urlscan.io logo urlscan.io
SecurityTrails logo

brooklynpark.evidence.com Open in urlscan Pro
52.227.178.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brooklynpark.evidence.com/index.aspx
Effective URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Submission: On May 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 52.227.178.220, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is brooklynpark.evidence.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 25th 2023. Valid for: a year.
This is the only time brooklynpark.evidence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 52.227.178.220 8075 (MICROSOFT...)
10 1
Apex Domain
Subdomains		 Transfer
11 evidence.com
brooklynpark.evidence.com
418 KB
10 1
Domain Requested by
11 brooklynpark.evidence.com 1 redirects brooklynpark.evidence.com
10 1

This site contains links to these domains. Also see Links.

Domain
id.evidence.com
www.axon.com
Subject Issuer Validity Valid
*.evidence.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-25 -
2024-08-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Frame ID: BCDF7DF7456EBDD595E20F4DBF57CE05
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Evidence.com

Page URL History Show full URLs

  1. https://brooklynpark.evidence.com/index.aspx HTTP 302
    https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

417 kB
Transfer

1069 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brooklynpark.evidence.com/index.aspx HTTP 302
    https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
brooklynpark.evidence.com/index.aspx/api/oauth2/
Redirect Chain
  • https://brooklynpark.evidence.com/index.aspx
  • https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
98775c2240d9af750b50b0ce1802b4b67ad61e33538b4f61b9f97ce81f5ea3f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 May 2024 19:59:01 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
cache-control
private, no-store
content-encoding
gzip
vary
Accept-Encoding
x-server
HTP001

Redirect headers

Connection
keep-alive
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Content-Type
text/html; charset=utf-8
Date
Thu, 30 May 2024 19:59:00 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
cache-control
private, no-store
location
/index.aspx/api/oauth2/login?class=UIX&proc=Login
x-server
HTP001
styles_less_css.min.css
brooklynpark.evidence.com/html/uix/compiled/ 		140 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/html/uix/compiled/styles_less_css.min.css?version=2024.4.0-release-2024-04-40761
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
c9efc33e4350a74b3335e19d886455526ef4e259f840bafd02e4415c04f373c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:01 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Connection
keep-alive
Content-Length
40776
X-XSS-Protection
1; mode=block
last-modified
Thu, 25 Apr 2024 16:15:02 GMT
Server
nginx
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
cache-control
max-age=86400, private
x-server
HTP001
accept-ranges
bytes
third_party_js.min.js
brooklynpark.evidence.com/html/uix/compiled/ 		396 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/html/uix/compiled/third_party_js.min.js?version=2024.4.0-release-2024-04-40761
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
8c968bd9a0e2ab2f2383f4e1639fcb51bfd3fbdafc76175ff41b3a927316d5cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:02 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Connection
keep-alive
X-XSS-Protection
1; mode=block
last-modified
Thu, 25 Apr 2024 16:14:30 GMT
Server
nginx
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=86400, private
x-server
HTP001
accept-ranges
bytes
libphonenumber.min.js
brooklynpark.evidence.com/html/uix/compiled/ 		165 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/html/uix/compiled/libphonenumber.min.js?version=2024.4.0-release-2024-04-40761
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
317653b1c52cff4aa7ef544abd26c94f01aa7b15c77d964bd3cd1cd77a720404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:01 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Connection
keep-alive
Content-Length
45023
X-XSS-Protection
1; mode=block
last-modified
Thu, 25 Apr 2024 16:14:42 GMT
Server
nginx
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=86400, private
x-server
HTP001
accept-ranges
bytes
index.aspx
brooklynpark.evidence.com/html/uix/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/html/uix/index.aspx?class=UIX&proc=GetLanguageStrings&lang=en-us&cache=2024.4.0-release-2024-04-40761
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
add9ec93053bb949e84bbf39666c02f1148e316b44044444b6884ed14ff6c8b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:01 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Transfer-Encoding
chunked
vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
cache-control
public, max-age=1296000
x-server
HTP001
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Connection
keep-alive
X-XSS-Protection
1; mode=block
expires
Fri, 14 Jun 2024 19:59:01 GMT
common_not_logged_in_js.min.js
brooklynpark.evidence.com/html/uix/compiled/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/html/uix/compiled/common_not_logged_in_js.min.js?version=2024.4.0-release-2024-04-40761
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
27d7a91a41aba6b193df705b9c3b3adee5002381f7102837d9ccaead1ad23c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:01 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Connection
keep-alive
Content-Length
30457
X-XSS-Protection
1; mode=block
last-modified
Thu, 25 Apr 2024 16:14:50 GMT
Server
nginx
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=86400, private
x-server
HTP001
accept-ranges
bytes
Axon-Evidence.com.svg
brooklynpark.evidence.com/html/uix/images/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brooklynpark.evidence.com/html/uix/images/Axon-Evidence.com.svg
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
da31bcecbc2f4423deb7424f1fcf10c852729b71e6053ec41e19065b300c17bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 25 Apr 2024 16:09:12 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Content-Type
image/svg+xml
cache-control
max-age=86400, private
x-server
HTP001
Connection
keep-alive
accept-ranges
bytes
Content-Length
3353
X-XSS-Protection
1; mode=block
logo.png
brooklynpark.evidence.com/html/uix/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brooklynpark.evidence.com/html/uix/images/logo.png
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
64bef2eb1dfb1a542d93a8150bbc01eff2fc58944b13ff23398c409f86fec172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 25 Apr 2024 16:09:12 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Content-Type
image/png
cache-control
max-age=86400, private
x-server
HTP001
Connection
keep-alive
accept-ranges
bytes
Content-Length
1971
X-XSS-Protection
1; mode=block
mixpanel-2.45.0.js
brooklynpark.evidence.com/html/uix/js/third_party/ 		51 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/html/uix/js/third_party/mixpanel-2.45.0.js
Requested by
Host: brooklynpark.evidence.com
URL: https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
a8c716938ef07f0a8a9338272aa02d6ee1352e7ccdc7e524a84d0e26f7a62252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:02 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Connection
keep-alive
Content-Length
21737
X-XSS-Protection
1; mode=block
last-modified
Thu, 25 Apr 2024 16:09:14 GMT
Server
nginx
vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=86400, private
x-server
HTP001
accept-ranges
bytes
favicon.ico
brooklynpark.evidence.com/ 		34 KB
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://brooklynpark.evidence.com/favicon.ico?v=2024.4.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.227.178.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
us1ge1-1.evidence.com
Software
nginx /
Resource Hash
c030b27b5a1cc03dba35905824b1df888d48b42b9395fefeeaaa59120256692f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://brooklynpark.evidence.com/index.aspx/api/oauth2/login?class=UIX&proc=Login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 19:59:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
last-modified
Thu, 25 Apr 2024 16:09:10 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Security-Policy-Report-Only
default-src self *.evidence.com; script-src 'unsafe-inline' self *.evidence.com *.arcgis.com cdn.jsdelivr.net https://www.google.com/recaptcha/api.js *.gstatic.com 'unsafe-eval' *.mixpanel.com blob:; connect-src self *.evidence.com wss://*.evidence.com wss://external.dronesense.com api.cesium.com *.arcgis.com *.arcgisonline.com api.dronesense.com api.fususone.com data-statystic.net fieldwatch-api.dev.securonetservices.com *.mixpanel.com data: blob:; img-src self *.evidence.com *.arcgis.com *.arcgisonline.com cdn.jsdelivr.net data: blob:; style-src 'unsafe-inline' self *.evidence.com *.jsdelivr.net *.googleapis.com *.arcgis.com data:; font-src self *.evidence.com *.jsdelivr.net *.gstatic.com *.arcgis.com data:; frame-src self *.evidence.com https://*.powerbigov.us google.com; media-src self *.evidence.com blob: *.gstatic.com data:; worker-src self *.evidence.com blob: data:; report-uri /api/telemetry/csp/logs;
Content-Type
image/x-icon
x-server
HTP001
Connection
keep-alive
accept-ranges
bytes
Content-Length
34494
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $jscomp function| parseUri function| YUI function| $ function| jQuery object| MapsUtils function| Cluster function| Pin object| libphonenumber object| edcStrings object| App object| BigPipeLoader function| PageLet function| BigPipe function| detectBrowser function| detectOS function| getNodeVersion function| parseUserAgent function| getBrowserRules function| getOperatingSystemRules function| buildRules function| errorMessageBulk function| updateBulkRows function| stringElipse function| getObjectById string| can_search_evidence function| urlDecodeRegex object| YUI_config function| bingMapCallback object| me string| mixpanelToken string| region string| MIXPANEL_CUSTOM_LIB_URL boolean| isDebug string| userId string| userIdNoDashes string| agencyName object| mixpanel object| jQuery110009260008383400453

1 Cookies

Domain/Path Name / Value
brooklynpark.evidence.com/ Name: mp_d63b9a71dc71dd5dc6ec95e8020b0ca7_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%22%2C%22%24device_id%22%3A%20%2218fcb159ef24ed-096ed19dc80a89-26001c51-1d4c00-18fcb159ef31f26%22%2C%22%24user_id%22%3A%20%22%22%2C%22agency%22%3A%20%22Brooklyn%20Park%20Police%20Dept.%22%2C%22Region%22%3A%20%22us1%22%2C%22App%20Name%22%3A%20%22Axon%20Evidence%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block