URL: https://citizen-portal.ducky.eco/
Submission: On March 19 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 5 domains to perform 41 HTTP transactions. The main IP is 34.120.215.29, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is citizen-portal.ducky.eco.
TLS certificate: Issued by GTS CA 1D4 on January 20th 2023. Valid for: 3 months.
This is the only time citizen-portal.ducky.eco was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.120.215.29 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
11 108.138.23.183 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 18.157.122.248 16509 (AMAZON-02)
1 2600:1901:0:c... 15169 (GOOGLE)
3 34.95.127.37 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 35.165.201.71 16509 (AMAZON-02)
41 11
Apex Domain
Subdomains
Transfer
16 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
firestore.googleapis.com — Cisco Umbrella Rank: 1833
2 KB
13 mapbox.com
api.mapbox.com — Cisco Umbrella Rank: 3622
events.mapbox.com — Cisco Umbrella Rank: 4077
93 KB
6 ducky.eco
citizen-portal.ducky.eco
sentry.ducky.eco
static.ducky.eco
5 MB
3 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 18813
folketsfotavtrykk.matomo.cloud
58 KB
1 gstatic.com
fonts.gstatic.com
16 KB
41 5
Domain Requested by
15 firestore.googleapis.com citizen-portal.ducky.eco
11 api.mapbox.com citizen-portal.ducky.eco
3 static.ducky.eco citizen-portal.ducky.eco
2 events.mapbox.com citizen-portal.ducky.eco
2 folketsfotavtrykk.matomo.cloud cdn.matomo.cloud
2 citizen-portal.ducky.eco citizen-portal.ducky.eco
1 fonts.gstatic.com fonts.googleapis.com
1 sentry.ducky.eco citizen-portal.ducky.eco
1 cdn.matomo.cloud citizen-portal.ducky.eco
1 fonts.googleapis.com citizen-portal.ducky.eco
41 10
Subject Issuer Validity Valid
citizen-portal.ducky.eco
GTS CA 1D4
2023-01-20 -
2023-04-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
api.mapbox.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-04
10 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M01
2023-02-24 -
2023-12-25
10 months crt.sh
*.matomo.cloud
Amazon RSA 2048 M01
2023-02-10 -
2023-08-19
6 months crt.sh
sentry.ducky.eco
GTS CA 1D4
2023-02-13 -
2023-05-15
3 months crt.sh
static.duckytest.no
GTS CA 1D4
2023-03-19 -
2023-06-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
edgecert.googleapis.com
GTS CA 1C3
2023-03-02 -
2023-05-25
3 months crt.sh
events.mapbox.com
GeoTrust RSA CA 2018
2023-02-23 -
2024-03-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://citizen-portal.ducky.eco/
Frame ID: F2F7C568D209F4FA36402BC95E710D0C
Requests: 46 HTTP requests in this frame

Screenshot

Page Title

Folkets Fotavtrykk

Detected technologies

Overall confidence: 100%
Detected patterns
  • mapbox-gl.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

41
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

10
Subdomains

11
IPs

2
Countries

4802 kB
Transfer

5999 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
citizen-portal.ducky.eco/
2 KB
2 KB
Document
General
Full URL
https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.215.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.215.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
95e5a0d63ee09422dc82db3709d7ad329cab91807b6a9551eb8f3becfce635bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache,max-age=0
content-length
2018
content-type
text/html
date
Sun, 19 Mar 2023 09:40:56 GMT
etag
"263aa5aa3ec894e9a8bc1fbf43091118"
expires
Sun, 19 Mar 2023 09:40:56 GMT
last-modified
Tue, 01 Feb 2022 14:23:08 GMT
server
UploadServer
x-goog-generation
1643725388095917
x-goog-hash
crc32c=vQ23Dw== md5=Jjqlqj7IlOmovB+/QwkRGA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2018
x-guploader-uploadid
ADPycdtiHlyUgidw_e2lT4iPUt17CZgUht-ch0_NwJdCkbHi-RgewTKd4yzfpNkT_wOtenRYWYbJS5IXCFhN3ZM81fpkzev9osPi
css2
fonts.googleapis.com/
1 KB
834 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Hind&display=swap
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a91da1492128f2befa9ab420c6676625da9ecc5482f9b3c669bea42ed80ac4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 Mar 2023 09:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 Mar 2023 09:39:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Mar 2023 09:40:56 GMT
mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v2.3.1/
34 KB
5 KB
Stylesheet
General
Full URL
https://api.mapbox.com/mapbox-gl-js/v2.3.1/mapbox-gl.css
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 23:50:36 GMT
Content-Encoding
gzip
Via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Age
13081820
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon Jun 21 2021 20:13:25 GMT+0000 (Coordinated Universal Time)
ETag
"e1c40426e607d9e6076e76417e51eef5"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Id
wMUtMkZKhkD0PECH2QjXvzWMVyVLtE7wLdl-PR67FbDL_s3N2DkqnA==
bundle.f7a7b22a5a5828fcb13d.js
citizen-portal.ducky.eco/
4 MB
4 MB
Script
General
Full URL
https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.215.29 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
29.215.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c06813115c02c8e2dd7e427e8ff32f632e66e7f59a6727b7b341a4074316357c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:40:56 GMT
x-guploader-uploadid
ADPycds2m7YngFTQI3A0pY2MJxuw3FTMP2kOWhVJisBOFEbJLuhHOOnbB1kYIo3Msx1cMA8Zw0s0WnxK4Z-XXJw9NlY4jA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4706957
last-modified
Tue, 01 Feb 2022 14:23:04 GMT
server
UploadServer
etag
"87d026fdba552f8d0974b2cb0422e6de"
x-goog-generation
1643725384010640
content-type
application/javascript
x-goog-hash
crc32c=zx4AkQ==, md5=h9Am/bpVL40JdLLLBCLm3g==
cache-control
public, max-age=3600
x-goog-stored-content-length
4706957
accept-ranges
bytes
expires
Sun, 19 Mar 2023 10:40:56 GMT
matomo.js
cdn.matomo.cloud/folketsfotavtrykk.matomo.cloud/
199 KB
58 KB
Script
General
Full URL
https://cdn.matomo.cloud/folketsfotavtrykk.matomo.cloud/matomo.js
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 07:11:55 GMT
x-amz-version-id
C78x2zd3yn1qkndjtKy47giEnPH3QPkF
content-encoding
gzip
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
8942
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 07 Feb 2023 02:08:41 GMT
server
AmazonS3
etag
W/"3e98a39e2d8f2b464999b40df3c2172d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
XKJ55csLvQDHA5xu6fOYVB4_8ra_1Bdx04wHVaUYgHxncwfevDXRqg==
matomo.php
folketsfotavtrykk.matomo.cloud/
0
174 B
Ping
General
Full URL
https://folketsfotavtrykk.matomo.cloud/matomo.php?action_name=Folkets%20Fotavtrykk&idsite=1&rec=1&r=564731&h=9&m=40&s=56&url=https%3A%2F%2Fcitizen-portal.ducky.eco%2F&_id=396acc66ed09bd7e&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=ZRSkXH&pf_net=47&pf_srv=42&pf_tfr=1&pf_dm1=94&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/folketsfotavtrykk.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://citizen-portal.ducky.eco
date
Sun, 19 Mar 2023 09:40:57 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
configs.php
folketsfotavtrykk.matomo.cloud/plugins/HeatmapSessionRecording/
116 B
291 B
Script
General
Full URL
https://folketsfotavtrykk.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=bh3QNS&url=https%3A%2F%2Fcitizen-portal.ducky.eco%2F
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/folketsfotavtrykk.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b2a035a239c5d6d7cc34ff13b99ddcf0a5dd3b9a015b4c7d6c0771622a33f77e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:40:56 GMT
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
/
sentry.ducky.eco/api/2/envelope/
2 B
224 B
Fetch
General
Full URL
https://sentry.ducky.eco/api/2/envelope/?sentry_key=9260c547178c4cfcac599309c9191188&sentry_version=7
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cd35:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 19 Mar 2023 09:40:57 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://citizen-portal.ducky.eco
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/webp
ducky-logo.svg
static.ducky.eco/citizen-portal/img/
9 KB
9 KB
Image
General
Full URL
https://static.ducky.eco/citizen-portal/img/ducky-logo.svg
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e02c5dfae265e14bdbc261d85f37a42d220d39d28e66d36e5ced9c68589c7a82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:40:58 GMT
x-guploader-uploadid
ADPycdt4zcywEPXHImVb1lp74XPgkLptZY_1eoCfCEkTqGd9LVmDnujXqvLb7OHn0kWiSw2Cmj6_GWaMYj-VQJ4kSrzqmvz0-zMy
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9101
last-modified
Tue, 25 May 2021 11:03:58 GMT
server
UploadServer
etag
"d8cc9c903381132d9d70542b7bc315ec"
x-goog-generation
1621940638532690
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=zVGLkA==, md5=2MyckDOBEy2dcFQre8MV7A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
9101
accept-ranges
bytes
expires
Sun, 19 Mar 2023 10:40:58 GMT
tieto-evry-logo.svg
static.ducky.eco/citizen-portal/img/
15 KB
15 KB
Image
General
Full URL
https://static.ducky.eco/citizen-portal/img/tieto-evry-logo.svg
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc8b76612b2995d5109074b9de4ae27d513477db97839e4512de3ef5c786a300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:40:58 GMT
x-guploader-uploadid
ADPycdsjT3HtdAMZRckOQvMtjNCId3_IEQgML93OCSw2LiSDF5pEBO9pQaSkW8II4WSbsr-OZ7lbVD-F_ZQ5C6Njk2lZ9zVfQaUh
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15429
last-modified
Tue, 25 May 2021 13:20:55 GMT
server
UploadServer
etag
"db3cf5dc56255500a4005cbc0e30d7b6"
x-goog-generation
1621948855623210
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=ZzvMqw==, md5=2zz13FYlVQCkAFy8DjDXtg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
15429
accept-ranges
bytes
expires
Sun, 19 Mar 2023 10:40:58 GMT
asplan-viak-logo.svg
static.ducky.eco/citizen-portal/img/
5 KB
5 KB
Image
General
Full URL
https://static.ducky.eco/citizen-portal/img/asplan-viak-logo.svg
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.127.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.127.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ddbc39ae4bd460f9ac4ee60081eaabb98d411d8297bed625b3fe7f5df0172c4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:40:58 GMT
x-guploader-uploadid
ADPycdvZAIbjgMIWLf5otWk2sL-R9J6gzGWl-beSPMSrwjKGSZpVn5K9SWjxOhG_zvjb4ct40O4AJbfy-nzBxH-bka6owHqxK8vp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4729
last-modified
Tue, 25 May 2021 13:20:59 GMT
server
UploadServer
etag
"834573a898408eeae79af8d375355d20"
x-goog-generation
1621948859294793
content-type
image/svg+xml
access-control-allow-origin
*
x-goog-hash
crc32c=vIzt7w==, md5=g0VzqJhAjurnmvjTdTVdIA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
4729
accept-ranges
bytes
expires
Sun, 19 Mar 2023 10:40:58 GMT
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Hind&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://citizen-portal.ducky.eco
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 13:53:39 GMT
x-content-type-options
nosniff
age
330439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16216
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Mar 2024 13:53:39 GMT
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
54 B
457 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&RID=69755&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F9.0.0%0D%0AContent-Type%3Atext%2Fplain%0D%0AX-Firebase-GMPID%3A1%3A130085596311%3Aweb%3A9319745c70600c310c0dd2%0D%0A&zx=sxayv3vwn3cr&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23a9e22ec16e350473b52473f75f414c217af421f179530eaf0bce35ca8adc99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
132 KB
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&VER=8&RID=rpc&SID=gaLYOBN0ZuHjglA8JXKYKg&CI=0&AID=0&TYPE=xmlhttp&zx=yejyrztpacmx&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 09:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69756&AID=10&zx=r16b4wb7gvga&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d87b337a42db16e2991a37811cd2201385a2b591792bbfc0c055119a9e73ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69757&AID=10&zx=rmbym79i4a0m&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d87b337a42db16e2991a37811cd2201385a2b591792bbfc0c055119a9e73ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69758&AID=10&zx=vy86lzyfk5g7&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d87b337a42db16e2991a37811cd2201385a2b591792bbfc0c055119a9e73ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69759&AID=10&zx=a0ir8fjup9py&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d87b337a42db16e2991a37811cd2201385a2b591792bbfc0c055119a9e73ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69760&AID=10&zx=87o42m924ykt&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
024d4073eefbcc0673bb46b6a086b8511c60ae08294366d6d04e08e1b7ae4487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69761&AID=10&zx=x11blegp23x&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5102bad39c4d0ea65f5549c474b2b0134ea6e2848d40209b4cee766732fcc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69762&AID=10&zx=x4y3re82z755&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
394f4401490f1b28f8cb6b8b6ff796beb9fd5923ce65a2acdc633995bf8a37d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69763&AID=10&zx=7wnlzon22mkz&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
482cdcd6c7d48407c0f18a3465fe46e0569e0569a028713c49962003c6606ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69764&AID=10&zx=wrv54f3ctt1o&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
482cdcd6c7d48407c0f18a3465fe46e0569e0569a028713c49962003c6606ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69765&AID=10&zx=8gjwi4e8292k&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
482cdcd6c7d48407c0f18a3465fe46e0569e0569a028713c49962003c6606ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
ckqglr1gy089r17rse4v7oumn
api.mapbox.com/styles/v1/tanguyducky/
26 KB
4 KB
Fetch
General
Full URL
https://api.mapbox.com/styles/v1/tanguyducky/ckqglr1gy089r17rse4v7oumn?access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
86848aa76a0f1d29ea83067d1efd55a0730062c80662e67ebc6c30d9206a39a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 09:41:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Origin
mbx-styles
Via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
X-Cache
Miss from cloudfront
Connection
keep-alive
Referrer-Policy
origin
ETag
W/"67b2-7ZdleVwO/74vuid9SKC7UE80hnY"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
Cache-Control
max-age=900
Timing-Allow-Origin
*
X-Amz-Cf-Id
uotDi_xCYjZKj5ORlPRIZINntwMg36cHsit2KZGOdVWTR6lBrFS9Ug==
truncated
/
298 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
887f3da94ece8d5a0acc4a2155752c27b6507db31e8ac6c031d6c650489827e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
200 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20c3ba9a8f0521e4d925123f1a7b6f06929c12f6c12bb37a009d13d1da122ea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55267b902f2b70ea0cf72ab2b4e77addb82bd9da964d97997babf48fc411e872

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
1f337db9-1dd3-4755-b76e-8aaa1f68dcf8
https://citizen-portal.ducky.eco/
402 KB
0
Other
General
Full URL
blob:https://citizen-portal.ducky.eco/1f337db9-1dd3-4755-b76e-8aaa1f68dcf8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d13d7d236e3051c54fbcba347e343f6a37e89b6a649fb72b35f39be57ee9554d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
411796
Content-Type
text/javascript
1f337db9-1dd3-4755-b76e-8aaa1f68dcf8
https://citizen-portal.ducky.eco/
402 KB
0
Other
General
Full URL
blob:https://citizen-portal.ducky.eco/1f337db9-1dd3-4755-b76e-8aaa1f68dcf8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d13d7d236e3051c54fbcba347e343f6a37e89b6a649fb72b35f39be57ee9554d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
411796
Content-Type
text/javascript
truncated
/
428 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bd6af1ebc99612fc7f621f3bac91c3af940b690cbd7ba46c1b138e9a2828507

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69766&AID=43&zx=6yb25qyejxm3&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a80c5c2ae8422a615174788f0bca5a162bde71c1e1e01f11d4267cd1985f053c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
mapbox.mapbox-terrain-v2,mapbox.mapbox-streets-v8,tanguyducky.cksrmvj3l0l9027nysning25c-36ss3,tanguyducky.cktingppj1kpj27nsvg0wn4oe-924a4,tanguyducky.cksrmvsp50kwd21tdr1kaz50k-112s0,tanguyducky.ckt...
api.mapbox.com/v4/
20 KB
5 KB
Fetch
General
Full URL
https://api.mapbox.com/v4/mapbox.mapbox-terrain-v2,mapbox.mapbox-streets-v8,tanguyducky.cksrmvj3l0l9027nysning25c-36ss3,tanguyducky.cktingppj1kpj27nsvg0wn4oe-924a4,tanguyducky.cksrmvsp50kwd21tdr1kaz50k-112s0,tanguyducky.ckt8gkgvv1vuv23mnftc52q08-86jxq,tanguyducky.cksrmvbke01as28l92gcdd2rr-50gut.json?secure&access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
f80a363398b4e3aed579e82f80679a4922527da62e5d18b0aac40fd972545bd8

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 09:41:00 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
100000
Via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Thu, 18 Nov 2021 15:49:17 GMT
X-Rate-Limit-Interval
60
ETag
"218e6c7889191ee6a383290ba00ecc82"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
X-Rate-Limit-Reset
1679218920
Cache-Control
max-age=43200,s-maxage=300
Timing-Allow-Origin
*
X-Amz-Cf-Id
wYROFP5SiOxPDy0VRJClTlMG5Hd9iT6XTcFUMAiyD6QCowot6Pmr4g==
sprite.json
api.mapbox.com/styles/v1/tanguyducky/ckqglr1gy089r17rse4v7oumn/5kwqy6waqfocafexess0ehaii/
29 KB
4 KB
Fetch
General
Full URL
https://api.mapbox.com/styles/v1/tanguyducky/ckqglr1gy089r17rse4v7oumn/5kwqy6waqfocafexess0ehaii/sprite.json?access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
7f154afe44c8aca6f13f56af60a876b4280c9ec3089ca7dba416f4d7cf5c7b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 12:32:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Origin
mbx-styles
Via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Age
594538
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
X-Cache
Hit from cloudfront
Connection
keep-alive
Referrer-Policy
origin
ETag
"sprite-4.5.8-v1/5kwqy6waqfocafexess0ehaii"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
Cache-Control
max-age=31536000
Timing-Allow-Origin
*
X-Amz-Cf-Id
9KRbguniGeWtcCrf5n3auE3kkCnhlrD59jpatfoXETCd_aaEVlKhDA==
sprite.png
api.mapbox.com/styles/v1/tanguyducky/ckqglr1gy089r17rse4v7oumn/5kwqy6waqfocafexess0ehaii/
30 KB
30 KB
Fetch
General
Full URL
https://api.mapbox.com/styles/v1/tanguyducky/ckqglr1gy089r17rse4v7oumn/5kwqy6waqfocafexess0ehaii/sprite.png?access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
fc0be72e75cf76839e6d9139871410c28cb89e2158572be69a489ba652052a67

Request headers

accept
image/webp,*/*
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 12:32:02 GMT
Via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
X-Origin
mbx-styles
X-Amz-Cf-Pop
FRA56-P7
Age
594538
ETag
"sprite-4.5.8-v1/5kwqy6waqfocafexess0ehaii"
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
Cache-Control
max-age=31536000
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
30691
X-Amz-Cf-Id
2n52e3MgkL5LhzvMWWr53buRTxJ7x5bl3tpjO0GRsIlrT6kndmP5Tg==
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69767&AID=61&zx=ckoy1qss3puq&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e0490524931c8dda222b7653fcaa084393c362a23d2ec457a0d4f20a6795e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
11 B
51 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fcitizen-portal-prod%2Fdatabases%2F(default)&VER=8&gsessionid=mEsQwvLRPjj9yJKoHAODU4eYnovt4rh0jsj4pATtyHs&SID=gaLYOBN0ZuHjglA8JXKYKg&RID=69768&AID=61&zx=p0cw0zk8araf&t=1
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e0490524931c8dda222b7653fcaa084393c362a23d2ec457a0d4f20a6795e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 19 Mar 2023 09:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://citizen-portal.ducky.eco
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
v2
events.mapbox.com/events/
0
76 B
Fetch
General
Full URL
https://events.mapbox.com/events/v2?access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.201.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-201-71.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 19 Mar 2023 09:41:01 GMT
x-powered-by
Express
0-255.pbf
api.mapbox.com/fonts/v1/mapbox/DIN%20Pro%20Regular,Arial%20Unicode%20MS%20Regular/
67 KB
37 KB
Fetch
General
Full URL
https://api.mapbox.com/fonts/v1/mapbox/DIN%20Pro%20Regular,Arial%20Unicode%20MS%20Regular/0-255.pbf?access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
09078019a9471d3ce12800a999af301f05dfb730fb974a1e572142ceda9443a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citizen-portal.ducky.eco/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sat, 03 Sep 2022 00:47:53 GMT
Content-Encoding
gzip
Via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Origin
Mbx-Fonts
X-Amz-Cf-Pop
FRA56-P7
Age
17052788
ETag
W/"9381-SLipJvr+Rq1bv9MIBVb1HAUP+3c"
X-Cache
Hit from cloudfront
Content-Type
application/x-protobuf
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
37761
X-Amz-Cf-Id
JEUfqtFL9yvfKiWyxf6sen18tMca7in_5CuDyPs7qEm1Wg3SGMJwnw==
tanguyducky.agm6zneu.json
api.mapbox.com/v4/
2 KB
2 KB
Fetch
General
Full URL
https://api.mapbox.com/v4/tanguyducky.agm6zneu.json?secure&access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
1e9a36fe2a085ed5f359bc146d578752801a97fefeb78419111fa0da6b0e8d33

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 09:41:02 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
100000
Via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Fri, 03 Mar 2023 10:12:32 GMT
X-Rate-Limit-Interval
60
ETag
"80ac927d57b29bf6aa7e9a6e89476756"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
X-Rate-Limit-Reset
1679218922
Cache-Control
max-age=43200,s-maxage=300
Timing-Allow-Origin
*
X-Amz-Cf-Id
y_JlKHPu5Yvgwi8RLiajWdXp4ZQbftqTaRhkymMC6XiVANJ-WPPyfA==
tanguyducky.2indoqcq.json
api.mapbox.com/v4/
2 KB
2 KB
Fetch
General
Full URL
https://api.mapbox.com/v4/tanguyducky.2indoqcq.json?secure&access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
544fb53ee11c95c178f237dc7365f769942842ab9056444ca08e7715beaafef9

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 09:41:02 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
100000
Via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Fri, 03 Mar 2023 10:12:41 GMT
X-Rate-Limit-Interval
60
ETag
"6b7a0c644c2b391241adfa55859e46e0"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
X-Rate-Limit-Reset
1679218922
Cache-Control
max-age=43200,s-maxage=300
Timing-Allow-Origin
*
X-Amz-Cf-Id
z9QhaaE1u7xibKbBC6Gb7avtga7vvrNwx9MwghwHoQMlAb3vyIUWUg==
tanguyducky.al1pgt4h.json
api.mapbox.com/v4/
2 KB
2 KB
Fetch
General
Full URL
https://api.mapbox.com/v4/tanguyducky.al1pgt4h.json?secure&access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
1286e1560cfa9f5cfd621e417c505f0573e90f642bb8629a3eafe606c606f48e

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 09:41:02 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
100000
Via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Fri, 03 Mar 2023 10:12:46 GMT
X-Rate-Limit-Interval
60
ETag
"cc672ba57550da8f54499fd5a1f9ec16"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
X-Rate-Limit-Reset
1679218922
Cache-Control
max-age=43200,s-maxage=300
Timing-Allow-Origin
*
X-Amz-Cf-Id
vYEng01BT8lLYbAPr69RhlZRFnaIidwvw8-RQXa9luJG9HQ6UWypCw==
tanguyducky.6su6o167.json
api.mapbox.com/v4/
2 KB
2 KB
Fetch
General
Full URL
https://api.mapbox.com/v4/tanguyducky.6su6o167.json?secure&access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
f209a72ecd299e70895b041fa3efee2649a41a25e8502f871e5bb67b06d7d1c7

Request headers

Accept
application/json
Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 09:41:02 GMT
Content-Encoding
gzip
X-Rate-Limit-Limit
100000
Via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Last-Modified
Fri, 03 Mar 2023 10:13:25 GMT
X-Rate-Limit-Interval
60
ETag
"6748c22c4e48c4e224ae833515931785"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
X-Rate-Limit-Reset
1679218922
Cache-Control
max-age=43200,s-maxage=300
Timing-Allow-Origin
*
X-Amz-Cf-Id
jXmJ6g037kOuxYOmm8cOhJ5oTHl_icRUX3wTOihnIEceQwLI_DrFOQ==
v2
events.mapbox.com/events/
0
75 B
Fetch
General
Full URL
https://events.mapbox.com/events/v2?access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.201.71 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-201-71.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 19 Mar 2023 09:41:02 GMT
x-powered-by
Express
v1
api.mapbox.com/map-sessions/
0
453 B
Fetch
General
Full URL
https://api.mapbox.com/map-sessions/v1?sku=101XeNxQaMewa&access_token=pk.eyJ1IjoidGFuZ3V5ZHVja3kiLCJhIjoiY2tyMjQ2ZWJoMjd2YTMxcXB0dXdhc2wyMSJ9.V-dk4QpbtXW-NHqs9doM0A
Requested by
Host: citizen-portal.ducky.eco
URL: https://citizen-portal.ducky.eco/bundle.f7a7b22a5a5828fcb13d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.23.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-23-183.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citizen-portal.ducky.eco/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 19 Mar 2023 09:41:02 GMT
Via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
X-Origin
mbx-styles
X-Amz-Cf-Pop
FRA56-P7
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Link
Cache-Control
max-age=300
Connection
keep-alive
Timing-Allow-Origin
*
X-Amz-Cf-Id
r_sCOYZ8Q6wn8MmCy5QatWKWgnva2i6n4ddR1j8VYjOxt5ZzRXPZMA==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb

2 Cookies

Domain/Path Name / Value
citizen-portal.ducky.eco/ Name: _pk_id.1.f51a
Value: 396acc66ed09bd7e.1679218857.
citizen-portal.ducky.eco/ Name: _pk_ses.1.f51a
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mapbox.com
cdn.matomo.cloud
citizen-portal.ducky.eco
events.mapbox.com
firestore.googleapis.com
folketsfotavtrykk.matomo.cloud
fonts.googleapis.com
fonts.gstatic.com
sentry.ducky.eco
static.ducky.eco
108.138.23.183
18.157.122.248
2600:1901:0:cd35::
2600:9000:2156:c000:c:7d55:b3c0:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200a
34.120.215.29
34.95.127.37
35.165.201.71
024d4073eefbcc0673bb46b6a086b8511c60ae08294366d6d04e08e1b7ae4487
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
09078019a9471d3ce12800a999af301f05dfb730fb974a1e572142ceda9443a8
1286e1560cfa9f5cfd621e417c505f0573e90f642bb8629a3eafe606c606f48e
1bd6af1ebc99612fc7f621f3bac91c3af940b690cbd7ba46c1b138e9a2828507
1e9a36fe2a085ed5f359bc146d578752801a97fefeb78419111fa0da6b0e8d33
20c3ba9a8f0521e4d925123f1a7b6f06929c12f6c12bb37a009d13d1da122ea1
23a9e22ec16e350473b52473f75f414c217af421f179530eaf0bce35ca8adc99
394f4401490f1b28f8cb6b8b6ff796beb9fd5923ce65a2acdc633995bf8a37d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
482cdcd6c7d48407c0f18a3465fe46e0569e0569a028713c49962003c6606ff2
544fb53ee11c95c178f237dc7365f769942842ab9056444ca08e7715beaafef9
55267b902f2b70ea0cf72ab2b4e77addb82bd9da964d97997babf48fc411e872
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c
6a91da1492128f2befa9ab420c6676625da9ecc5482f9b3c669bea42ed80ac4f
6d87b337a42db16e2991a37811cd2201385a2b591792bbfc0c055119a9e73ec9
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
7f154afe44c8aca6f13f56af60a876b4280c9ec3089ca7dba416f4d7cf5c7b49
86848aa76a0f1d29ea83067d1efd55a0730062c80662e67ebc6c30d9206a39a0
887f3da94ece8d5a0acc4a2155752c27b6507db31e8ac6c031d6c650489827e2
95e5a0d63ee09422dc82db3709d7ad329cab91807b6a9551eb8f3becfce635bc
9e0490524931c8dda222b7653fcaa084393c362a23d2ec457a0d4f20a6795e9c
a80c5c2ae8422a615174788f0bca5a162bde71c1e1e01f11d4267cd1985f053c
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
b2a035a239c5d6d7cc34ff13b99ddcf0a5dd3b9a015b4c7d6c0771622a33f77e
b5102bad39c4d0ea65f5549c474b2b0134ea6e2848d40209b4cee766732fcc8a
c06813115c02c8e2dd7e427e8ff32f632e66e7f59a6727b7b341a4074316357c
d13d7d236e3051c54fbcba347e343f6a37e89b6a649fb72b35f39be57ee9554d
ddbc39ae4bd460f9ac4ee60081eaabb98d411d8297bed625b3fe7f5df0172c4b
e02c5dfae265e14bdbc261d85f37a42d220d39d28e66d36e5ced9c68589c7a82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f209a72ecd299e70895b041fa3efee2649a41a25e8502f871e5bb67b06d7d1c7
f80a363398b4e3aed579e82f80679a4922527da62e5d18b0aac40fd972545bd8
fc0be72e75cf76839e6d9139871410c28cb89e2158572be69a489ba652052a67
fc8b76612b2995d5109074b9de4ae27d513477db97839e4512de3ef5c786a300