2023 13:30:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.prd.citizenplane.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor.df61c9e9.js
beacon-v2.helpscout.net/static/js/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.df61c9e9.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-18.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd66cf170ac133889da9bf1aeb0f815ed76e2dfd128e4ced3359dbdedb660a80

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 12:26:37 GMT
content-encoding
gzip
via
1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:36 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
3816
etag
"ec4b5e43c72431b1288a8bad8d16351d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
22208
x-amz-cf-id
TRoaMHE1Dlmn7uv-TweWPO7jjRodrpv_IOphi6eOLgkxnbwXtzMwQw==
main.9e1578ca.js
beacon-v2.helpscout.net/static/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.9e1578ca.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-18.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46d429e2fdf7f4fbc84c495aa71b810b359166911dc0a8f388ca0dc3be68e3dd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.prd.citizenplane.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 12:26:37 GMT
content-encoding
gzip
via
1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 12:10:35 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
3816
etag
"daa31355fccebc09900e261285ea8bc2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
content-length
9550
x-amz-cf-id
VdoRAacvfgcqZ7-QQO9gX-Hjy45bdeOTamSzynLH-4dNkcPIdammLQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| _ function| DOMPurify object| __algolia string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized function| Beacon string| GoogleAnalyticsObject function| ga object| $nuxt string| _fs_loaded function| _fs_shutdown object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| beaconJsonp

5 Cookies

Domain/Path Name / Value
app.prd.citizenplane.com/ Name: auth.strategy
Value: local
app.prd.citizenplane.com/ Name: customLayout
Value: {%22layout%22:{%22isFiltersListVisible%22:true}}
.citizenplane.com/ Name: _ga
Value: GA1.2.318650395.1675776613
.citizenplane.com/ Name: _gid
Value: GA1.2.1278644453.1675776613
.citizenplane.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.prd.citizenplane.com
beacon-v2.helpscout.net
edge.fullstory.com
rs.fullstory.com
stats.g.doubleclick.net
www.google-analytics.com
13.36.0.114
2a00:1450:400d:806::200e
2a00:1450:4025:401::9a
35.186.194.58
35.201.112.186
65.9.86.18
139777f8efc637d205cb28971b2f15ca3df95e144da40b1d491e2a4fc3b4f014
46d429e2fdf7f4fbc84c495aa71b810b359166911dc0a8f388ca0dc3be68e3dd
5844ea97ebc350672d6d1260ada5f1653f2fb108b8a31c40a50d7592739449a1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72412d34cb774a43de78c56cc9aacb63e56ce0897c90abaadf6435164e987781
86f0fba8207948699010e952126819eac9ff6a806ba706fa1b7730aaf4c0966e
87cb867403b1d889dca9f7aa7f3dc842277a74c413616e8d4b49db68a0970ffd
9995cbe566127ffb4effe0da08b0492a80758bca012a9420b1edd1c863fe5244
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b25a3cf942543436ae560e7acfa952d9172b1a80afcaa29261d3e7d57f736262
b266e52df8abfaab2249cdf4e348a2d184193f58000daf04a2fffd51d46bad84
bd66cf170ac133889da9bf1aeb0f815ed76e2dfd128e4ced3359dbdedb660a80
c8a8700c80531a96410a96b89577c629aa429f8585a339241f251d4f0fccc549
ca2b6cc72022a6234b76f2cfb573a6d604783c2aa8a7d8a645338f9cc7e4d181
d5f2e5bcefe1dbde7b2849210cc8c5a42e73f8f605b71e5d9a2893914048a8c8
e17c592e75238b3e499edf2b39e2cf95f8b883ed3546193fe63cb5789f0201e4
f0df29781d5d6b22b9801956637be16d9eb2364e2273b9be59b294858cc8033d