civia.com
Open in
urlscan Pro
13.225.195.49
Public Scan
Effective URL: https://civia.com/magic-code?cacheKey=magiccode%3ARGD-KOG-MP3&redirect_to=https%3A%2F%2Fcivia.com%2Fdirectory%3Fu%...
Submission: On January 04 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on October 3rd 2023. Valid for: a year.
This is the only time civia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 13.225.195.49 13.225.195.49 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 104.21.234.234 104.21.234.234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 18.244.202.83 18.244.202.83 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-49.yul62.r.cloudfront.net
civia.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-202-83.atl58.r.cloudfront.net
assets.civia.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
civia.com
1 redirects
civia.com assets.civia.com |
413 KB |
2 |
rsms.me
rsms.me — Cisco Umbrella Rank: 21908 |
340 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
3 | civia.com |
1 redirects
civia.com
|
2 | assets.civia.com |
civia.com
|
2 | rsms.me |
civia.com
rsms.me |
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
civia.com Amazon RSA 2048 M02 |
2023-10-03 - 2024-10-31 |
a year | crt.sh |
rsms.me E1 |
2023-12-29 - 2024-03-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://civia.com/magic-code?cacheKey=magiccode%3ARGD-KOG-MP3&redirect_to=https%3A%2F%2Fcivia.com%2Fdirectory%3Fu%3D58471
Frame ID: FBB5BECFEF93ACA468F0D0F8BC83BF7F
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Civia: Organizing Public Sector People & KnowledgePage URL History Show full URLs
-
https://civia.com/directory?u=58471&n=RGD-KOG-MP3
HTTP 302
https://civia.com/magic-code?cacheKey=magiccode%3ARGD-KOG-MP3&redirect_to=https%3A%2F%2Fcivia.... Page URL
Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
Livewire (Web frameworks) Expand
Detected patterns
- livewire(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://civia.com/directory?u=58471&n=RGD-KOG-MP3
HTTP 302
https://civia.com/magic-code?cacheKey=magiccode%3ARGD-KOG-MP3&redirect_to=https%3A%2F%2Fcivia.com%2Fdirectory%3Fu%3D58471 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
magic-code
civia.com/ Redirect Chain
|
7 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.css
rsms.me/inter/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.91d99f58.css
assets.civia.com/02fb5b5b-2ebd-4989-b8ea-ca123782c9c8/build/assets/ |
108 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.a6e09251.js
assets.civia.com/02fb5b5b-2ebd-4989-b8ea-ca123782c9c8/build/assets/ |
253 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
livewire.js
civia.com/livewire/ |
312 KB 313 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
InterVariable.woff2
rsms.me/inter/font-files/ |
337 KB 338 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| Livewire object| Alpine function| Pusher function| _ function| axios object| Echo object| Turbo2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
civia.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IjdYRVJQVk5wYVd0cVArQWphYjVTS3c9PSIsInZhbHVlIjoiTU5kYXZWWW1nR0JCSUUvMktsamVtZThRYVRJUDF3ZFJIT2VsUHpjaVhFdVRvcHFDWVR3SlpZVnl3NjBBdTRhS29GK3R2OUxQTDJQYVUrWmYrd0lXRVhhU1NMTlZLd0lCL1VTWU9wb2xhLyt3SExXK2ZPNjMyVXEzeS9uQlpla1UiLCJtYWMiOiJkN2VjNWFlY2NjNzIxMWEwNDVlMDFhYmY3MWMyMjZlNWM0NWY4MTZmYjAwMmU2ODllZDA2ODAzMTE4NDcwNGQ4IiwidGFnIjoiIn0%3D |
|
civia.com/ | Name: laravel_session Value: eyJpdiI6IkNIY1pUUUN3b2NXMnFKTklpNkFOL2c9PSIsInZhbHVlIjoiYkZNSGFrZmxFZWdrUDVqVW9ncUh4cGFZR3B3OWdJZFZXYkxaa2tJbG9sakRJOEZrMWd4S25rcWVaTHo4UWxRNCtsblpXQU9Md3U3ZGNRWmZlLzNSTmlwVC84S1JFdjVUT2JNQUxsaEo5a2hucWZhR3NJTmZESVBCUWdUUW43WnQiLCJtYWMiOiJjMTQ5MzIwYzZmMTNhZTU1ZDRiYjk1MzUyZjliNjFjYzlmYjQwZGI1NWZkZTVhODE2MWFhZDhjMDkyMjQyZmYyIiwidGFnIjoiIn0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | base-uri 'self';connect-src 'self' wss://*.pusher.com api.mapbox.com events.mapbox.com civia-storage.s3.us-east-2.amazonaws.com civia-staging-storage.s3.us-east-2.amazonaws.com app.enzuzo.com/;default-src 'self' assets.civia.com rsms.me civia-storage.s3.us-east-2.amazonaws.com civia-staging-storage.s3.us-east-2.amazonaws.com maxcdn.bootstrapcdn.com/font-awesome/;form-action 'self';img-src 'self' assets.civia.com data: ui-avatars.com civia-storage.s3.us-east-2.amazonaws.com civia-staging-storage.s3.us-east-2.amazonaws.com www.gravatar.com via.placeholder.com;media-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' assets.civia.com api.mapbox.com cdn.jsdelivr.net/simplemde/ cdn.jsdelivr.net/npm/easymde/ unpkg.com/@turf/ cdn.jsdelivr.net/gh/livewire/ app.enzuzo.com/;style-src 'self' 'unsafe-inline' assets.civia.com rsms.me api.mapbox.com cdn.jsdelivr.net/simplemde/ maxcdn.bootstrapcdn.com/font-awesome/ cdn.jsdelivr.net/npm/easymde/ app.enzuzo.com/;worker-src 'self' blob: |
Strict-Transport-Security | max-age=10; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.civia.com
civia.com
rsms.me
104.21.234.234
13.225.195.49
18.244.202.83
30a631d3ecd0ea5b6c8444c6def1c97a58fca031cc260a0509f6235d4c5f8666
39fbde1714b9d75126f3a77783a59becc01f21d7eba21a6b11fa8b0e51ff122d
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8bdca86a33831199b7c674db060a13bcd04260d858d7ef025573ffbd5870bd29
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
91d99f585d733fc9a97f2a5f60e2a3d2bb1fae02929de7f8010757e9e78d3400