![](/screenshots/9a069ada-546e-4443-be57-948474a12642.png)
faq.citizenplane.com
Open in
urlscan Pro
3.222.86.36
Public Scan
Submission: On March 22 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 21st 2023. Valid for: 3 months.
This is the only time faq.citizenplane.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 3.222.86.36 3.222.86.36 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2600:9000:217... 2600:9000:2171:6a00:b:1881:c0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.5.70.144 3.5.70.144 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.107.99 18.66.107.99 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 143.204.215.36 143.204.215.36 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 18.66.137.213 18.66.137.213 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-86-36.compute-1.amazonaws.com
faq.citizenplane.com |
ASN16509 (AMAZON-02, US)
d3eto7onm69fcz.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
citizenplane.s3-eu-west-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-99.fra56.r.cloudfront.net
d33v4339jhl8k0.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-36.fra53.r.cloudfront.net
beacon-v2.helpscout.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-213.fra60.r.cloudfront.net
d3hb14vkzrxvla.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
cloudfront.net
d3eto7onm69fcz.cloudfront.net d33v4339jhl8k0.cloudfront.net d3hb14vkzrxvla.cloudfront.net |
279 KB |
3 |
helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 9769 |
33 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
|
1 |
amazonaws.com
citizenplane.s3-eu-west-1.amazonaws.com |
22 KB |
1 |
citizenplane.com
faq.citizenplane.com |
3 KB |
11 | 5 |
Domain | Requested by | |
---|---|---|
3 | beacon-v2.helpscout.net |
faq.citizenplane.com
beacon-v2.helpscout.net |
2 | d3hb14vkzrxvla.cloudfront.net |
beacon-v2.helpscout.net
|
2 | d3eto7onm69fcz.cloudfront.net |
faq.citizenplane.com
|
1 | fonts.googleapis.com |
citizenplane.s3-eu-west-1.amazonaws.com
|
1 | d33v4339jhl8k0.cloudfront.net |
faq.citizenplane.com
|
1 | citizenplane.s3-eu-west-1.amazonaws.com |
faq.citizenplane.com
|
1 | faq.citizenplane.com | |
11 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.helpscout.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
faq.citizenplane.com R3 |
2023-01-21 - 2023-04-21 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.s3-eu-west-1.amazonaws.com Amazon |
2022-09-21 - 2023-08-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.helpscout.net Amazon RSA 2048 M02 |
2023-02-23 - 2023-05-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://faq.citizenplane.com/
Frame ID: 071CF96D4983E6F43BA786BEF9A853CC
Requests: 10 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Help Scout
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
faq.citizenplane.com/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-1679302353608.css
d3eto7onm69fcz.cloudfront.net/assets/stylesheets/ |
115 KB 116 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpscout.css
citizenplane.s3-eu-west-1.amazonaws.com/public/website-assets/helpscout/ |
22 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logohs.png
d33v4339jhl8k0.cloudfront.net/docs/assets/5f22a02b2c7d3a10cbab8f1c/images/5f74b09f4cedfd0017639b2c/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app3.min.js
d3eto7onm69fcz.cloudfront.net/assets/javascripts/ |
151 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
beacon-v2.helpscout.net/ |
458 B 752 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.cd5059a8.js
beacon-v2.helpscout.net/static/js/ |
63 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.8bf21943.js
beacon-v2.helpscout.net/static/js/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
f7b627f9-8537-48e5-92d7-a412fdf5de72
d3hb14vkzrxvla.cloudfront.net/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f7b627f9-8537-48e5-92d7-a412fdf5de72
d3hb14vkzrxvla.cloudfront.net/v1/ |
6 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| Beacon function| _toConsumableArray string| url undefined| rewrittenUrl function| _slice function| css_browser_selector function| containsAuthQueryParam function| rewriteUrl function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| c function| initArticleRatings function| initDocsWebSearch undefined| noddy undefined| remotes object| beaconJsonp1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
faq.citizenplane.com/ | Name: PLAY_SESSION Value: "b52f326a1d8413294d871e666f7e3c1f977da70a-siteId=5f72f7014cedfd00173bc801&hs.session.id=CpCsDKTJYY9oJNgzvBcPP8K6GsWfLDb56sht9qs3frQ4T4l6Nva85E0gAwxU9zcX&hs.session.exp=1679604816687" |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beacon-v2.helpscout.net
citizenplane.s3-eu-west-1.amazonaws.com
d33v4339jhl8k0.cloudfront.net
d3eto7onm69fcz.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
faq.citizenplane.com
fonts.googleapis.com
143.204.215.36
18.66.107.99
18.66.137.213
2600:9000:2171:6a00:b:1881:c0:21
2a00:1450:4001:811::200a
3.222.86.36
3.5.70.144
09e706d1fc23c91bd3990fd64f5540f0530709a3f0bddd6702e530c09e24c56e
0c4c873bf7eb605bfc6bd6f1700cde818adda50a43a58589fa6577c49bafbd26
22d1c4bd365831d3bd7a04c5fb392f2ca05028714f19ae7e456123a12ad2cf92
7ccf0f53c693e61cb9d84d51e1a28d1cff2cf5f41fc4c4eec3728cfcdb72510b
87c8743656c6c7b32df703fbfdb8b2e5c333030fbfcd5a3e8b2d72432f692692
92aa11587aa820dc18977e3156bf9359e7694050c2d7d21a5cae435993c1bdea
92d524f09a38eb87ce1963401f19b680e71cddb44da9710f4d594f3d7f0612e3
a2deeea00271f1cdfc055516d98ec62b43ba2478b33fcb605f42b1371e3247ed
f7917e0ab62265f0891b09e67b132c95e4a149bcf1db58f8d0bb428e4ae78b3e