urlscan.io logo urlscan.io
SecurityTrails logo

idp.gvfv.clareitysecurity.net Open in urlscan Pro
128.136.113.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bcres.paragonrels.com/
Effective URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Submission: On May 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 128.136.113.125, located in Lebanon, United States and belongs to PEAK10 - Peak 10, US. The main domain is idp.gvfv.clareitysecurity.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 3rd 2016. Valid for: 3 years.
This is the only time idp.gvfv.clareitysecurity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 5 208.93.242.164 30305 (LPS-1)
2 4 128.136.113.125 19271 (PEAK10)
11 23.111.9.64 33438 (HIGHWINDS2)
4 45.60.13.52 19551 (INCAPSULA)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 6
5    208.93.242.164 (United States)

ASN30305 (LPS-1 - Black Knight IP Holding Company, LLC, US)
PTR: p130.paragonrels.com
bcres.paragonrels.com
4    128.136.113.125 (Lebanon, United States)

ASN19271 (PEAK10 - Peak 10, US)
idp.gvfv.clareitysecurity.net
11    23.111.9.64 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.clareitysecurity.net
4    45.60.13.52 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
collector.clareity.net
5    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
11 cdn.clareitysecurity.net idp.gvfv.clareitysecurity.net
cdn.clareitysecurity.net
5 www.google-analytics.com 1 redirects cdn.clareitysecurity.net
idp.gvfv.clareitysecurity.net
5 bcres.paragonrels.com 5 redirects
4 collector.clareity.net idp.gvfv.clareitysecurity.net
collector.clareity.net
4 idp.gvfv.clareitysecurity.net 2 redirects idp.gvfv.clareitysecurity.net
1 stats.g.doubleclick.net idp.gvfv.clareitysecurity.net
0 notices.rebgv.org Failed idp.gvfv.clareitysecurity.net
24 7

This site contains links to these domains. Also see Links.

Domain
www.mlslink.ca
safeaccess.gvfv.clareitysecurity.net
www.google.com
Subject Issuer Validity Valid
*.gvfv.clareitysecurity.net
Go Daddy Secure Certificate Authority - G2		 2016-10-03 -
2019-08-05		 3 years crt.sh
cdn.clareitysecurity.net
Go Daddy Secure Certificate Authority - G2		 2018-05-01 -
2020-05-01		 2 years crt.sh
*.clareity.net
Go Daddy Secure Certificate Authority - G2		 2017-02-01 -
2020-02-01		 3 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Frame ID: 6DDF1A060FE73FA344B593D307F3BA91
Requests: 20 HTTP requests in this frame

Frame: https://notices.rebgv.org/
Frame ID: 6FA4FB6C74A8428F9B8FAFE55C41CC8D
Requests: 1 HTTP requests in this frame

Frame: https://idp.gvfv.clareitysecurity.net/idp/server.jsp
Frame ID: 2FCF8DB9B7D071816D471B9524DB41C6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bcres.paragonrels.com/ HTTP 302
    http://bcres.paragonrels.com/ParagonLS HTTP 302
    http://bcres.paragonrels.com/ParagonLS/Default.mvc/Login HTTP 302
    https://bcres.paragonrels.com/ParagonLS/Default.mvc/Login HTTP 302
    https://bcres.paragonrels.com/ParagonLS/SSO/Requestor.mvc/Index/26b4b6d2-872b-4f30-bc8f-84db0743eba8/False HTTP 302
    https://idp.gvfv.clareitysecurity.net/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZHLTsMwEEV%2FJfI%2BcZ59WEmkigqpU... HTTP 302
    https://idp.gvfv.clareitysecurity.net/idp/AuthnEngine HTTP 302
    https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Apache-Coyote(\/1\.1)?/i
Overall confidence: 100%
Detected patterns
  • headers server /Apache-Coyote(\/1\.1)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

24
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

280 kB
Transfer

482 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bcres.paragonrels.com/ HTTP 302
    http://bcres.paragonrels.com/ParagonLS HTTP 302
    http://bcres.paragonrels.com/ParagonLS/Default.mvc/Login HTTP 302
    https://bcres.paragonrels.com/ParagonLS/Default.mvc/Login HTTP 302
    https://bcres.paragonrels.com/ParagonLS/SSO/Requestor.mvc/Index/26b4b6d2-872b-4f30-bc8f-84db0743eba8/False HTTP 302
    https://idp.gvfv.clareitysecurity.net/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZHLTsMwEEV%2FJfI%2BcZ59WEmkigqpUhFVAyzYIONMWkuOHTxOBH9Pkgoom66smfH1PXOdI29Vxza9O%2BsjfPSAztttC%2FLWLJtkGaeNn8Qr7qc8XPqraA1%2BKkSaRRlf1FlEvBewKI0uSByExNsh9rDT6Lh2YyuM1n6Y%2BdHiKUxYnLIweSXednSQmrtZdXauQ0aprLvgNDRDIBS3IN0XgujteAYa3DSlnTWNVECrzcM%2BpkeopQXhaFU9Eu%2FeWAHzBgVpuEKYSA4cUQ7w29kggp1c74zGvgVbgR2kgOfj%2Fo%2FjXVjAoOOWn4y2oDAQpqWHS72vKKKhZ65rBTZoB0G8z1ZpZHOGBemtZoajRKZ5C8icYBMuG7NhI78zwihS5tNtNkdlr%2FS35fyHnpQ3WXN69Xp5qf7%2FbvkN&RelayState=26b4b6d2-872b-4f30-bc8f-84db0743eba8 HTTP 302
    https://idp.gvfv.clareitysecurity.net/idp/AuthnEngine HTTP 302
    https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1640987043&t=pageview&_s=1&dl=https%3A%2F%2Fidp.gvfv.clareitysecurity.net%2Fidp%2FAuthn%2FUserPassword&ul=en-us&de=windows-1252&dt=MLSLink%20SafeAccess%C2%AE%20Login%20Page&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&_u=YEDAAUAB~&jid=210918677&gjid=226078656&cid=1509671060.1557977046&tid=UA-45101381-2&_gid=1775004735.1557977046&_r=1&z=1140448334 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1509671060.1557977046&jid=210918677&_gid=1775004735.1557977046&gjid=226078656&_v=j75&z=1140448334

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set UserPassword
idp.gvfv.clareitysecurity.net/idp/Authn/
Redirect Chain
  • http://bcres.paragonrels.com/
  • http://bcres.paragonrels.com/ParagonLS
  • http://bcres.paragonrels.com/ParagonLS/Default.mvc/Login
  • https://bcres.paragonrels.com/ParagonLS/Default.mvc/Login
  • https://bcres.paragonrels.com/ParagonLS/SSO/Requestor.mvc/Index/26b4b6d2-872b-4f30-bc8f-84db0743eba8/False
  • https://idp.gvfv.clareitysecurity.net/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZHLTsMwEEV%2FJfI%2BcZ59WEmkigqpUhFVAyzYIONMWkuOHTxOBH9Pkgoom66smfH1PXOdI29Vxza9O%2BsjfPSAztttC%2FLWLJtkGaeNn8Qr7qc8...
  • https://idp.gvfv.clareitysecurity.net/idp/AuthnEngine
  • https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.136.113.125 Lebanon, United States, ASN19271 (PEAK10 - Peak 10, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8aa3e90805fc1dfe15b250af0a7f19dea56fde841ee2ed27fa491444af3054e1

Request headers

Host
idp.gvfv.clareitysecurity.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=C4B934DA3CD9B995A9D6D822C5DEF05A; _idp_authn_lc_key=cef070738a3be713abf2b4e5bada72c744c8891897008856131e9e8835ffc321; clareity_LB_session=1863061676.14153.0000; clareitysecurity-did=30e3f221585cb76dfb3415de93a82969b2562f2f; clareitysecurity-tid=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
Apache-Coyote/1.1
Expires
0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
X-UA-Compatible
IE=edge
P3P
CP="CAO PSA OUR"
Content-Type
text/html;charset=ISO-8859-1
Content-Length
3982
Date
Thu, 16 May 2019 03:24:04 GMT
Set-Cookie
clareity_LB_session=1863061676.14153.0000; expires=Thu, 16-May-2019 03:54:05 GMT; path=/; Httponly; Secure

Redirect headers

Server
Apache-Coyote/1.1
Expires
0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
X-UA-Compatible
IE=edge
P3P
CP="CAO PSA OUR"
Set-Cookie
clareitysecurity-did=30e3f221585cb76dfb3415de93a82969b2562f2f; Version=1; Domain=.clareitysecurity.net; Max-Age=7776000; Expires=Wed, 14-Aug-2019 03:24:05 GMT; Path=/ clareitysecurity-tid=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4; Version=1; Domain=.clareitysecurity.net; Path=/ clareity_LB_session=1863061676.14153.0000; expires=Thu, 16-May-2019 03:54:05 GMT; path=/; Httponly; Secure
Location
https://idp.gvfv.clareitysecurity.net:443/idp/Authn/UserPassword
Content-Length
0
Date
Thu, 16 May 2019 03:24:04 GMT
gvfv.css
cdn.clareitysecurity.net/sys/gvfv/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/gvfv.css
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
27925efc6299208dcb7045e0d06a56e9771139c1b521bf6069967b72859e6e2c

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
last-modified
Wed, 03 Apr 2019 23:30:24 GMT
x-cdn
Incapsula
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
etag
W/"9241-1554334224000"
x-cache
HIT
content-type
text/css
status
200
x-iinfo
11-74226848-74226884 NNNN CT(0 0 0) RT(1556051080270 197) q(0 0 0 -1) r(1 1) U5
content-encoding
gzip
link
<https://cdn.clareity.net/sys/gvfv/gvfv.css>; rel="canonical"
alt-svc
clear
server
NetDNA-cache/2.2
jquery.min.js
cdn.clareitysecurity.net/js/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/js/jquery.min.js
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9de5950e705f78d02ae70cc5ee55ee333562d8ec083384f64e8d4a401a809e7a

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
last-modified
Wed, 03 Apr 2019 23:14:10 GMT
x-cdn
Incapsula
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
etag
W/"93061-1554333250000"
x-cache
HIT
content-type
application/javascript
status
200
x-iinfo
11-4846308-4846346 NNNN CT(0 0 0) RT(1556128959348 190) q(0 0 0 -1) r(0 0) U5
content-encoding
gzip
link
<https://cdn.clareity.net/js/jquery.min.js>; rel="canonical"
alt-svc
clear
server
NetDNA-cache/2.2
loginxkd-dd-2.9.min.js
cdn.clareitysecurity.net/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/js/loginxkd-dd-2.9.min.js
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5d789875736d1c75ad3e52fab855d462f96d5216cc1e3aab205c63163197ec47

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
last-modified
Wed, 03 Apr 2019 23:14:10 GMT
x-cdn
Incapsula
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
etag
W/"41475-1554333250000"
x-cache
HIT
content-type
application/javascript
status
200
x-iinfo
10-54227995-54228048 NNNN CT(0 0 0) RT(1556631860394 205) q(0 1 1 -1) r(1 1) U5
content-encoding
gzip
link
<https://cdn.clareity.net/js/loginxkd-dd-2.9.min.js>; rel="canonical"
alt-svc
clear
server
NetDNA-cache/2.2
1557977045208
collector.clareity.net/kdl/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.clareity.net/kdl/1557977045208?trxId=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4&deviceId=30e3f221585cb76dfb3415de93a82969b2562f2f&systemName=gvfv&toc=1557977045208
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
1bb337c957a5b8204520b34fee60ccad92957a525c6a5b955abf0339be339a03

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:04 GMT
via
1.1 google
content-type
text/javascript;charset=ISO-8859-1
server
Apache-Coyote/1.1
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
4-139010853-139010854 NNNN CT(2 4 0) RT(1557977044863 0) q(0 0 0 0) r(2 2) U5
content-encoding
gzip
alt-svc
clear
x-cdn
Incapsula
googletrack.js
cdn.clareitysecurity.net/sys/gvfv/ 		759 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/googletrack.js
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d2fdc5eef4b8b295abdec0722f143bfbf0892b1af31541517c13dd858cf75e72

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
last-modified
Wed, 03 Apr 2019 23:30:24 GMT
x-cdn
Incapsula
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
etag
W/"759-1554334224000"
x-cache
HIT
content-type
application/javascript
status
200
x-iinfo
2-30244714-30244728 NNNN CT(1 1 0) RT(1556051080269 191) q(0 0 0 -1) r(1 1) U5
content-encoding
gzip
link
<https://cdn.clareity.net/sys/gvfv/googletrack.js>; rel="canonical"
alt-svc
clear
server
NetDNA-cache/2.2
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/sys/gvfv/googletrack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
5829
date
Thu, 16 May 2019 01:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Thu, 16 May 2019 03:46:56 GMT
/
notices.rebgv.org/ Frame 6FA4 		0
0
banner_tile.gif
cdn.clareitysecurity.net/sys/gvfv/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/banner_tile.gif
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c319f5abde8e3e6917c169a6374bc4814c8e0ccb6c30385dd89d5291fb1e0b92

Request headers

Referer
https://cdn.clareitysecurity.net/sys/gvfv/gvfv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
x-cdn
Incapsula
x-cache
HIT
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
12-9593563-9593605 NNNN CT(1 1 0) RT(1556750794560 189) q(0 0 0 -1) r(1 1) U5
alt-svc
clear
content-length
7016
last-modified
Wed, 03 Apr 2019 23:30:24 GMT
server
NetDNA-cache/2.2
etag
W/"7016-1554334224000"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
link
<https://cdn.clareity.net/sys/gvfv/banner_tile.gif>; rel="canonical"
banner_logoPNG.png
cdn.clareitysecurity.net/sys/gvfv/ 		0
0
pic_placeholder.jpg
cdn.clareitysecurity.net/sys/gvfv/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/pic_placeholder.jpg
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fccd1b7a5ff153e2121bb15adf478183c2abd7177e7b8602ff4d305d9b6d066a

Request headers

Referer
https://cdn.clareitysecurity.net/sys/gvfv/gvfv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
x-cdn
Incapsula
x-cache
HIT
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
3-58325570-58325586 NNNN CT(0 0 0) RT(1557350084872 189) q(0 0 0 -1) r(0 0) U5
alt-svc
clear
content-length
124130
last-modified
Wed, 03 Apr 2019 23:14:17 GMT
server
NetDNA-cache/2.2
etag
W/"124130-1554333257000"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
link
<https://cdn.clareity.net/sys/gvfv/pic_placeholder.jpg>; rel="canonical"
gradation_tile.gif
cdn.clareitysecurity.net/sys/gvfv/ 		357 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/gradation_tile.gif
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
48369a60045f574542cbc481288be01fb29bba10477fb4dd702f432e74c7d62a

Request headers

Referer
https://cdn.clareitysecurity.net/sys/gvfv/gvfv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
x-cdn
Incapsula
x-cache
HIT
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
14-178539212-178539253 NNNN CT(0 0 0) RT(1557350084817 249) q(0 0 0 -1) r(1 1) U5
alt-svc
clear
content-length
357
last-modified
Wed, 03 Apr 2019 23:14:17 GMT
server
NetDNA-cache/2.2
etag
W/"357-1554333257000"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
link
<https://cdn.clareity.net/sys/gvfv/gradation_tile.gif>; rel="canonical"
footer_tile.gif
cdn.clareitysecurity.net/sys/gvfv/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/footer_tile.gif
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8e8f6ebba8774a856ecc2626166f0d5d414e20e1cf08065b9b2d17038486cfb2

Request headers

Referer
https://cdn.clareitysecurity.net/sys/gvfv/gvfv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
x-cdn
Incapsula
x-cache
HIT
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
5-99237557-99237586 NNNN CT(0 0 0) RT(1557350084877 201) q(0 0 0 -1) r(1 1) U5
alt-svc
clear
content-length
5229
last-modified
Wed, 03 Apr 2019 23:14:17 GMT
server
NetDNA-cache/2.2
etag
W/"5229-1554333257000"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
link
<https://cdn.clareity.net/sys/gvfv/footer_tile.gif>; rel="canonical"
Cookie set server.jsp
idp.gvfv.clareitysecurity.net/idp/ Frame 2FCF 		649 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idp.gvfv.clareitysecurity.net/idp/server.jsp
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.136.113.125 Lebanon, United States, ASN19271 (PEAK10 - Peak 10, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d0cba66d7c0f91a8f4ac809b78fb872f380937d888b51b7bbfe3a8b92b902d64

Request headers

Host
idp.gvfv.clareitysecurity.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=C4B934DA3CD9B995A9D6D822C5DEF05A; _idp_authn_lc_key=cef070738a3be713abf2b4e5bada72c744c8891897008856131e9e8835ffc321; clareity_LB_session=1863061676.14153.0000; clareitysecurity-did=30e3f221585cb76dfb3415de93a82969b2562f2f; clareitysecurity-tid=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword

Response headers

Server
Apache-Coyote/1.1
Expires
0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
X-UA-Compatible
IE=edge
P3P
CP="CAO PSA OUR"
Content-Type
text/html;charset=ISO-8859-1
Content-Length
649
Date
Thu, 16 May 2019 03:24:04 GMT
Set-Cookie
clareity_LB_session=1863061676.14153.0000; expires=Thu, 16-May-2019 03:54:05 GMT; path=/; Httponly; Secure
box_shadow.jpg
cdn.clareitysecurity.net/sys/gvfv/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clareitysecurity.net/sys/gvfv/box_shadow.jpg
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5accaf0e79344967e295b659df72221ab1bd26d6d7c32ff2e668c3252e13fe9f

Request headers

Referer
https://cdn.clareitysecurity.net/sys/gvfv/gvfv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
x-cdn
Incapsula
x-cache
HIT
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
4-73956466-73956487 NNNN CT(0 0 0) RT(1557350084881 193) q(0 0 0 -1) r(1 1) U5
alt-svc
clear
content-length
17776
last-modified
Wed, 03 Apr 2019 23:14:17 GMT
server
NetDNA-cache/2.2
etag
W/"17776-1554333257000"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
link
<https://cdn.clareity.net/sys/gvfv/box_shadow.jpg>; rel="canonical"
jquery-ui.min.js
cdn.clareitysecurity.net/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/js/jquery-ui.min.js?_=1557977045527
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
15cc6fc3f739fa8573e2785f1f6af0cff8cebd1118a4b4f11df63d0f51c3bb64

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:06 GMT
via
1.1 google
last-modified
Wed, 03 Apr 2019 23:30:18 GMT
x-cdn
Incapsula
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
etag
W/"87902-1554334218000"
x-cache
MISS
content-type
application/javascript
status
200
x-iinfo
3-30617864-30617880 NNNN CT(0 4 0) RT(1557977045064 193) q(0 0 0 -1) r(1 1) U5
content-encoding
gzip
link
<https://cdn.clareity.net/js/jquery-ui.min.js>; rel="canonical"
alt-svc
clear
server
NetDNA-cache/2.2
jquery-ui.min.css
cdn.clareitysecurity.net/css/ 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clareitysecurity.net/css/jquery-ui.min.css
Requested by
Host: cdn.clareitysecurity.net
URL: https://cdn.clareitysecurity.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5265f71403a318cdbeb0c4ec01dbba2f00fbc8f046b0a79e40e8abe675b398ce

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
last-modified
Wed, 03 Apr 2019 23:12:42 GMT
x-cdn
Incapsula
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
etag
W/"30585-1554333162000"
x-cache
HIT
content-type
text/css
status
200
x-iinfo
13-9757132-9757192 NNNN CT(1 1 0) RT(1556138105289 190) q(0 0 0 -1) r(1 1) U5
content-encoding
gzip
link
<https://cdn.clareity.net/css/jquery-ui.min.css>; rel="canonical"
alt-svc
clear
server
NetDNA-cache/2.2
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1640987043&t=pageview&_s=1&dl=https%3A%2F%2Fidp.gvfv.clareitysecurity.net%2Fidp%2FAuthn%2FUserPassword&ul=en-us&de=windows-1252&dt=MLSLink%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1509671060.1557977046&jid=210918677&_gid=1775004735.1557977046&gjid=226078656&_v=j75&z=1140448334
35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1509671060.1557977046&jid=210918677&_gid=1775004735.1557977046&gjid=226078656&_v=j75&z=1140448334
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 16 May 2019 03:24:05 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 May 2019 03:24:05 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45101381-2&cid=1509671060.1557977046&jid=210918677&_gid=1775004735.1557977046&gjid=226078656&_v=j75&z=1140448334
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1640987043&t=pageview&_s=1&dl=https%3A%2F%2Fidp.gvfv.clareitysecurity.net%2Fidp%2FAuthn%2FUserPassword&ul=en-us&de=windows-1252&dt=MLSLink%20SafeAccess%C2%AE%20Login%20Page&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&_u=YEDAAUAB~&jid=777883487&gjid=1392517600&cid=1509671060.1557977046&tid=UA-39826640-8&_gid=1775004735.1557977046&_r=1&z=917675550
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 03:24:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j75&a=1640987043&t=pageview&_s=1&dl=https%3A%2F%2Fidp.gvfv.clareitysecurity.net%2Fidp%2FAuthn%2FUserPassword&ul=en-us&de=windows-1252&dt=MLSLink%20SafeAccess%C2%AE%20Login%20Page&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&_u=YEDAAUAB~&jid=156457192&gjid=897601503&cid=1509671060.1557977046&tid=UA-5148236-25&_gid=1775004735.1557977046&_r=1&z=157922225
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 03:24:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1557977045751
collector.clareity.net/LoginId/ Frame 2FCF 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.clareity.net/LoginId/1557977045751?trxId=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4&deviceId=30e3f221585cb76dfb3415de93a82969b2562f2f&systemName=gvfv&toc=1557977045751
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/server.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
20bd8d3140c933ce59a87d0ca1829ce2647b29421b88cdf8b1b815223d02a94c

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
content-type
text/javascript;charset=ISO-8859-1
server
Apache-Coyote/1.1
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
4-139010902-139010854 PNNN RT(1557977045220 0) q(0 0 0 -1) r(1 1) U5
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
alt-svc
clear
x-cdn
Incapsula
expires
Thu, 01 Jan 1970 00:00:00 GMT
1557977045902
collector.clareity.net/Collector/ Frame 2FCF 		0
92 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.clareity.net/Collector/1557977045902?team=nguage&trxId=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4&deviceId=30e3f221585cb76dfb3415de93a82969b2562f2f&systemName=gvfv&data={%22resolution%22:%221600x1200%22,%20%22userAgent%22:%22Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/67.0.3396.87%20Safari/537.36%22,%20%22language%22:%22en-US%22,%20%22timezone%22:%220%22,%20%22platform%22:%22Linux%20x86_64%22,%20%22db0%22:%22true%22,%20%22db1%22:%22undefined%22,%20%22plugins%22:%22%22,%20%22canvas%22:%22none%22%20}
Requested by
Host: collector.clareity.net
URL: https://collector.clareity.net/LoginId/1557977045751?trxId=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4&deviceId=30e3f221585cb76dfb3415de93a82969b2562f2f&systemName=gvfv&toc=1557977045751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
4-139010934-139010854 PNNN RT(1557977045399 0) q(0 1 1 -1) r(2 2) U5
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-type
text/javascript
alt-svc
clear
content-length
0
x-cdn
Incapsula
expires
Thu, 01 Jan 1970 00:00:00 GMT
1557977045902
collector.clareity.net/Collector/ Frame 2FCF 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.clareity.net/Collector/1557977045902?team=geo&trxId=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4&deviceId=30e3f221585cb76dfb3415de93a82969b2562f2f&systemName=gvfv&data={%22geoerror%22:%221%20%28User%20denied%20Geolocation%29%22%20}
Requested by
Host: collector.clareity.net
URL: https://collector.clareity.net/LoginId/1557977045751?trxId=f5a88ec9dfa13f70da4f26302f48d4ecf42925a4&deviceId=30e3f221585cb76dfb3415de93a82969b2562f2f&systemName=gvfv&toc=1557977045751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.52 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/server.jsp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2019 03:24:05 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="CAO PSA OUR"
status
200
x-iinfo
4-139010935-139010936 NNNN CT(0 0 0) RT(1557977045403 0) q(0 0 0 -1) r(1 1) U5
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-type
text/javascript
alt-svc
clear
content-length
0
x-cdn
Incapsula
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j75&a=1640987043&t=event&_s=2&dl=https%3A%2F%2Fidp.gvfv.clareitysecurity.net%2Fidp%2FAuthn%2FUserPassword&ul=en-us&de=windows-1252&dt=MLSLink%20SafeAccess%C2%AE%20Login%20Page&sd=24-bit&sr=1600x1200&vp=1600x1185&je=0&ec=KD%20Script&ea=Loaded&el=madKD2.2.min.js&_u=aEDAAUAB~&jid=&gjid=&cid=1509671060.1557977046&tid=UA-45101381-2&_gid=1775004735.1557977046&z=823287758
Requested by
Host: idp.gvfv.clareitysecurity.net
URL: https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://idp.gvfv.clareitysecurity.net/idp/Authn/UserPassword
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 03:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5875473
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02324fbade97fbc223834e6afa838dc1e01185bd0393f8e26e084834b512ae69

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
notices.rebgv.org
URL
https://notices.rebgv.org/
Domain
cdn.clareitysecurity.net
URL
https://cdn.clareitysecurity.net/sys/gvfv/banner_logoPNG.png

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery string| url boolean| isOnQA boolean| alertMe undefined| debugit boolean| ie8 function| isIE string| requiredKd string| idpurl string| cdnUrl string| jQueryUiUrl string| jQueryUiCssUrl string| ie8CssUrl string| inputs string| pleasewait string| loginTypeVal string| loginTypeMsg string| failureMsgId string| failMsg string| logincssMsg string| logoMsg string| loginbtnMsg string| loginXkdMsg string| loginformMsg string| warnalert number| keyedChars boolean| isChrome object| loginXkdId string| loginXkdUrl undefined| oldbrowserWarnData undefined| oldbrowserUrlData undefined| setFocus undefined| inputAutoData undefined| disablePageData undefined| backSpaceClearData undefined| savePwdData undefined| fakeSafariPwdData undefined| fakeChromePwdData undefined| fontIconsData undefined| redirectUrlData undefined| idpTimeoutData undefined| secondsLeftData undefined| sessionWarnData undefined| loadingData undefined| collectorIcon undefined| kdIconData boolean| oldie function| cdnCheck string| googleTrackMsg string| googleJsUrlMsg string| googleJsUrlCdnMsg string| mlsgooglecode boolean| trackit function| googleCheck string| forgotPwdUrlMsg string| changePwdUrlMsg function| passLinks string| setFocusMsg object| usernameInput function| setInputFocus string| inputAutoMsg boolean| autocomp function| autoComplete string| disablePageMsg string| disablePageDiv boolean| disablepage string| backSpaceClearMsg boolean| backspace function| backspaceClear string| savePwdMsg boolean| savepassword string| fakeSafariPwdMsg boolean| fakepwdadded boolean| fakepwd function| fakeSafariPwd string| fakeChromePwdMsg function| fakeChromePwd string| fontIconsUrl string| fontIconsMsg boolean| fontawesome function| iconsFonts string| redirectUrl string| redirectUrlMsg number| idpTimeout string| idpTimeoutMsg number| secondsLeft string| secondsLeftMsg string| sessionWarnMsg boolean| sessionWarnMe string| sessionDialogHtml function| sessionPop function| runSessionDialog object| assocDropdownId object| assocDropdownRememberJsId undefined| assocDropdownRememberJsUrl string| assocDropdownRememberJsMsg string| assocDropdownMsg string| assocDropdownCookieMsg boolean| assocDrop object| assocDropdownCookie function| checkDropDown function| setDropDown function| saveDropdown function| inputCheck object| loadingId string| loadingMsg object| loginFormId string| loginFormMsg function| showInputs string| checkBootStrapMsg boolean| useboostrap function| checkBootStrap string| ssoTypeMsg function| ssoType function| basicLogin function| doLogin function| keyPress function| submitLoginForm object| collectIframe string| collectorMsg string| collectorIconMsg boolean| collectorchecker function| checkCollector function| collecterSet boolean| docollect function| collectObjectCheck object| kdCollecterId string| kdCollecterMsg string| kdIconMsg boolean| didkdload function| loginKd string| qaDialogHtml function| runQaDialog function| qaDialog boolean| fakechromepwdadded boolean| fakechromepwd function| initCallback_3xkd function| validCallback_3xkd function| kdFailed_3xkd object| CLAREITY object| _0xb3d3 object| b64 object| _0x6bf2 function| CLAREITY_KD function| madKD_getVersion function| xkd string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcres.paragonrels.com
cdn.clareitysecurity.net
collector.clareity.net
idp.gvfv.clareitysecurity.net
notices.rebgv.org
stats.g.doubleclick.net
www.google-analytics.com
cdn.clareitysecurity.net
notices.rebgv.org
128.136.113.125
208.93.242.164
23.111.9.64
2a00:1450:4001:825::200e
2a00:1450:400c:c08::9c
45.60.13.52
02324fbade97fbc223834e6afa838dc1e01185bd0393f8e26e084834b512ae69
15cc6fc3f739fa8573e2785f1f6af0cff8cebd1118a4b4f11df63d0f51c3bb64
1bb337c957a5b8204520b34fee60ccad92957a525c6a5b955abf0339be339a03
20bd8d3140c933ce59a87d0ca1829ce2647b29421b88cdf8b1b815223d02a94c
27925efc6299208dcb7045e0d06a56e9771139c1b521bf6069967b72859e6e2c
48369a60045f574542cbc481288be01fb29bba10477fb4dd702f432e74c7d62a
5265f71403a318cdbeb0c4ec01dbba2f00fbc8f046b0a79e40e8abe675b398ce
5accaf0e79344967e295b659df72221ab1bd26d6d7c32ff2e668c3252e13fe9f
5d789875736d1c75ad3e52fab855d462f96d5216cc1e3aab205c63163197ec47
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa3e90805fc1dfe15b250af0a7f19dea56fde841ee2ed27fa491444af3054e1
8e8f6ebba8774a856ecc2626166f0d5d414e20e1cf08065b9b2d17038486cfb2
9de5950e705f78d02ae70cc5ee55ee333562d8ec083384f64e8d4a401a809e7a
c319f5abde8e3e6917c169a6374bc4814c8e0ccb6c30385dd89d5291fb1e0b92
d0cba66d7c0f91a8f4ac809b78fb872f380937d888b51b7bbfe3a8b92b902d64
d2fdc5eef4b8b295abdec0722f143bfbf0892b1af31541517c13dd858cf75e72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fccd1b7a5ff153e2121bb15adf478183c2abd7177e7b8602ff4d305d9b6d066a