urlscan.io logo urlscan.io
SecurityTrails logo

citizenspanel.us Open in urlscan Pro
192.124.249.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://answer.citizenspanel.us/
Effective URL: https://citizenspanel.us/
Submission: On August 29 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 192.124.249.114, located in United States and belongs to SUCURI-SEC, US. The main domain is citizenspanel.us.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on June 16th 2020. Valid for: a year.
This is the only time citizenspanel.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.215.205.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-205-188.compute-1.amazonaws.com
answer.citizenspanel.us
11    192.124.249.114 (United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10114.sucuri.net
citizenspanel.us
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.239.71.225 (United States)

ASN15169 (GOOGLE, US)
PTR: 225.71.239.35.bc.googleusercontent.com
staging-citizenspanel.temp927.kinsta.cloud
1    2600:9000:214f:8600:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed.typeform.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
11 citizenspanel.us citizenspanel.us
3 www.facebook.com citizenspanel.us
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net citizenspanel.us
connect.facebook.net
1 embed.typeform.com citizenspanel.us
1 staging-citizenspanel.temp927.kinsta.cloud citizenspanel.us
1 fonts.googleapis.com citizenspanel.us
1 answer.citizenspanel.us 1 redirects
23 8

This site contains links to these domains. Also see Links.

Domain
form.typeform.com
joinofbyfor.us
www.canr.msu.edu
Subject Issuer Validity Valid
citizenspanel.us
Starfield Secure Certificate Authority - G2		 2020-06-16 -
2021-06-16		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.temp927.kinsta.cloud
Sectigo RSA Domain Validation Secure Server CA		 2020-07-29 -
2021-07-29		 a year crt.sh
*.typeform.com
Amazon		 2019-12-24 -
2021-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://citizenspanel.us/
Frame ID: 11EBD4CC85A3F8A949EC7B7E174AC7AD
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://answer.citizenspanel.us/ HTTP 301
    https://citizenspanel.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

852 kB
Transfer

2818 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://answer.citizenspanel.us/ HTTP 301
    https://citizenspanel.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citizenspanel.us/
Redirect Chain
  • https://answer.citizenspanel.us/
  • https://citizenspanel.us/
64 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
f10f2e4bb0154976662910d4a1c1bae3b3dac56a8b3fd41da81bd31789d8ec18
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
citizenspanel.us
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Sat, 29 Aug 2020 01:08:33 GMT
content-type
text/html; charset=UTF-8
x-sucuri-id
15014
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
vary
Accept-Encoding
x-ua-compatible
IE=edge
x-kinsta-cache
HIT
content-encoding
gzip
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj9eae76c98ca3e38401fc465301ccbbae
x-sucuri-cache
MISS

Redirect headers

status
301
server
openresty
date
Sat, 29 Aug 2020 01:08:32 GMT
content-length
0
location
https://citizenspanel.us/
x-nextjs-page
/index
cache-control
public, max-age=0, must-revalidate
content-security-policy-report-only
report-uri https://endpoint2.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV3VOE24ov0vchYgO3uoxKHdePxnKoFiICkeq1Vt2reRBEg4zYmpS2XL1UJS-0Ova9gUiV2PUH3EvuXcIOdrBPvAUgkIP-ZRbRMryNUY6YGqAQ== ; block-all-mixed-content ; default-src 'report-sample' 'self' https://*.videoask.com https://*.videoask.it https://*.videoask.live ; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' 'nonce-NDI0ODI2NmEtNGVlYS00MzBhLWIzOTQtMGYyODFjYjVkZTc1' https://*.videoask.com https://*.videoask.it https://*.videoask.live 'unsafe-inline' https: http: https://www.googletagmanager.com ; base-uri 'report-sample' 'self' ; img-src 'report-sample' 'self' data: blob: https://*.videoask.com https://*.videoask.it https://*.videoask.live https://*.gravatar.com https://images.pexels.com https://s3.amazonaws.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://*.giphy.com android-webview-video-poster: https://*.quora.com https://www.google-analytics.com https://*.linkedin.com https://*.facebook.com https://user-event-tracker.crazyegg.com https://p.adsymptotic.com https://www.googletagmanager.com https://www.google.com https://*.g.doubleclick.net https://bat.bing.com https://track.segmetrics.io https://*.gstatic.com https://cdn.cookielaw.org ; media-src 'report-sample' 'self' blob: data: https://*.videoask.com https://*.videoask.it https://*.videoask.live https://player.vimeo.com https://gcs-vimeo.akamaized.net https://vod-progressive.akamaized.net https://embedwistia-a.akamaihd.net https://*.giphy.com https://s3.amazonaws.com ; connect-src 'report-sample' 'self' blob: https://*.videoask.com https://*.videoask.it https://*.videoask.live https://videoask-media-dev.s3-accelerate.amazonaws.com https://videoask-media-prod.s3-accelerate.amazonaws.com https://videoask.eu.auth0.com https://dev-videoask.eu.auth0.com https://*.launchdarkly.com https://*.pexels.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://api.rollbar.com https://api.segment.io https://api.amplitude.com https://*.g.doubleclick.net https://www.google-analytics.com https://sample-api-v2.crazyegg.com https://p.adsymptotic.com https://www.facebook.com https://track.segmetrics.io https://tracking.crazyegg.com https://grsm.io https://*.optimizely.com ; style-src 'report-sample' 'self' https://font.typeform.com 'unsafe-inline' https://fonts.googleapis.com https://tagmanager.google.com https://cdn.cookielaw.org https://cdn.quilljs.com ; font-src 'report-sample' 'self' data: https://font.typeform.com https://fonts.gstatic.com ; frame-src 'report-sample' 'self' https://*.videoask.com https://*.videoask.it https://*.videoask.live https://calendly.com https://app.acuityscheduling.com https://js.stripe.com https://videoask.eu.auth0.com https://dev-videoask.eu.auth0.com https://*.wistia.com https://www.facebook.com https://6g4qf7txd07m.statuspage.io https://*.optimizely.com ; frame-ancestors * ; object-src 'none' ;
x-vercel-cache
MISS
age
0
x-vercel-id
iad1::sfo1::gh48f-1598663312507-08ea2b9d773b
strict-transport-security
max-age=63072000
x-videoask-cd
answer.citizenspanel.us
x-videoask-domain
alias.videoask.com
632f8322322eb8b99849f4dc9925e0a9.css
citizenspanel.us/wp-content/cache/min/1/ 		923 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
ee4560938c7ce7fc04766606ef1289b4d0a7d902a0f2efa7623eb5f998182e49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
121561
x-xss-protection
1; mode=block
last-modified
Fri, 28 Aug 2020 22:09:27 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5f498097-1dad9"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj78d2f0c7a4b0669ab9ff729a1bcffea4
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d489671e43cf3f02041401ffefa9cccb711aa4c8c5026e13cd0e1391b58f1e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Aug 2020 01:08:33 GMT
server
ESF
date
Sat, 29 Aug 2020 01:08:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Aug 2020 01:08:33 GMT
jquery.js
citizenspanel.us/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/wp-includes/js/jquery/jquery.js
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
x-xss-protection
1; mode=block
last-modified
Thu, 11 Jun 2020 16:57:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5ee26263-17a69"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRja2ffb2da7747580fe08c0000de139301
expires
Thu, 31 Dec 2037 23:55:55 GMT
a7ec399b24acb252e2f1982ed8c412cb.js
citizenspanel.us/wp-content/cache/min/1/ 		564 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/wp-content/cache/min/1/a7ec399b24acb252e2f1982ed8c412cb.js
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
71dffea2b0dd61a113595f8e3bd59cdad30564d1756b9cc381e7b156258eede0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
145027
x-xss-protection
1; mode=block
last-modified
Fri, 28 Aug 2020 22:09:27 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"5f498097-23683"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj770751bf64f6172aee3084680d2a223f
expires
Thu, 31 Dec 2037 23:55:55 GMT
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
rAMNv5kvZ+qYeGYkyZnJXMRnW2fB8fxg3xoLSYy5lUgvogpaNF2FH1krIk76hm+LvUNVdepfamKs/FIAHUxYHQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sat, 29 Aug 2020 01:08:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
buE4poGnedXvwjX7fmRD8iI_.woff2
fonts.gstatic.com/s/tinos/v13/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v13/buE4poGnedXvwjX7fmRD8iI_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13a8a884035783aab6982702c2c9faea86a6022d0338d118a6da2d852cfdc0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://citizenspanel.us
Referer
https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:07:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:50:21 GMT
server
sffe
age
403243
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9964
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:07:51 GMT
CircularStd-Black.woff
citizenspanel.us/wp-content/uploads/2020/06/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/wp-content/uploads/2020/06/CircularStd-Black.woff
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
d8b677f58646b4760182966a7a851bbd643f1f4fb846df8a6a89415db68e8a53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://citizenspanel.us
Referer
https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:34 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
40784
x-xss-protection
1; mode=block
last-modified
Fri, 12 Jun 2020 15:04:55 GMT
server
nginx
etag
"5ee39997-9f50"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj62e7036e8d1693e0edde6526b9dd82ad
expires
Thu, 31 Dec 2037 23:55:55 GMT
CircularStd-Bold.woff
citizenspanel.us/wp-content/uploads/2020/06/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/wp-content/uploads/2020/06/CircularStd-Bold.woff
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
025e0501bd9643beeef5cf19d4608b6836d631213dac3116efc2b43b1e78128a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://citizenspanel.us
Referer
https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:34 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
40720
x-xss-protection
1; mode=block
last-modified
Fri, 12 Jun 2020 15:04:57 GMT
server
nginx
etag
"5ee39999-9f10"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRjee04a35d7113bc42118ff05e16b2bf76
expires
Thu, 31 Dec 2037 23:55:55 GMT
buE2poGnedXvwjX-TmZJ9QA98NQ.woff2
fonts.gstatic.com/s/tinos/v13/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v13/buE2poGnedXvwjX-TmZJ9QA98NQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4429bfa5330dee3c2842b49e9670c80eedc60e0e6f2d57cd5fb3bb138b7c167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://citizenspanel.us
Referer
https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:16:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:50:03 GMT
server
sffe
age
402737
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10372
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:16:17 GMT
buE1poGnedXvwj1AW3Fu0C8V-txK.woff2
fonts.gstatic.com/s/tinos/v13/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v13/buE1poGnedXvwj1AW3Fu0C8V-txK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
018aa2d93dfb0bbfe32cfb1c05b14030de4d834594cd98db225db3b68f94aa68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://citizenspanel.us
Referer
https://fonts.googleapis.com/css?family=Tinos%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 09:10:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:56:47 GMT
server
sffe
age
403099
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9984
x-xss-protection
0
expires
Tue, 24 Aug 2021 09:10:15 GMT
fa-solid-900.woff2
citizenspanel.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citizenspanel.us/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://citizenspanel.us
Referer
https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
76084
x-xss-protection
1; mode=block
last-modified
Tue, 25 Aug 2020 12:07:02 GMT
server
nginx
etag
"5f44fee6-12934"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRjc79cf57894aebbc969375c3bcd6c3fc6
expires
Thu, 31 Dec 2037 23:55:55 GMT
CircularStd-Medium.woff
staging-citizenspanel.temp927.kinsta.cloud/wp-content/uploads/2020/06/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging-citizenspanel.temp927.kinsta.cloud/wp-content/uploads/2020/06/CircularStd-Medium.woff
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.239.71.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
225.71.239.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
68d95ee9d6de062ff9cca979e1e8fc5bfa8dec11345ffb112be0d492516bbfd5

Request headers

Origin
https://citizenspanel.us
Referer
https://citizenspanel.us/wp-content/cache/min/1/632f8322322eb8b99849f4dc9925e0a9.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
last-modified
Fri, 12 Jun 2020 15:05:00 GMT
server
nginx
etag
"5ee3999c-9d04"
status
200
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
40196
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj17476c2c0654bd55990d170cb8146d3b
expires
Thu, 31 Dec 2037 23:55:55 GMT
Citizens-Panel-Logo-copy-min-1024x570.png.webp
citizenspanel.us/wp-content/uploads/2020/08/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenspanel.us/wp-content/uploads/2020/08/Citizens-Panel-Logo-copy-min-1024x570.png.webp
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
8464bb5ccaf72ade7722537fbba01244ac76726a1885d364f5a30dbdb69e5a24
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
31810
x-xss-protection
1; mode=block
last-modified
Tue, 18 Aug 2020 13:51:59 GMT
server
nginx
etag
"5f3bdcff-7c42"
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRjdde75088ee372002c16664493fe92094
expires
Thu, 31 Dec 2037 23:55:55 GMT
Red-text-hi-res-min-1-1024x247.png.webp
citizenspanel.us/wp-content/uploads/2020/06/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenspanel.us/wp-content/uploads/2020/06/Red-text-hi-res-min-1-1024x247.png.webp
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
79e76c8ffcf2b126df99f628035638f3026f836cb3d288a613e63a32e76c4a67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
16466
x-xss-protection
1; mode=block
last-modified
Mon, 15 Jun 2020 21:12:26 GMT
server
nginx
etag
"5ee7e43a-4052"
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj56c6706ad96ba14c67227ba09a36b0fa
expires
Thu, 31 Dec 2037 23:55:55 GMT
MSUE-min.png.webp
citizenspanel.us/wp-content/uploads/2020/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenspanel.us/wp-content/uploads/2020/08/MSUE-min.png.webp
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
baa4db955fbec4ab34333201fd71d65e5a83c6a8fb99d3d8c1aadc08e8fa0694
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
8426
x-xss-protection
1; mode=block
last-modified
Tue, 18 Aug 2020 13:39:41 GMT
server
nginx
etag
"5f3bda1d-20ea"
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj6c02636218c9757d6290944b841b751f
expires
Thu, 31 Dec 2037 23:55:55 GMT
video.jpeg.webp
citizenspanel.us/wp-content/uploads/2020/06/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citizenspanel.us/wp-content/uploads/2020/06/video.jpeg.webp
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.114 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10114.sucuri.net
Software
nginx /
Resource Hash
a024e639349531fd8a452734d02b85366c58a97f05f2883262d0b139e416f3cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
e172abecbd394f56a1a2479517f27fbfe05ff815
content-length
33434
x-xss-protection
1; mode=block
last-modified
Mon, 15 Jun 2020 21:07:41 GMT
server
nginx
etag
"5ee7e31d-829a"
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15014
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-edge-location-klb
jCpSvmu2Q3ymcwbgZBpPgvRj7656b83011ee79ca1439ed472eddcf96
expires
Thu, 31 Dec 2037 23:55:55 GMT
embed.js
embed.typeform.com/ 		149 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.typeform.com/embed.js
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/wp-content/cache/min/1/a7ec399b24acb252e2f1982ed8c412cb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:8600:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2033562290471ddb2fce972474f69c3da86a84eeb59cd73bfcc856f458387c81

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:06:28 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 12:23:03 GMT
server
AmazonS3
age
126
etag
"587c2c841015d7dc1ab471b81c236af3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
cGlVnmpnBe_ZWJNFNvEUFtBLjk1jQTbfhhFv663rnFIq2SbUihSQBA==
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
identity.js
connect.facebook.net/signals/plugins/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.23
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
10760
x-xss-protection
0
pragma
public
x-fb-debug
Kx+fUDQPgBu+/ePUJ0o3T4BtwaJZ0DFE4e12vJ2vkoyo88+Vbur8ArUz6YKkY10DQ8iNx9iP8EPjDt/pDzNLvg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sat, 29 Aug 2020 01:08:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
225579765406743
connect.facebook.net/signals/config/ 		524 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/225579765406743?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f1a9f310b2870b75470bfa07cb9b405aecd4355dd0f03a95c9b10512ef489e8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
6I6FiKCwu5hQUxEbt3yIUWXd8BtSH6V9Y61WE9E2yvt6NMfeDICw96upjHzjeVFaFcEXmDQoJbtyxH7dX03zSQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sat, 29 Aug 2020 01:08:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=225579765406743&ev=PageView&dl=https%3A%2F%2Fcitizenspanel.us%2F&rl=&if=false&ts=1598663315029&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.23&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1598663315028.753344764&it=1598663314884&coo=false&rqm=GET
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 29 Aug 2020 01:08:35 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=225579765406743&ev=AdvancedEvents&dl=https%3A%2F%2Fcitizenspanel.us%2F&rl=&if=false&ts=1598663315031&cd[login_status]=not_logged_in&cd[post_type]=page&cd[object_id]=90&cd[object_type]=home&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.23&r=stable&a=dvpixelcaffeinewordpress&ec=1&o=30&fbp=fb.1.1598663315028.753344764&it=1598663314884&coo=false&rqm=GET
Requested by
Host: citizenspanel.us
URL: https://citizenspanel.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 29 Aug 2020 01:08:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 29 Aug 2020 01:08:35 GMT
/
www.facebook.com/tr/ 		0
83 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://citizenspanel.us/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarySBpapPVA46Am68Wo

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 29 Aug 2020 01:08:35 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://citizenspanel.us
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes undefined| $ function| jQuery object| aepc_pixel object| aepc_pixel_args function| aepc_extend_args function| fbq function| _fbq object| mPS2id_params object| uael_post_loader_script object| localize object| aepc_pixel_events object| ElementorProFrontendConfig object| elementorFrontendConfig object| uael_script object| uael object| jQuery112406322798777328595 boolean| is_fb_loggedin boolean| is_google_loggedin object| UAELContentToggle object| UAELVideo boolean| isEditMode object| ea object| __core-js_shared__ object| core object| elementorModules function| Sticky object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontend boolean| typeformEmbedIsloaded object| typeformEmbed

1 Cookies

Domain/Path Name / Value
.citizenspanel.us/ Name: _fbp
Value: fb.1.1598663315028.753344764

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

answer.citizenspanel.us
citizenspanel.us
connect.facebook.net
embed.typeform.com
fonts.googleapis.com
fonts.gstatic.com
staging-citizenspanel.temp927.kinsta.cloud
www.facebook.com
192.124.249.114
2600:9000:214f:8600:2:c605:29c0:93a1
2a00:1450:4001:817::200a
2a00:1450:4001:81a::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.215.205.188
35.239.71.225
018aa2d93dfb0bbfe32cfb1c05b14030de4d834594cd98db225db3b68f94aa68
025e0501bd9643beeef5cf19d4608b6836d631213dac3116efc2b43b1e78128a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13a8a884035783aab6982702c2c9faea86a6022d0338d118a6da2d852cfdc0f4
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2033562290471ddb2fce972474f69c3da86a84eeb59cd73bfcc856f458387c81
4f1a9f310b2870b75470bfa07cb9b405aecd4355dd0f03a95c9b10512ef489e8
68d95ee9d6de062ff9cca979e1e8fc5bfa8dec11345ffb112be0d492516bbfd5
71dffea2b0dd61a113595f8e3bd59cdad30564d1756b9cc381e7b156258eede0
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
79e76c8ffcf2b126df99f628035638f3026f836cb3d288a613e63a32e76c4a67
8464bb5ccaf72ade7722537fbba01244ac76726a1885d364f5a30dbdb69e5a24
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8d489671e43cf3f02041401ffefa9cccb711aa4c8c5026e13cd0e1391b58f1e0
a024e639349531fd8a452734d02b85366c58a97f05f2883262d0b139e416f3cc
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
baa4db955fbec4ab34333201fd71d65e5a83c6a8fb99d3d8c1aadc08e8fa0694
d8b677f58646b4760182966a7a851bbd643f1f4fb846df8a6a89415db68e8a53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4429bfa5330dee3c2842b49e9670c80eedc60e0e6f2d57cd5fb3bb138b7c167
ee4560938c7ce7fc04766606ef1289b4d0a7d902a0f2efa7623eb5f998182e49
f10f2e4bb0154976662910d4a1c1bae3b3dac56a8b3fd41da81bd31789d8ec18