rivcoda.evidence.com Open in urlscan Pro
52.227.180.79  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Page URL
2. https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	f66703ce1d3a43e185626d7747fa421c Show response rivcoda.evidence.com/axon/case/	978 B 1 KB	301ms 99ms	Document text/html	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash f49b17f5ffc32e19e34f9baeea34205c4cad1887585755ded718f44cc0c48c34 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Length 978 Content-Type text/html Date Mon, 23 May 2022 14:09:12 GMT Last-Modified Wed, 11 May 2022 23:10:06 GMT Pragma no-cache Server nginx Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	webviewer-core.min.js Show response rivcoda.evidence.com/axon/assets/edc-web/pdftron/webviewer/8.2.0/core/	1 MB 450 KB	197ms 196ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/assets/edc-web/pdftron/webviewer/8.2.0/core/webviewer-core.min.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 6770ade0310c58d8f50b0ea4cbe2c64cd4df6e6251bb8d0212243cff16a29a49 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 May 2022 23:10:07 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript Cache-Control public, no-transform, max-age=2630000, immutable Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	PDFNet.js Show response rivcoda.evidence.com/axon/assets/edc-web/pdftron/webviewer/8.2.0/core/pdf/	605 KB 101 KB	399ms 209ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/assets/edc-web/pdftron/webviewer/8.2.0/core/pdf/PDFNet.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 158726c4c6bb77d3a4a5cba9434ade14fd17085040e562cd9a5732797e6c3ef4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 May 2022 23:10:07 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript Cache-Control public, no-transform, max-age=2630000, immutable Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	axon-lib.284e67a49a4124fb4a36.js Show response rivcoda.evidence.com/axon/assets/edc-web/	3 MB 842 KB	383ms 193ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/assets/edc-web/axon-lib.284e67a49a4124fb4a36.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash b4a6cec4cc2373263945537e560ec2bd443f7fe513424e976c2b4534d85f0d3f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 May 2022 23:10:06 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript Cache-Control public, no-transform, max-age=2630000, immutable Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	vendors~app~commander.4420900d62b0fff3033b.js Show response rivcoda.evidence.com/axon/assets/edc-web/	6 MB 2 MB	385ms 195ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/assets/edc-web/vendors~app~commander.4420900d62b0fff3033b.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 24907881de870b609fdfa28f0558a3d9bc60f6ee2ea0e08d9f7b1372f559d594 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 May 2022 23:10:07 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript Cache-Control public, no-transform, max-age=2630000, immutable Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	app.8e5375aaf926fa3e3421.js Show response rivcoda.evidence.com/axon/assets/edc-web/	4 MB 1 MB	399ms 209ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/assets/edc-web/app.8e5375aaf926fa3e3421.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash d6cb9e8939644239692f8b992661eec4e97b7a99089f3421376172828f8ec01f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 May 2022 23:10:06 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript Cache-Control public, no-transform, max-age=2630000, immutable Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block
GET H/1.1	401 Unauthorized	session rivcoda.evidence.com/api/v1/	56 B 577 B	187ms 186ms	Fetch application/json	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/api/v1/session Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/assets/edc-web/axon-lib.284e67a49a4124fb4a36.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c X-Requested-With axon_fetch_api accept-language de-DE,de;q=0.9 X-AXON-REQID gqitjpmq User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:14 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/json Cache-Control no-cache, max-age=0, must-revalidate Strict-Transport-Security max-age=31536000 Vary Accept-Encoding Content-Length 81 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	1d19cae820b9c1b608f9.worker.js rivcoda.evidence.com/axon/assets/edc-web/	602 KB 0	100ms 100ms	Other application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/axon/assets/edc-web/1d19cae820b9c1b608f9.worker.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:14 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 May 2022 23:10:06 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript Cache-Control public, no-transform, max-age=2630000, immutable Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Primary Request / Show response rivcoda.evidence.com/	7 KB 4 KB	160ms 158ms	Document text/html	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/axon/assets/edc-web/app.8e5375aaf926fa3e3421.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash d3305af627a7693f502fe4aa04fdcc16878cff90824e27309ec62e866c26014d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://rivcoda.evidence.com/axon/case/f66703ce1d3a43e185626d7747fa421c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Mon, 23 May 2022 14:09:14 GMT Server nginx Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block cache-control private, no-store content-encoding gzip vary Accept-Encoding x-server HTP001
GET H/1.1	200 OK	styles_less_css.min.css rivcoda.evidence.com/html/uix/compiled/	136 KB 40 KB	153ms 151ms	Stylesheet text/css	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/html/uix/compiled/styles_less_css.min.css?version=2022.4.0-release-2022-04-29296 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 131dff2e137fdb8d03831b9e5fe894f947d4831707cf251be2281693adb9e146 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT content-encoding gzip X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:14:06 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type text/css; charset=utf-8 cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes vary Accept-Encoding Content-Length 40542 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	third_party_js.min.js Show response rivcoda.evidence.com/html/uix/compiled/	307 KB 97 KB	137ms 135ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/html/uix/compiled/third_party_js.min.js?version=2022.4.0-release-2022-04-29296 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash de27d233736d66665e51fbf61fbdc88e63370860d68dfc1b5fda1caa487ead10 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT content-encoding gzip X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:13:36 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript; charset=utf-8 cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes vary Accept-Encoding Content-Length 99097 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	libphonenumber.min.js Show response rivcoda.evidence.com/html/uix/compiled/	165 KB 44 KB	240ms 239ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/html/uix/compiled/libphonenumber.min.js?version=2022.4.0-release-2022-04-29296 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 317653b1c52cff4aa7ef544abd26c94f01aa7b15c77d964bd3cd1cd77a720404 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT content-encoding gzip X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:13:46 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript; charset=utf-8 cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes vary Accept-Encoding Content-Length 45023 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	index.aspx Show response rivcoda.evidence.com/html/uix/	185 KB 62 KB	220ms 220ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/html/uix/index.aspx?class=UIX&proc=GetLanguageStrings&lang=en-us&cache=2022.4.0-release-2022-04-29296 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 97c69dd66fc8dd45a5bc3933cb1f4c30eb3009bce3be6b6e835f04490dea8965 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT content-encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options SAMEORIGIN vary Accept-Encoding Connection keep-alive Content-Type application/javascript; charset=utf-8 cache-control public, max-age=1296000 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 x-server HTP001 X-XSS-Protection 1; mode=block expires Tue, 07 Jun 2022 14:09:15 GMT
GET H/1.1	200 OK	common_not_logged_in_js.min.js Show response rivcoda.evidence.com/html/uix/compiled/	84 KB 24 KB	487ms 298ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/html/uix/compiled/common_not_logged_in_js.min.js?version=2022.4.0-release-2022-04-29296 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 5bb76d89ff3d286302793b7caf27f308deb428cabf18a21b83917d0f22bf2299 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT content-encoding gzip X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:13:54 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript; charset=utf-8 cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes vary Accept-Encoding Content-Length 23923 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Axon-Evidence.com.svg rivcoda.evidence.com/html/uix/images/	3 KB 4 KB	197ms 195ms	Image image/svg+xml	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rivcoda.evidence.com/html/uix/images/Axon-Evidence.com.svg Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash da31bcecbc2f4423deb7424f1fcf10c852729b71e6053ec41e19065b300c17bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:10:24 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type image/svg+xml cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes Content-Length 3353 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	logo.png rivcoda.evidence.com/html/uix/images/	2 KB 2 KB	228ms 228ms	Image image/png	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rivcoda.evidence.com/html/uix/images/logo.png Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 64bef2eb1dfb1a542d93a8150bbc01eff2fc58944b13ff23398c409f86fec172 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:10:24 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type image/png cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes Content-Length 1971 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	mixpanel-2.29.0.js Show response rivcoda.evidence.com/html/uix/js/third_party/	89 KB 26 KB	1080ms 1079ms	Script application/javascript	52.227.180.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rivcoda.evidence.com/html/uix/js/third_party/mixpanel-2.29.0.js Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.180.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS us1ge1-3.evidence.com Software nginx / Resource Hash 7e57aa4857b3827223e6ed182d9485c1f29b2384bdf3d56bfd63db541db35deb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/?class=UIX&proc=Login&return_url=%2Faxon%2Fcase%2Ff66703ce1d3a43e185626d7747fa421c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Mon, 23 May 2022 14:09:15 GMT content-encoding gzip X-Content-Type-Options nosniff last-modified Tue, 26 Apr 2022 19:10:24 GMT Server nginx X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/javascript; charset=utf-8 cache-control max-age=86400, private x-server HTP001 Strict-Transport-Security max-age=31536000 accept-ranges bytes vary Accept-Encoding Content-Length 25779 X-XSS-Protection 1; mode=block
GET H2	200	/ Show response api.mixpanel.com/decide/	65 B 330 B	58ms 21ms	XHR application/json	35.190.25.25 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=9dbc212403e1dfe57aa9aff518725737&ip=0&_=1653314955550 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/html/uix/js/third_party/mixpanel-2.29.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 25.25.190.35.bc.googleusercontent.com Software gunicorn/19.9.0 / Resource Hash 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 14:09:16 GMT via 1.1 google server gunicorn/19.9.0 access-control-allow-headers X-Requested-With access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://rivcoda.evidence.com cache-control no-cache, no-store access-control-allow-credentials true alt-svc clear
GET H2	200	/ Show response api.mixpanel.com/decide/	65 B 128 B	31ms 22ms	XHR application/json	35.190.25.25 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.mixpanel.com/decide/?verbose=1&version=3&lib=web&token=9dbc212403e1dfe57aa9aff518725737&distinct_id=unauthenticateduser&ip=0&_=1653314955578 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/html/uix/js/third_party/mixpanel-2.29.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 25.25.190.35.bc.googleusercontent.com Software gunicorn/19.9.0 / Resource Hash 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 14:09:16 GMT via 1.1 google server gunicorn/19.9.0 access-control-allow-headers X-Requested-With access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://rivcoda.evidence.com cache-control no-cache, no-store access-control-allow-credentials true alt-svc clear
GET H2	200	/ Show response api.mixpanel.com/track/	1 B 159 B	143ms 139ms	XHR application/json	35.190.25.25 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.mixpanel.com/track/?data=eyJldmVudCI6ICIkaWRlbnRpZnkiLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRicm93c2VyX3ZlcnNpb24iOiAxMDEsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yOS4wIiwidGltZSI6IDE2NTMzMTQ5NTUuNTg0LCJkaXN0aW5jdF9pZCI6ICJ1bmF1dGhlbnRpY2F0ZWR1c2VyIiwiJGRldmljZV9pZCI6ICIxODBmMTQwMjkyYmNmLTA0NzFjODA3Njg0YzI2LTE3MzMzMjcwLTFkNGMwMC0xODBmMTQwMjkyYzg5NiIsIiR1c2VyX2lkIjogInVuYXV0aGVudGljYXRlZHVzZXIiLCIkYW5vbl9kaXN0aW5jdF9pZCI6ICIxODBmMTQwMjkyYmNmLTA0NzFjODA3Njg0YzI2LTE3MzMzMjcwLTFkNGMwMC0xODBmMTQwMjkyYzg5NiIsInRva2VuIjogIjlkYmMyMTI0MDNlMWRmZTU3YWE5YWZmNTE4NzI1NzM3In19&ip=0&_=1653314955584 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/html/uix/js/third_party/mixpanel-2.29.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 25.25.190.35.bc.googleusercontent.com Software envoy / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=604800; includeSubDomains via 1.1 google server envoy access-control-allow-headers X-Requested-With date Mon, 23 May 2022 14:09:16 GMT access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://rivcoda.evidence.com access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store access-control-allow-credentials true x-envoy-upstream-service-time 12 alt-svc clear content-length 1
GET H2	200	/ Show response api.mixpanel.com/track/	1 B 72 B	155ms 155ms	XHR application/json	35.190.25.25 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJQYWdlIFZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRicm93c2VyX3ZlcnNpb24iOiAxMDEsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yOS4wIiwidGltZSI6IDE2NTMzMTQ5NTUuNTg4LCJkaXN0aW5jdF9pZCI6ICJ1bmF1dGhlbnRpY2F0ZWR1c2VyIiwiJGRldmljZV9pZCI6ICIxODBmMTQwMjkyYmNmLTA0NzFjODA3Njg0YzI2LTE3MzMzMjcwLTFkNGMwMC0xODBmMTQwMjkyYzg5NiIsIiR1c2VyX2lkIjogInVuYXV0aGVudGljYXRlZHVzZXIiLCJhZ2VuY3kiOiAiUml2ZXJzaWRlIENvdW50eSAoQ0EpIERpc3RyaWN0IEF0dG9ybmV5J3MgT2ZmaWNlIiwiUGFnZSBOYW1lIjogIkVjb21zYWFzIFBhZ2UiLCJ1cmwiOiAiL2luZGV4LmFzcHgiLCJ0b2tlbiI6ICI5ZGJjMjEyNDAzZTFkZmU1N2FhOWFmZjUxODcyNTczNyJ9fQ%3D%3D&ip=0&_=1653314955588 Requested by Host: rivcoda.evidence.com URL: https://rivcoda.evidence.com/html/uix/js/third_party/mixpanel-2.29.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 25.25.190.35.bc.googleusercontent.com Software envoy / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=604800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://rivcoda.evidence.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=604800; includeSubDomains via 1.1 google server envoy access-control-allow-headers X-Requested-With date Mon, 23 May 2022 14:09:16 GMT access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://rivcoda.evidence.com access-control-expose-headers X-MP-CE-Backoff cache-control no-cache, no-store access-control-allow-credentials true x-envoy-upstream-service-time 26 alt-svc clear content-length 1

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| $jscomp function| parseUri function| YUI function| $ function| jQuery object| MapsUtils function| Cluster function| Pin object| libphonenumber object| edcStrings object| App object| BigPipeLoader function| PageLet function| BigPipe function| detectBrowser function| detectOS function| getNodeVersion function| parseUserAgent function| getBrowserRules function| getOperatingSystemRules function| buildRules function| errorMessageBulk function| updateBulkRows function| stringElipse function| getObjectById string| can_search_evidence function| urlDecodeRegex object| YUI_config function| bingMapCallback object| me string| mixpanelToken string| mixpanelEnabled string| MIXPANEL_CUSTOM_LIB_URL boolean| isDebug string| userId string| userIdNoDashes string| agencyName object| mixpanel object| jQuery1100044758291184716636

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.evidence.com/	1970-01-20 12:00:50	Name: mp_9dbc212403e1dfe57aa9aff518725737_mixpanel Value: %7B%22distinct_id%22%3A%20%22unauthenticateduser%22%2C%22%24device_id%22%3A%20%22180f140292bcf-0471c807684c26-17333270-1d4c00-180f140292c896%22%2C%22%24user_id%22%3A%20%22unauthenticateduser%22%2C%22agency%22%3A%20%22Riverside%20County%20(CA)%20District%20Attorney's%20Office%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rivcoda.evidence.com/api/v1/session Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
rivcoda.evidence.com
35.190.25.25
52.227.180.79
131dff2e137fdb8d03831b9e5fe894f947d4831707cf251be2281693adb9e146
158726c4c6bb77d3a4a5cba9434ade14fd17085040e562cd9a5732797e6c3ef4
24907881de870b609fdfa28f0558a3d9bc60f6ee2ea0e08d9f7b1372f559d594
317653b1c52cff4aa7ef544abd26c94f01aa7b15c77d964bd3cd1cd77a720404
5bb76d89ff3d286302793b7caf27f308deb428cabf18a21b83917d0f22bf2299
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
64bef2eb1dfb1a542d93a8150bbc01eff2fc58944b13ff23398c409f86fec172
6770ade0310c58d8f50b0ea4cbe2c64cd4df6e6251bb8d0212243cff16a29a49
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e57aa4857b3827223e6ed182d9485c1f29b2384bdf3d56bfd63db541db35deb
97c69dd66fc8dd45a5bc3933cb1f4c30eb3009bce3be6b6e835f04490dea8965
b4a6cec4cc2373263945537e560ec2bd443f7fe513424e976c2b4534d85f0d3f
d3305af627a7693f502fe4aa04fdcc16878cff90824e27309ec62e866c26014d
d6cb9e8939644239692f8b992661eec4e97b7a99089f3421376172828f8ec01f
da31bcecbc2f4423deb7424f1fcf10c852729b71e6053ec41e19065b300c17bb
de27d233736d66665e51fbf61fbdc88e63370860d68dfc1b5fda1caa487ead10
f49b17f5ffc32e19e34f9baeea34205c4cad1887585755ded718f44cc0c48c34