gvi3.click1to1.com Open in urlscan Pro
104.130.185.185 Public Scan

URL:
http://gvi3.click1to1.com/
Submission: On March 08 via manual (March 8th 2019, 4:39:07 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 104.130.185.185, located in San Antonio, United States and belongs to RACKSPACE - Rackspace Hosting, US. The main domain is gvi3.click1to1.com.

This is the only time gvi3.click1to1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.130.185.185 104.130.185.185	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1	173.203.147.118 173.203.147.118	27357 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
2 4	50.207.100.10 50.207.100.10	393643 (GLOBUSGVI) (GLOBUSGVI - GlobusFamily)
10	3

7 104.130.185.185 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)

gvi3.click1to1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.203.147.118 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)

gvi.emtoolbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.207.100.10 (Nicholson, United States) 2 redirects

ASN393643 (GLOBUSGVI - GlobusFamily, US)
PTR: 50-207-100-10-static.hfc.comcastbusiness.net

www.globusjourneys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	click1to1.com gvi3.click1to1.com	66 KB
4	globusjourneys.com 2 redirects www.globusjourneys.com	8 KB
1	emtoolbox.com gvi.emtoolbox.com	382 B
10	3

	Domain	Requested by
7	gvi3.click1to1.com	gvi3.click1to1.com
4	www.globusjourneys.com	2 redirects gvi3.click1to1.com
1	gvi.emtoolbox.com	gvi3.click1to1.com
10	3

This site contains no links.

Subject Issuer	Validity	Valid
*.globusfamily.com Trustwave Organization Validation SHA256 CA, Level 1	`2017-07-18` - `2020-07-17`	3 years	crt.sh

This page contains 1 frames:

Primary Page: http://gvi3.click1to1.com/
Frame ID: BDBC07A82779D84B914FF00CAAE364FA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

10
Requests

20 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

74 kB
Transfer

65 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.globusjourneys.com/images/globusathome/vax-logo.jpg HTTP 301
https://www.globusjourneys.com/images/globusathome/vax-logo.jpg

Request Chain 6

http://www.globusjourneys.com/images/globusathome/lisa-pressley.jpg HTTP 301
https://www.globusjourneys.com/images/globusathome/lisa-pressley.jpg

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response gvi3.click1to1.com/	7 KB 8 KB	255ms 150ms	Document text/html	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash `f3d193a774ca89fed71acc5986aa9b7b1583cbef7da7a01025025a17e576b192` Request headers Host gvi3.click1to1.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:50 GMT Server Apache/2.2.3 (CentOS) Set-Cookie CFID=9024596;expires=Sun, 28-Feb-2049 16:38:50 GMT;path=/ CFTOKEN=78379381;expires=Sun, 28-Feb-2049 16:38:50 GMT;path=/ UTC=20190308093850%2D0730;expires=Sun, 28-Feb-2049 16:38:50 GMT;path=/ Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	404 Not Found	lay_0226_043700.css gvi3.click1to1.com/	0 0	194ms 89ms	Stylesheet text/html	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/lay_0226_043700.css Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host gvi3.click1to1.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://gvi3.click1to1.com/ Cookie CFID=9024596; CFTOKEN=78379381; UTC=20190308093850%2D0730 Connection keep-alive Cache-Control no-cache Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:50 GMT Server Apache/2.2.3 (CentOS) Connection close Content-Length 300 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	siteScripts.js Show response gvi3.click1to1.com/jscripts/	24 KB 24 KB	196ms 90ms	Script application/x-javascript	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/jscripts/siteScripts.js Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash `85d94d2100bb4597528b5077c2429eae772bd212f82146cbf6c18ae4354a8763` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host gvi3.click1to1.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://gvi3.click1to1.com/ Cookie CFID=9024596; CFTOKEN=78379381; UTC=20190308093850%2D0730 Connection keep-alive Cache-Control no-cache Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:50 GMT Last-Modified Sat, 22 Oct 2016 19:57:33 GMT Server Apache/2.2.3 (CentOS) ETag "361897-60ea-53f7991c8c540" Content-Type application/x-javascript Connection close Accept-Ranges bytes Content-Length 24810
GET H/1.1	200 OK	milonic_src.js Show response gvi3.click1to1.com/jscripts/JSMenu/	6 KB 6 KB	198ms 92ms	Script application/x-javascript	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/jscripts/JSMenu/milonic_src.js Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash `d2a204f5543c8363daf3eec458f36227f8a0e5f3d081129e5a9935c3d81fd4d9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host gvi3.click1to1.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://gvi3.click1to1.com/ Cookie CFID=9024596; CFTOKEN=78379381; UTC=20190308093850%2D0730 Connection keep-alive Cache-Control no-cache Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:50 GMT Last-Modified Sat, 22 Oct 2016 19:57:34 GMT Server Apache/2.2.3 (CentOS) ETag "361c65-16b5-53f7991d80780" Content-Type application/x-javascript Connection close Accept-Ranges bytes Content-Length 5813
GET H/1.1	404 Not Found	menu_lay_0226_043700.js gvi3.click1to1.com/jscripts/JSMenu/	0 0	199ms 92ms	Script text/html	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/jscripts/JSMenu/menu_lay_0226_043700.js Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host gvi3.click1to1.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://gvi3.click1to1.com/ Cookie CFID=9024596; CFTOKEN=78379381; UTC=20190308093850%2D0730 Connection keep-alive Cache-Control no-cache Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:50 GMT Server Apache/2.2.3 (CentOS) Connection close Content-Length 320 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	arrow1.gif gvi.emtoolbox.com/userfiles/12/2008//	129 B 382 B	317ms 99ms	Image image/gif	173.203.147.118 Rackspace Hosting
General Check archive.org Show headers Download Go to Show image Full URL http://gvi.emtoolbox.com/userfiles/12/2008//arrow1.gif Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 173.203.147.118 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash `94b028d7202d013c503a59c9871f78fcd88fba923cd4abcca2ee0adbd20c929a` Request headers Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:51 GMT Last-Modified Mon, 30 Mar 2009 20:58:00 GMT Server Apache/2.2.3 (CentOS) ETag "2f076c-81-4665c566f4600" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 129
GET H/1.1	404 Not Found	vax-logo.jpg www.globusjourneys.com/images/globusathome/ Redirect Chain http://www.globusjourneys.com/images/globusathome/vax-logo.jpg https://www.globusjourneys.com/images/globusathome/vax-logo.jpg	0 4 KB	622ms 191ms	Image text/html	50.207.100.10 GlobusFamily
General Check archive.org Show headers Download Go to Show image Full URL https://www.globusjourneys.com/images/globusathome/vax-logo.jpg Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 50.207.100.10 Nicholson, United States, ASN393643 (GLOBUSGVI - GlobusFamily, US), Reverse DNS 50-207-100-10-static.hfc.comcastbusiness.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Redirect headers Connection close Location https://www.globusjourneys.com/images/globusathome/vax-logo.jpg Content-Type text/html
GET H/1.1	404 Not Found	lisa-pressley.jpg www.globusjourneys.com/images/globusathome/ Redirect Chain http://www.globusjourneys.com/images/globusathome/lisa-pressley.jpg https://www.globusjourneys.com/images/globusathome/lisa-pressley.jpg	0 4 KB	603ms 188ms	Image text/html	50.207.100.10 GlobusFamily
General Check archive.org Show headers Download Go to Show image Full URL https://www.globusjourneys.com/images/globusathome/lisa-pressley.jpg Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 50.207.100.10 Nicholson, United States, ASN393643 (GLOBUSGVI - GlobusFamily, US), Reverse DNS 50-207-100-10-static.hfc.comcastbusiness.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Redirect headers Connection close Location https://www.globusjourneys.com/images/globusathome/lisa-pressley.jpg Content-Type text/html
GET H/1.1	200 OK	mmenudom.js Show response gvi3.click1to1.com/jscripts/JSMenu/	28 KB 28 KB	300ms 97ms	Script application/x-javascript	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/jscripts/JSMenu/mmenudom.js Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash `e4f2df2a97c85ea4a5407f4f2aeb5ae9254e0b3972acdbbcde6c2c1915796dcf` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host gvi3.click1to1.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://gvi3.click1to1.com/ Cookie CFID=9024596; CFTOKEN=78379381; UTC=20190308093850%2D0730 Connection keep-alive Cache-Control no-cache Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:51 GMT Last-Modified Sat, 22 Oct 2016 19:57:34 GMT Server Apache/2.2.3 (CentOS) ETag "361c8f-6e33-53f7991d80780" Content-Type application/x-javascript Connection close Accept-Ranges bytes Content-Length 28211
GET H/1.1	404 Not Found	menu_lay_0226_043700.js gvi3.click1to1.com/jscripts/JSMenu/	0 0	289ms 92ms	Script text/html	104.130.185.185 Rackspace Hosting
General Check archive.org Show headers Download Go to Full URL http://gvi3.click1to1.com/jscripts/JSMenu/menu_lay_0226_043700.js Requested by Host: gvi3.click1to1.com URL: http://gvi3.click1to1.com/ Protocol HTTP/1.1 Server 104.130.185.185 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US), Reverse DNS Software Apache/2.2.3 (CentOS) / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host gvi3.click1to1.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://gvi3.click1to1.com/ Cookie CFID=9024596; CFTOKEN=78379381; UTC=20190308093850%2D0730 Connection keep-alive Cache-Control no-cache Referer http://gvi3.click1to1.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 08 Mar 2019 16:38:51 GMT Server Apache/2.2.3 (CentOS) Connection close Content-Length 320 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gvi3.click1to1.com/	1970-01-29 21:55:43	Name: UTC Value: 20190308093850%2D0730
gvi3.click1to1.com/	1970-01-29 21:55:43	Name: CFTOKEN Value: 78379381
gvi3.click1to1.com/	1970-01-29 21:55:43	Name: CFID Value: 9024596

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gvi.emtoolbox.com
gvi3.click1to1.com
www.globusjourneys.com
104.130.185.185
173.203.147.118
50.207.100.10
85d94d2100bb4597528b5077c2429eae772bd212f82146cbf6c18ae4354a8763
94b028d7202d013c503a59c9871f78fcd88fba923cd4abcca2ee0adbd20c929a
d2a204f5543c8363daf3eec458f36227f8a0e5f3d081129e5a9935c3d81fd4d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f2df2a97c85ea4a5407f4f2aeb5ae9254e0b3972acdbbcde6c2c1915796dcf
f3d193a774ca89fed71acc5986aa9b7b1583cbef7da7a01025025a17e576b192

gvi3.click1to1.com Open in urlscan Pro 104.130.185.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

20 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

74 kBTransfer

65 kBSize

3 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

3 Cookies

Indicators

gvi3.click1to1.com Open in urlscan Pro
104.130.185.185 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

20 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

74 kB
Transfer

65 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions