urlscan.io logo urlscan.io
SecurityTrails logo

app.usepicasso.com Open in urlscan Pro
104.196.232.237  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.usepicasso.com/
Submission: On February 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 104.196.232.237, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is app.usepicasso.com.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.
This is the only time app.usepicasso.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 104.196.232.237 396982 (GOOGLE-CL...)
5 44.198.94.144 14618 (AMAZON-AES)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
24 3
Apex Domain
Subdomains		 Transfer
19 usepicasso.com
app.usepicasso.com
api.usepicasso.com
1 MB
5 posthog.com
app.posthog.com — Cisco Umbrella Rank: 24589
20 KB
24 2
Domain Requested by
15 app.usepicasso.com app.usepicasso.com
5 app.posthog.com app.usepicasso.com
4 api.usepicasso.com app.usepicasso.com
24 3

This site contains links to these domains. Also see Links.

Domain
usepicasso.com
Subject Issuer Validity Valid
app.usepicasso.com
R3		 2023-02-24 -
2023-05-25		 3 months crt.sh
app.posthog.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-06-30		 4 months crt.sh
*.usepicasso.com
GTS CA 1P5		 2023-02-03 -
2023-05-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.usepicasso.com/
Frame ID: C2DE971F1AE973117AF1AACAFC092B30
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Picasso

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Page Statistics

24
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1498 kB
Transfer

5411 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.usepicasso.com/ 		2 KB
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
76b55dfbeac6e7d34372c33cfe4ba4c27619f50933c2cb0f9186dceeb63755ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-disposition
inline; filename="index.html"
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 16:30:41 GMT
etag
"0d3aa57233c18cd9eef23efbb254bcbfa03aeabf"
server
railway
vary
Accept-Encoding
x-envoy-upstream-service-time
4
index.44ae1422.js
app.usepicasso.com/assets/ 		2 MB
471 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/index.44ae1422.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
b3e9f5810c346e2e3a5ecae9ff9fb60f66b5ff4d727c878d08567fd76673b22d

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"db294c6bab00b7c5a519c6eba0042a3caac98f81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
8
content-disposition
inline; filename="index.44ae1422.js"
accept-ranges
bytes
framer.e4712f1f.js
app.usepicasso.com/assets/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/framer.e4712f1f.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
d97162a2ddb4fa5030ef5ffb4e30ff792b05a5a56deedfa97657430378cd1a8c

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"426d46676f2a563f09453c602edb4d41b0d67f63"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
11
content-disposition
inline; filename="framer.e4712f1f.js"
accept-ranges
bytes
antdicons.18fcc606.js
app.usepicasso.com/assets/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/antdicons.18fcc606.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
2e344c5a6b082cdf6a08383063f59d9f83c9419a0bf18a25b41440d502d44588

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"032332f26dbaac6dc61a3cd138339ec4391c5642"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
10
content-disposition
inline; filename="antdicons.18fcc606.js"
accept-ranges
bytes
moment.849c9289.js
app.usepicasso.com/assets/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/moment.849c9289.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
0079b3696509100c18a973defb9ac348460b14f0a71d1212fb648f92d7a01cd4

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"4cc6afa6c7ad2280578778fb8789b53ce8aed367"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
11
content-disposition
inline; filename="moment.849c9289.js"
accept-ranges
bytes
antd.3948c7c4.js
app.usepicasso.com/assets/ 		1 MB
350 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/antd.3948c7c4.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
47be2616a89953b9393601ff4d25740d660f63fdcd869b32b429f42e79d2ae30

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"d145c6ca1ddd4c939c8bbb659257795c74d6db6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
11
content-disposition
inline; filename="antd.3948c7c4.js"
accept-ranges
bytes
sortable.b07cdcb6.js
app.usepicasso.com/assets/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/sortable.b07cdcb6.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
f8022060acfcbfa6be3f64710a39b4784e0f2017a9a87fd775bb14ad75744fff

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"6b330309aa13f451d5b657601547e5c0ccca3291"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
8
content-disposition
inline; filename="sortable.b07cdcb6.js"
accept-ranges
bytes
shared.373390b4.js
app.usepicasso.com/assets/ 		125 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/shared.373390b4.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
cc791a96285cfa714da879a6300371b4f0f2f477b08ee6b702749cf4bc035636

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
server
railway
etag
"d7e6416f9208903fc8b2105ad5cfc22120877a50"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
8
content-disposition
inline; filename="shared.373390b4.js"
accept-ranges
bytes
content-length
125
pdf.f4005048.js
app.usepicasso.com/assets/ 		626 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/pdf.f4005048.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
7e2f5870473b931a23c55d441d05ebe0938b8afba11db6073f5fabf3e9152110

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"ff2e390cae3864accd6dd48db74ea2d7ab0854df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
13
content-disposition
inline; filename="pdf.f4005048.js"
accept-ranges
bytes
misc.9354a5f3.js
app.usepicasso.com/assets/ 		158 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/misc.9354a5f3.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
ddab86844118a52e29ee80726eedbfd49252bbb784070d41d995d8d1c5f17506

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"289fb7d910e6467e88f5fa938693f167024b163e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
14
content-disposition
inline; filename="misc.9354a5f3.js"
accept-ranges
bytes
editor.d762a30e.js
app.usepicasso.com/assets/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/editor.d762a30e.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
90c5c74739dae6c5ef971abb68267c4dd024928f1b883edaaefaaac572dec17d

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"d214f341f815537da5826449368509d04027361f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
537
content-disposition
inline; filename="editor.d762a30e.js"
accept-ranges
bytes
password.4625ebd9.js
app.usepicasso.com/assets/ 		576 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/password.4625ebd9.js
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
be02526dd0ac57293a25edeabe2780884e3ce4f341cd3150b5efc2329e525c09

Request headers

Referer
https://app.usepicasso.com/
Origin
https://app.usepicasso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"90aa3d052b371ab1ca9a7f165ab6f8715ff46e56"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
536
content-disposition
inline; filename="password.4625ebd9.js"
accept-ranges
bytes
shared.6c5ea72d.css
app.usepicasso.com/assets/ 		586 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/shared.6c5ea72d.css
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
6c5ea72db1c99476cd53614a673ceb08f66ee0d589251558f57e31e2724abcee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.usepicasso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"41eb565d5272100e7d881d661b3e4748fbf121a1"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-envoy-upstream-service-time
536
content-disposition
inline; filename="shared.6c5ea72d.css"
accept-ranges
bytes
index.98e15911.css
app.usepicasso.com/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.usepicasso.com/assets/index.98e15911.css
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
98e1591114e12c96ac864cbb49acc2da96861768b3784970b464975f8162900d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.usepicasso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:42 GMT
content-encoding
gzip
server
railway
etag
"b947f17e34d0fd6ae18066e1a739979eaa913975"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-envoy-upstream-service-time
536
content-disposition
inline; filename="index.98e15911.css"
accept-ranges
bytes
/
app.posthog.com/e/ 		13 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/e/?ip=1&_=1677256243666&ver=1.32.4
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.94.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-94-144.compute-1.amazonaws.com
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.usepicasso.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 Feb 2023 16:30:44 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.usepicasso.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
/
app.posthog.com/decide/ 		290 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/decide/?v=2&ip=1&_=1677256243666&ver=1.32.4
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.94.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-94-144.compute-1.amazonaws.com
Software
/
Resource Hash
590266f0240875cf6104263c714595f309ebb731ac5a9695c71460e68adefa56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.usepicasso.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 24 Feb 2023 16:30:44 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.usepicasso.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
graphql.msgpack
api.usepicasso.com/api/internal/ 		51 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usepicasso.com/api/internal/graphql.msgpack
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34c73a4ee63546cb2f1f9152a8adf34b93a491e4e97da3deae296b11beb41ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://app.usepicasso.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Feb 2023 16:30:44 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-envoy-upstream-service-time
97
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51
x-xss-protection
0
x-request-id
efee0407-c9a3-416f-b2ea-3951f5c22f55
x-runtime
0.093757
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a1c071aa1c13f7d6f30db14bbc4fd9b6"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1728000
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB6znzHvApWYvmLYysZM32q2ba0htesaGxeBg%2FlnmVJAqCsyO4%2FmQc%2Br6D280eaVCr3VA3JtdelwgSCjsW1Zb0GJUb5ONoKC5mPw38eu8P6QuTNZi%2B21BuIxRl1aU%2FhZAkEMIMvoYNWkcygCW9mgbAw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
access-token, expiry, token-type, client, uid
cache-control
max-age=0, private, must-revalidate
content-type
application/x-msgpack; charset=utf-8
vary
Origin
cf-ray
79e996675b68bba9-FRA
access-control-allow-headers
*
graphql.msgpack
api.usepicasso.com/api/internal/ 		20 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.usepicasso.com/api/internal/graphql.msgpack
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dd51c31856dcbfa66c97b5fd4a41128eb47777bb006339a6d85d4cb974dd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://app.usepicasso.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Feb 2023 16:30:44 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-envoy-upstream-service-time
98
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20
x-xss-protection
0
x-request-id
bfb27d89-960c-45da-b8e8-a5b46d94fdf1
x-runtime
0.096614
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5bd3e2b97a6617d2e46225b9cb159a50"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
1728000
access-control-allow-methods
*
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P958oGYYSJ1COEDuGtLAqAribewUGHyfTjUZUL8%2Be%2Fq5t26YpCUNrsgWjKgkit56g44tmfw5Zq6wqEQjIftt%2BzkGbqcMJTeTXW4mhE1qi56dlLqoBw8%2BMVX02ygf3JjL7FDr8BJ5oB1ukuaMa7aISUw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
access-token, expiry, token-type, client, uid
cache-control
max-age=0, private, must-revalidate
content-type
application/x-msgpack; charset=utf-8
vary
Origin
cf-ray
79e996675b6abba9-FRA
access-control-allow-headers
*
graphql.msgpack
api.usepicasso.com/api/internal/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usepicasso.com/api/internal/graphql.msgpack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.usepicasso.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-token, expiry, token-type, client, uid
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79e996644df7bba9-FRA
content-length
0
date
Fri, 24 Feb 2023 16:30:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvnnCirzdNElgj7yg%2B425JoN%2FiYeO0lrdwQhiGpkc7RwM9Z4XJvOI6wcCQwKeCiBrbAceQwUFGi0r%2B%2FP8P8fGtFGuPoa3sfDiO9M1XWzWEYM%2BEyWaz38npTNkzXLGUwcqgDhMduYNvamYvW5pRGJSqU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-envoy-upstream-service-time
5
graphql.msgpack
api.usepicasso.com/api/internal/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usepicasso.com/api/internal/graphql.msgpack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.usepicasso.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
access-token, expiry, token-type, client, uid
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79e996644dfcbba9-FRA
content-length
0
date
Fri, 24 Feb 2023 16:30:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74elS4NgCvIm0ES%2Fu57gqCddQlfVZhEelzV5SfZvuKYGfKJ%2FNqp3C%2BDw7eOpGw6p4E4gqhFDNZI0IdLig5R6bvsDRXK1bSZgI9nb24yA2MVmxO3zZZqGgOL6BJvDTtvR5uFPr0NJoXYZMDThLm2Rst8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-envoy-upstream-service-time
7
recorder.js
app.posthog.com/static/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/recorder.js?v=1.32.4
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.94.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-94-144.compute-1.amazonaws.com
Software
/
Resource Hash
0677ef13bf643a99b224854ecb9c1e5a651288dc3e5b0b3df37932ffee427361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.usepicasso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Fri, 24 Feb 2023 14:28:00 GMT
etag
"63f8c970-e405"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=31536000, public
content-length
18382
color.a6680603.svg
app.usepicasso.com/assets/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usepicasso.com/assets/color.a6680603.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.232.196.104.bc.googleusercontent.com
Software
railway /
Resource Hash
a668060325a18295a09c00d8c575c489e3db199c68672e0f300bc5ec2891b94c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.usepicasso.com/auth/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 16:30:44 GMT
content-encoding
gzip
server
railway
etag
"6a8df9c6df022a07fa93a8e9fd87475ea7f98e48"
vary
Accept-Encoding
content-type
image/svg+xml
x-envoy-upstream-service-time
3
content-disposition
inline; filename="color.a6680603.svg"
accept-ranges
bytes
/
app.posthog.com/s/ 		13 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1677256246729&ver=1.32.4
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.94.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-94-144.compute-1.amazonaws.com
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.usepicasso.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Feb 2023 16:30:47 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.usepicasso.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
/
app.posthog.com/e/ 		13 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/e/?compression=gzip-js&ip=1&_=1677256246732&ver=1.32.4
Requested by
Host: app.usepicasso.com
URL: https://app.usepicasso.com/assets/index.44ae1422.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.94.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-94-144.compute-1.amazonaws.com
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.usepicasso.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Feb 2023 16:30:47 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.usepicasso.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| PubSub function| isOldIE function| isIE object| auth object| Prism object| rrweb object| rrwebConsoleRecord

1 Cookies

Domain/Path Name / Value
.usepicasso.com/ Name: ph_phc_GUokAn1TkZuQYirR8lYJRmNcu24or0SB7ZjWGfziSwR_posthog
Value: %7B%22distinct_id%22%3A%22186844339ca3ac-0a24c3408fe278-6f385457-1d4c00-186844339cb1bee%22%2C%22%24device_id%22%3A%22186844339ca3ac-0a24c3408fe278-6f385457-1d4c00-186844339cb1bee%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1677256244697%2C%22186844339cdbff-0b712ef39edb56-6f385457-1d4c00-186844339ce1b91%22%2C1677256243661%5D%2C%22%24session_recording_enabled_server_side%22%3Atrue%2C%22%24console_log_recording_enabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usepicasso.com
app.posthog.com
app.usepicasso.com
104.196.232.237
2a06:98c1:3121::c
44.198.94.144
0079b3696509100c18a973defb9ac348460b14f0a71d1212fb648f92d7a01cd4
0677ef13bf643a99b224854ecb9c1e5a651288dc3e5b0b3df37932ffee427361
2e344c5a6b082cdf6a08383063f59d9f83c9419a0bf18a25b41440d502d44588
30dd51c31856dcbfa66c97b5fd4a41128eb47777bb006339a6d85d4cb974dd07
47be2616a89953b9393601ff4d25740d660f63fdcd869b32b429f42e79d2ae30
590266f0240875cf6104263c714595f309ebb731ac5a9695c71460e68adefa56
6c5ea72db1c99476cd53614a673ceb08f66ee0d589251558f57e31e2724abcee
76b55dfbeac6e7d34372c33cfe4ba4c27619f50933c2cb0f9186dceeb63755ac
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7e2f5870473b931a23c55d441d05ebe0938b8afba11db6073f5fabf3e9152110
90c5c74739dae6c5ef971abb68267c4dd024928f1b883edaaefaaac572dec17d
98e1591114e12c96ac864cbb49acc2da96861768b3784970b464975f8162900d
a668060325a18295a09c00d8c575c489e3db199c68672e0f300bc5ec2891b94c
b3e9f5810c346e2e3a5ecae9ff9fb60f66b5ff4d727c878d08567fd76673b22d
be02526dd0ac57293a25edeabe2780884e3ce4f341cd3150b5efc2329e525c09
c34c73a4ee63546cb2f1f9152a8adf34b93a491e4e97da3deae296b11beb41ef
cc791a96285cfa714da879a6300371b4f0f2f477b08ee6b702749cf4bc035636
d97162a2ddb4fa5030ef5ffb4e30ff792b05a5a56deedfa97657430378cd1a8c
ddab86844118a52e29ee80726eedbfd49252bbb784070d41d995d8d1c5f17506
f8022060acfcbfa6be3f64710a39b4784e0f2017a9a87fd775bb14ad75744fff