faq.citizenplane.com Open in urlscan Pro
3.222.86.36  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response faq.citizenplane.com/	10 KB 3 KB	473ms 108ms	Document text/html	3.222.86.36 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://faq.citizenplane.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.222.86.36 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-86-36.compute-1.amazonaws.com Software openresty / Resource Hash 87c8743656c6c7b32df703fbfdb8b2e5c333030fbfcd5a3e8b2d72432f692692 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 22 Mar 2023 20:53:36 GMT Server openresty Transfer-Encoding chunked
GET H2	200	launch-1679302353608.css d3eto7onm69fcz.cloudfront.net/assets/stylesheets/	115 KB 116 KB	113ms 24ms	Stylesheet text/css	2600:9000:2171:6a00:b:1881:c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eto7onm69fcz.cloudfront.net/assets/stylesheets/launch-1679302353608.css Requested by Host: faq.citizenplane.com URL: https://faq.citizenplane.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2171:6a00:b:1881:c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash 09e706d1fc23c91bd3990fd64f5540f0530709a3f0bddd6702e530c09e24c56e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 22 Mar 2023 20:03:17 GMT via 1.1 45dddc65ba3da4a1716d9c10f4aaaa08.cloudfront.net (CloudFront) last-modified Mon, 20 Mar 2023 08:18:24 GMT server openresty x-amz-cf-pop CDG53-C1 age 3019 etag "86e13b95a807b58f19dacd803bf920c35293b993" x-cache Hit from cloudfront content-type text/css; charset=utf-8 cache-control public, max-age=3600 content-length 118164 x-amz-cf-id 5mgUHkUS4EOgWQTkt2_bVGiIfaI74BPAqrOMkbB4UJhptaoTwKSWBg==
GET H/1.1	200 OK	helpscout.css citizenplane.s3-eu-west-1.amazonaws.com/public/website-assets/helpscout/	22 KB 22 KB	140ms 57ms	Stylesheet text/css	3.5.70.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://citizenplane.s3-eu-west-1.amazonaws.com/public/website-assets/helpscout/helpscout.css Requested by Host: faq.citizenplane.com URL: https://faq.citizenplane.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.70.144 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 22d1c4bd365831d3bd7a04c5fb392f2ca05028714f19ae7e456123a12ad2cf92 Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Wed, 22 Mar 2023 20:53:37 GMT Last-Modified Wed, 30 Sep 2020 15:58:41 GMT Server AmazonS3 x-amz-request-id ZA8D178367QJ7PNM ETag "49f8320090b3135aa00a13f8c12b6dc9" Content-Type text/css Accept-Ranges bytes Content-Length 22248 x-amz-id-2 xtKWaqOq58/FollW4G79USKn0zzrfaNV5vMe8tesLu54GJSUhxpRNMBZes/4IhgbYNq8GOYHfzThUdvFsrG7xA==
GET H2	200	logohs.png d33v4339jhl8k0.cloudfront.net/docs/assets/5f22a02b2c7d3a10cbab8f1c/images/5f74b09f4cedfd0017639b2c/	5 KB 5 KB	47ms 11ms	Image image/png	18.66.107.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d33v4339jhl8k0.cloudfront.net/docs/assets/5f22a02b2c7d3a10cbab8f1c/images/5f74b09f4cedfd0017639b2c/logohs.png Requested by Host: faq.citizenplane.com URL: https://faq.citizenplane.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.107.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-107-99.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7917e0ab62265f0891b09e67b132c95e4a149bcf1db58f8d0bb428e4ae78b3e Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 20:53:36 GMT via 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront) last-modified Wed, 30 Sep 2020 16:21:52 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 25240 x-amz-server-side-encryption AES256 etag "ec849949176ad4a1b3ecbd77f9851778" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 4623 x-amz-cf-id bQ-rZCr9GPA2seSmgEvIdOawOjgZE9-lBQZAvxMp8LcFAQRhTEVuCA==
GET H2	200	app3.min.js Show response d3eto7onm69fcz.cloudfront.net/assets/javascripts/	151 KB 151 KB	30ms 29ms	Script application/javascript	2600:9000:2171:6a00:b:1881:c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eto7onm69fcz.cloudfront.net/assets/javascripts/app3.min.js Requested by Host: faq.citizenplane.com URL: https://faq.citizenplane.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2171:6a00:b:1881:c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty / Resource Hash a2deeea00271f1cdfc055516d98ec62b43ba2478b33fcb605f42b1371e3247ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 22 Mar 2023 20:26:13 GMT via 1.1 45dddc65ba3da4a1716d9c10f4aaaa08.cloudfront.net (CloudFront) last-modified Mon, 20 Mar 2023 08:18:24 GMT server openresty x-amz-cf-pop CDG53-C1 age 1643 etag "d98f8ccf97b065a77dff55b6cf7eb58fb6f701cc" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=3600 content-length 154136 x-amz-cf-id S8lZ-q5tFuU95FyjVwfaQ8UQt0a6T6hbT80zybOCPPZdY7_JB3qOSw==
GET H2	403	css fonts.googleapis.com/	0 0	44ms 19ms	Stylesheet text/html	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Proxima+Nova Requested by Host: citizenplane.s3-eu-west-1.amazonaws.com URL: https://citizenplane.s3-eu-west-1.amazonaws.com/public/website-assets/helpscout/helpscout.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://citizenplane.s3-eu-west-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers
GET H2	200	/ Show response beacon-v2.helpscout.net/	458 B 752 B	40ms 7ms	Script application/javascript	143.204.215.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beacon-v2.helpscout.net/ Requested by Host: faq.citizenplane.com URL: https://faq.citizenplane.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-36.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 7ccf0f53c693e61cb9d84d51e1a28d1cff2cf5f41fc4c4eec3728cfcdb72510b Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 20:51:53 GMT content-encoding gzip via 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 104 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 328 last-modified Tue, 21 Mar 2023 16:58:17 GMT server AmazonS3 etag "f2488241eceef5b681c7998d69bf6892" vary Accept-Encoding content-type application/javascript cache-control max-age=120, s-maxage=120, public accept-ranges bytes x-amz-cf-id JgqJjaqFgsXybWY0-WUD4Wrlgo8y3-3tUFvLIgJ7Dr_YnBtvgwfiNA==
GET H2	200	vendor.cd5059a8.js Show response beacon-v2.helpscout.net/static/js/	63 KB 22 KB	8ms 7ms	Script application/javascript	143.204.215.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beacon-v2.helpscout.net/static/js/vendor.cd5059a8.js Requested by Host: beacon-v2.helpscout.net URL: https://beacon-v2.helpscout.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-36.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 92aa11587aa820dc18977e3156bf9359e7694050c2d7d21a5cae435993c1bdea Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 19:04:01 GMT content-encoding gzip via 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 6577 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 22207 last-modified Tue, 21 Mar 2023 16:58:18 GMT server AmazonS3 etag "bbd7098212808bebe55346ec365016cb" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id OfSe6LvEd9Sfa0NMgUk3kIktQYFArbp-kKBYdcF6TAI-wJS9nPtwpQ==
GET H2	200	main.8bf21943.js Show response beacon-v2.helpscout.net/static/js/	24 KB 10 KB	10ms 10ms	Script application/javascript	143.204.215.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beacon-v2.helpscout.net/static/js/main.8bf21943.js Requested by Host: beacon-v2.helpscout.net URL: https://beacon-v2.helpscout.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-36.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 0c4c873bf7eb605bfc6bd6f1700cde818adda50a43a58589fa6577c49bafbd26 Request headers accept-language de-DE,de;q=0.9 Referer https://faq.citizenplane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 20:45:55 GMT content-encoding gzip via 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 age 463 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 9551 last-modified Tue, 21 Mar 2023 16:58:18 GMT server AmazonS3 etag "0cb050a55d7409cd48c1f2a6c2a63145" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id tDiieDgynl_c27cDXGmhv0KST0YXyX6SDGWeU8lPRdC27mjj9fBPMQ==
OPTIONS H2	200	f7b627f9-8537-48e5-92d7-a412fdf5de72 d3hb14vkzrxvla.cloudfront.net/v1/	0 0	147ms 105ms	Preflight	18.66.137.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3hb14vkzrxvla.cloudfront.net/v1/f7b627f9-8537-48e5-92d7-a412fdf5de72 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.137.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-137-213.fra60.r.cloudfront.net Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers beacon-device-id,correlationid,helpscout-origin,helpscout-release Access-Control-Request-Method GET Origin https://faq.citizenplane.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers beacon-device-id, correlationid, helpscout-origin, helpscout-release access-control-allow-methods GET access-control-allow-origin https://faq.citizenplane.com allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH content-length 0 date Wed, 22 Mar 2023 20:53:37 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin,Access-Control-Request-Method via 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront) x-amz-cf-id FXT1RWl44H2RbTwanSiovKQl3G4SGYM3BZO2JIArzbkkfBRS562AOg== x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront x-ratelimit-limit-attachments-hour 10 x-ratelimit-limit-chat-tokens-hour 25 x-ratelimit-limit-conversations-hour 10 x-ratelimit-limit-general-minute 60 x-ratelimit-limit-identify-hour 25 x-ratelimit-remaining-attachments-hour 10 x-ratelimit-remaining-chat-tokens-hour 25 x-ratelimit-remaining-conversations-hour 10 x-ratelimit-remaining-general-minute 60 x-ratelimit-remaining-identify-hour 25
GET H2	200	f7b627f9-8537-48e5-92d7-a412fdf5de72 Show response d3hb14vkzrxvla.cloudfront.net/v1/	6 KB 7 KB	107ms 107ms	XHR application/json	18.66.137.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3hb14vkzrxvla.cloudfront.net/v1/f7b627f9-8537-48e5-92d7-a412fdf5de72 Requested by Host: beacon-v2.helpscout.net URL: https://beacon-v2.helpscout.net/static/js/vendor.cd5059a8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.137.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-137-213.fra60.r.cloudfront.net Software / Resource Hash 92d524f09a38eb87ce1963401f19b680e71cddb44da9710f4d594f3d7f0612e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers correlationId 2bed8816-18c5-43db-8f7d-06bf8a6efdb0 Helpscout-Release 2.2.83 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Accept application/json, text/plain, */* Beacon-Device-ID 262a9877-b97d-40dd-81b3-04a31498e834 Referer https://faq.citizenplane.com/ Helpscout-Origin Beacon-Embed Response headers date Wed, 22 Mar 2023 20:53:37 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront x-ratelimit-remaining-identify-hour 25 x-ratelimit-limit-general-minute 60 x-ratelimit-remaining-conversations-hour 10 x-ratelimit-limit-identify-hour 25 x-ratelimit-remaining-chat-tokens-hour 25 x-ratelimit-limit-conversations-hour 10 x-ratelimit-limit-attachments-hour 10 vary Origin,Access-Control-Request-Method content-type application/json access-control-allow-origin https://faq.citizenplane.com x-ratelimit-remaining-general-minute 60 access-control-expose-headers Resource-ID cache-control max-age=300 access-control-allow-credentials true x-ratelimit-remaining-attachments-hour 10 x-amz-cf-id z6DQUzMQlAhvWmsRUtO3hMJFM8fmoAXvDmGnqBevcY69DvjKtPy2GA== x-ratelimit-limit-chat-tokens-hour 25

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| Beacon function| _toConsumableArray string| url undefined| rewrittenUrl function| _slice function| css_browser_selector function| containsAuthQueryParam function| rewriteUrl function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| c function| initArticleRatings function| initDocsWebSearch undefined| noddy undefined| remotes object| beaconJsonp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			faq.citizenplane.com/	1970-01-20 19:17:34	Name: PLAY_SESSION Value: "b52f326a1d8413294d871e666f7e3c1f977da70a-siteId=5f72f7014cedfd00173bc801&hs.session.id=CpCsDKTJYY9oJNgzvBcPP8K6GsWfLDb56sht9qs3frQ4T4l6Nva85E0gAwxU9zcX&hs.session.exp=1679604816687"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=Proxima+Nova Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
citizenplane.s3-eu-west-1.amazonaws.com
d33v4339jhl8k0.cloudfront.net
d3eto7onm69fcz.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
faq.citizenplane.com
fonts.googleapis.com
143.204.215.36
18.66.107.99
18.66.137.213
2600:9000:2171:6a00:b:1881:c0:21
2a00:1450:4001:811::200a
3.222.86.36
3.5.70.144
09e706d1fc23c91bd3990fd64f5540f0530709a3f0bddd6702e530c09e24c56e
0c4c873bf7eb605bfc6bd6f1700cde818adda50a43a58589fa6577c49bafbd26
22d1c4bd365831d3bd7a04c5fb392f2ca05028714f19ae7e456123a12ad2cf92
7ccf0f53c693e61cb9d84d51e1a28d1cff2cf5f41fc4c4eec3728cfcdb72510b
87c8743656c6c7b32df703fbfdb8b2e5c333030fbfcd5a3e8b2d72432f692692
92aa11587aa820dc18977e3156bf9359e7694050c2d7d21a5cae435993c1bdea
92d524f09a38eb87ce1963401f19b680e71cddb44da9710f4d594f3d7f0612e3
a2deeea00271f1cdfc055516d98ec62b43ba2478b33fcb605f42b1371e3247ed
f7917e0ab62265f0891b09e67b132c95e4a149bcf1db58f8d0bb428e4ae78b3e