Submitted URL: https://cws-internal.access.ca.gov/
Effective URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca...
Submission: On March 14 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 68 HTTP transactions. The main IP is 34.120.36.59, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is idp.us.safenetid.com. The Cisco Umbrella rank of the primary domain is 343269.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 13th 2023. Valid for: a year.
This is the only time idp.us.safenetid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 134.186.205.172 1226 (CTA-42-AS...)
1 33 134.186.205.174 1226 (CTA-42-AS...)
1 34 34.120.36.59 396982 (GOOGLE-CL...)
2 142.251.40.187 15169 (GOOGLE)
68 4
Apex Domain
Subdomains
Transfer
35 ca.gov
cws-internal.access.ca.gov
cwstoken.access.ca.gov
1 MB
34 safenetid.com
idp.us.safenetid.com — Cisco Umbrella Rank: 343269
resources.us.safenetid.com — Cisco Umbrella Rank: 393889
re.us.safenetid.com — Cisco Umbrella Rank: 401040
1 MB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 303
29 KB
68 3
Domain Requested by
33 cwstoken.access.ca.gov 1 redirects cwstoken.access.ca.gov
17 idp.us.safenetid.com 1 redirects idp.us.safenetid.com
12 re.us.safenetid.com idp.us.safenetid.com
re.us.safenetid.com
5 resources.us.safenetid.com idp.us.safenetid.com
2 storage.googleapis.com idp.us.safenetid.com
2 cws-internal.access.ca.gov 2 redirects
68 6

This site contains no links.

Subject Issuer Validity Valid
cws-internal.access.ca.gov
Sectigo RSA Organization Validation Secure Server CA
2023-04-13 -
2024-04-12
a year crt.sh
*.us.safenetid.com
Sectigo RSA Organization Validation Secure Server CA
2023-10-13 -
2024-10-12
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Frame ID: F06E56392770CDA55C59533BA96A0CEF
Requests: 64 HTTP requests in this frame

Screenshot

Page Title

SafeNet Trusted Access

Page URL History Show full URLs

  1. https://cws-internal.access.ca.gov/ HTTP 302
    https://cws-internal.access.ca.gov/logon/LogonPoint/index.html HTTP 302
    https://cwstoken.access.ca.gov/ HTTP 302
    https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html Page URL
  2. https://cwstoken.access.ca.gov/nf/auth/doSaml?act=SafeNet_CWSTokenMIG.Access_SAML;nf=CWSTOKEN-ACCESS-NFACTO... Page URL
  3. https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/protocol/saml HTTP 302
    https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hammer(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

68
Requests

99 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

4
IPs

1
Countries

2435 kB
Transfer

2419 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cws-internal.access.ca.gov/ HTTP 302
    https://cws-internal.access.ca.gov/logon/LogonPoint/index.html HTTP 302
    https://cwstoken.access.ca.gov/ HTTP 302
    https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html Page URL
  2. https://cwstoken.access.ca.gov/nf/auth/doSaml?act=SafeNet_CWSTokenMIG.Access_SAML;nf=CWSTOKEN-ACCESS-NFACTOR-POL-LABL;wv=0 Page URL
  3. https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/protocol/saml HTTP 302
    https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cws-internal.access.ca.gov/ HTTP 302
  • https://cws-internal.access.ca.gov/logon/LogonPoint/index.html HTTP 302
  • https://cwstoken.access.ca.gov/ HTTP 302
  • https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html

68 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
tmindex.html
cwstoken.access.ca.gov/logon/LogonPoint/
Redirect Chain
  • https://cws-internal.access.ca.gov/
  • https://cws-internal.access.ca.gov/logon/LogonPoint/index.html
  • https://cwstoken.access.ca.gov/
  • https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
49 KB
49 KB
Document
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
ff86b06185fd98de4f2d748af4b982c6cf9bbd5c4ac5fb035aabb70023d7c3f3
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, must-revalidate no-cache
Connection
Keep-Alive
Content-Length
50180
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 00:07:42 GMT
ETag
"c404-6131d6358b080"
Expires
0
Keep-Alive
timeout=15, max=99
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=157680000
X-Frame-Options
SAMEORIGIN

Redirect headers

Cache-control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
566
Content-Type
text/html
Location
/logon/LogonPoint/tmindex.html
Pragma
no-cache
Strict-Transport-Security
max-age=157680000
X-Frame-Options
SAMEORIGIN
ctxs.large-ui.min.css
cwstoken.access.ca.gov/logon/LogonPoint/receiver/css/
77 KB
78 KB
Stylesheet
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
4cb3347d913b9c97bd684a301ff18c91fc98ff5925946a45273d12d0d67381b0
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"13588-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
79240
Expires
0
theme.css
cwstoken.access.ca.gov/logon/themes/Default/css/
2 KB
3 KB
Stylesheet
General
Full URL
https://cwstoken.access.ca.gov/logon/themes/Default/css/theme.css
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
028f0fbea406d083d48b02a0c3a0860555c9ca5fd5d08725ac3a73803ab57742
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 05 Mar 2024 17:00:02 GMT
Server
Apache
ETag
"900-612ecc5e58880"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
2304
Expires
0
style.css
cwstoken.access.ca.gov/logon/LogonPoint/custom/
0
412 B
Stylesheet
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/custom/style.css
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 05 Mar 2024 17:00:02 GMT
Server
Apache
ETag
"0-612ecc5e58880"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
0
Expires
0
wspinner@2x.gif
cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/common/
2 KB
3 KB
Image
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/common/wspinner@2x.gif
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
111ce0995fd5170b4289d22d9bac264ffba149c4eda9377a5403423a22d3b76c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"8af-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2223
Expires
0
jquery.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
102 KB
103 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
6de5410d89867293b972467af452db906597b8eb0c973020fd451b08128745e9
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"1984e-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
104526
X-Citrix-Application
Receiver for Web
Expires
0
jquery-ui.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
246 KB
246 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery-ui.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
9d280b53a4d980fedaeed18ff0c49bfa575d7100268cc8b9a7e44b5edc404bd4
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:44 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"3d738-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
251704
X-Citrix-Application
Receiver for Web
Expires
0
jquery.ui.touch-punch.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
1 KB
2 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.ui.touch-punch.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
ba4e6af952ad38ed336e34950ac7dd236db7238c315418431a53263a84760305
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"449-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1097
X-Citrix-Application
Receiver for Web
Expires
0
jquery-migrate.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
8 KB
9 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery-migrate.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
128c510c9d60eea7ad93b3d1122a3a20b49e3ada4ff468026ca7642799a477a2
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"20d6-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
8406
X-Citrix-Application
Receiver for Web
Expires
0
hammer.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
19 KB
20 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/hammer.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
75169f9c62b4bc6d546c9b59ee59d0c93ae3f88437777cc0a3e67c254f13a382
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:45 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"4d8d-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
19853
X-Citrix-Application
Receiver for Web
Expires
0
jquery.dotdotdot.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
6 KB
7 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.dotdotdot.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
0ccc391385db07d263046d352e64c23fb5721461637a83ef097f975b409e6d60
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"1954-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
6484
X-Citrix-Application
Receiver for Web
Expires
0
velocity.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
33 KB
34 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/velocity.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
9bbbee2c65b74a02eede62ca5a340a0b873e50282dc26db4aeb3a6a587cc1d95
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"85a2-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
34210
X-Citrix-Application
Receiver for Web
Expires
0
slick.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/
38 KB
38 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/slick.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
e7a5de833705f4384adfad5a78792fb0ad0641cbb04f0f088b7f71d73c685f3b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"96b8-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
38584
X-Citrix-Application
Receiver for Web
Expires
0
ctxs.core.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/
107 KB
108 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/ctxs.core.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
8e14040cbcb59477e1ee9ee5d8f3a356aec9a6327d44bfaf564bbcfe7e7b5810
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"1ace3-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
109795
X-Citrix-Application
Receiver for Web
Expires
0
ctxs.webui.min.js
cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/
275 KB
275 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/ctxs.webui.min.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
a2669e4739bfd806b2e638d3aa70167e75d51dea6be4868fc89554fa1c61662b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:43 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"44a6f-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
281199
X-Citrix-Application
Receiver for Web
Expires
0
script.js
cwstoken.access.ca.gov/logon/LogonPoint/custom/
0
465 B
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/custom/script.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 05 Mar 2024 17:00:02 GMT
Server
Apache
ETag
"0-612ecc5e58880"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
0
X-Citrix-Application
Receiver for Web
Expires
0
strings.en.js
cwstoken.access.ca.gov/logon/LogonPoint/custom/
438 B
907 B
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/custom/strings.en.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
a5366bdf12ecdd7ff4c87d34ec238717b0c1864598ace0fbd94a5f73f151060f
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 05 Mar 2024 17:00:02 GMT
Server
Apache
ETag
"1b6-612ecc5e58880"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
438
X-Citrix-Application
Receiver for Web
Expires
0
List
cwstoken.access.ca.gov/cgi/Resources/
22 B
292 B
XHR
General
Full URL
https://cwstoken.access.ca.gov/cgi/Resources/List
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
/
Resource Hash
da38e4f7d8d357e2c820a08d4874c9b9882fbd315f075d8ce710278f18a52fb7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
text/plain
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
CitrixWebReceiver-Authenticate
reason="notoken", location="/cgi/GetAuthMethods"
Content-Length
22
X-Citrix-Application
Receiver for Web
Expires
-1
citrixgateway_logo_white.png
cwstoken.access.ca.gov/vpn/media/
2 KB
3 KB
Image
General
Full URL
https://cwstoken.access.ca.gov/vpn/media/citrixgateway_logo_white.png
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
4a2cae9a9c5a586f2bd5dc6140e34cac6b18be6b617c602a4a48321452c18c1c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Wed, 06 Mar 2024 03:00:05 GMT
Server
Apache
ETag
"8fc-612f527d7b740"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
2300
X-XSS-Protection
1; mode=block
strings.en.json
cwstoken.access.ca.gov/logon/LogonPoint/custom/
3 KB
3 KB
XHR
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/custom/strings.en.json
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
de9a529f96a56dd0b81acdcadc851dde06bea732de686bdef07cb9ddde370b78
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
X-Citrix-IsUsingHTTPS
Yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 05 Mar 2024 17:00:02 GMT
Server
Apache
ETag
"a6a-612ecc5e58880"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
2666
X-Citrix-Application
Receiver for Web
Expires
0
Configuration
cwstoken.access.ca.gov/logon/LogonPoint/Home/
2 KB
3 KB
XHR
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/Home/Configuration
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
63585356450cc0c31b5cd9b7afa91a7d9555d3055ce2251cdc5201fcc682a91c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
X-Citrix-IsUsingHTTPS
Yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 05 Mar 2024 17:00:02 GMT
Server
Apache
ETag
"0-612ecc5e58880"
X-Frame-Options
SAMEORIGIN
Content-Type
application/xml
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
2374
X-Citrix-Application
Receiver for Web
Expires
0
actionSprite.png
cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/1x/
2 KB
3 KB
Image
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/1x/actionSprite.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
036e7a57f8bb75895d2d35b27913f555589881a2e7cda51f1de01a351425ffba
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"95a-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
2394
Expires
0
folder_template.png
cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/1x/
432 B
848 B
Image
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/1x/folder_template.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
5886f57d6a5eab166a00523fcc6963edafb009029e3ec6092f6ea79da4cd6ae0
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"1b0-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
432
Expires
0
viewSprite.png
cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/1x/
3 KB
4 KB
Image
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/1x/viewSprite.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
85d7dde124874210870bb7d3526f56ba3dc4b54ef4572855946f3905233c1455
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"c5f-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
3167
Expires
0
nsg-epa.js
cwstoken.access.ca.gov/logon/LogonPoint/plugins/ns-gateway/
30 KB
31 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/plugins/ns-gateway/nsg-epa.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/ctxs.core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
358f835f954b374e6939a261351562f5fabf9b73ac2a7cd9483abf03422f27df
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"78c4-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
30916
X-Citrix-Application
Receiver for Web
Expires
0
nsg-setclient.js
cwstoken.access.ca.gov/logon/LogonPoint/plugins/ns-gateway/
65 KB
66 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/plugins/ns-gateway/nsg-setclient.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/ctxs.core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
8503a198da8417ca0a999c3ba874bc005f250dca576c5a603482e5526a6dfcc6
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"104ac-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
66732
X-Citrix-Application
Receiver for Web
Expires
0
ns-nfactor.js
cwstoken.access.ca.gov/logon/LogonPoint/plugins/ns-gateway/
31 KB
32 KB
Script
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/plugins/ns-gateway/ns-nfactor.js
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/ctxs.core.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
33262fdef199d32afca0b6fc248e60fd259bef0c7663b0e73584060e07ed3a33
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"7cb0-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
31920
X-Citrix-Application
Receiver for Web
Expires
0
List
cwstoken.access.ca.gov/logon/LogonPoint/Resources/
22 B
292 B
XHR
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/Resources/List
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
/
Resource Hash
da38e4f7d8d357e2c820a08d4874c9b9882fbd315f075d8ce710278f18a52fb7

Request headers

Accept
*/*
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
X-Citrix-IsUsingHTTPS
Yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
CitrixWebReceiver-Authenticate
reason="notoken", location="/cgi/GetAuthMethods"
Content-Length
22
X-Citrix-Application
Receiver for Web
Content-Type
text/plain
GetAuthMethods
cwstoken.access.ca.gov/cgi/
143 B
447 B
XHR
General
Full URL
https://cwstoken.access.ca.gov/cgi/GetAuthMethods
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
/
Resource Hash
f358a4d0754631f9027d06c4f9d6511e999c6913028f113c78b0af4d7238eb00
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
X-Citrix-IsUsingHTTPS
Yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000
Cache-control
no-cache, no-store, must-revalidate
Content-Length
143
X-Frame-Options
SAMEORIGIN
X-Citrix-Application
Receiver for Web
Content-Type
application/vnd.citrix.authenticateresponse-1+xml;charset=utf-8
getAuthenticationRequirements.do
cwstoken.access.ca.gov/nf/auth/
370 B
693 B
XHR
General
Full URL
https://cwstoken.access.ca.gov/nf/auth/getAuthenticationRequirements.do
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/external/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

X-Citrix-AM-LabelTypes
none, plain, heading, information, warning, error, confirmation, image, nsg-epa, nsg-epa-failure, nsg-login-label, tlogin-failure-msg, nsg-tlogin-heading, nsg-tlogin-single-res, nsg-tlogin-multi-res, nsg-tlogin, nsg-login-heading, nsg-fullvpn, nsg-l20n, nsg-l20n-error, certauth-failure-msg, dialogue-label, nsg-change-pass-assistive-text, nsg_confirmation, nsg_kba_registration_heading, nsg_email_registration_heading, nsg_kba_validation_question, nsg_sspr_success, nf-manage-otp
accept-language
en-CA,en;q=0.9
X-Citrix-IsUsingHTTPS
Yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Accept
application/xml, text/xml, */*; q=0.01
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
X-Citrix-AM-CredentialTypes
none, username, domain, password, newpassword, passcode, savecredentials, textcredential, webview, nsg-epa, nsg-x1, nsg-setclient, nsg-eula, nsg-tlogin, nsg-fullvpn, nsg-hidden, nsg-auth-failure, nsg-auth-success, nsg-epa-success, nsg-l20n, GoBack, nf-recaptcha, ns-dialogue, nf-gw-test, nsg_qrcode, nsg_manageotp, negotiate, nsg_push, nsg_push_otp, nf_sspr_rem
X-Requested-With
XMLHttpRequest

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=157680000
X-Frame-Options
SAMEORIGIN
Content-Type
application/vnd.citrix.authenticateresponse-1+xml;charset=utf-8
Cache-control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
370
X-Citrix-Application
Receiver for Web
doSaml
cwstoken.access.ca.gov/nf/auth/
6 KB
7 KB
Document
General
Full URL
https://cwstoken.access.ca.gov/nf/auth/doSaml?act=SafeNet_CWSTokenMIG.Access_SAML;nf=CWSTOKEN-ACCESS-NFACTOR-POL-LABL;wv=0
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/js/ctxs.webui.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
/
Resource Hash
ba6a9cb30664d1f83a5a368266d149d53c1c980a12565d009b8acd26e92643be
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/tmindex.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
6463
Content-Type
text/html
Pragma
no-cache
Strict-Transport-Security
max-age=157680000
X-Frame-Options
SAMEORIGIN
ReceiverFullScreenBackground.jpg
cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/common/
50 KB
50 KB
Image
General
Full URL
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/images/common/ReceiverFullScreenBackground.jpg
Requested by
Host: cwstoken.access.ca.gov
URL: https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.186.205.174 Sacramento, United States, ASN1226 (CTA-42-AS1226, US),
Reverse DNS
cwstoken.access.ca.gov
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cwstoken.access.ca.gov/logon/LogonPoint/receiver/css/ctxs.large-ui.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 00:07:46 GMT
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 08 Mar 2024 03:00:02 GMT
Server
Apache
ETag
"c676-6131d6358b080"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=94
Content-Length
50806
Expires
0
CWS_logo2b.jpg
cwstoken.access.ca.gov/logon/themes/Default/custom_media/
0
0

Primary Request authenticate
idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/
Redirect Chain
  • https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/protocol/saml
  • https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
11 KB
11 KB
Document
General
Full URL
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
b599d41f5f109ba01fd75627d5e5c871fb46480ab37d20c59fcc2a86fb4ddf4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM cloud.us.safenetid.com
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cwstoken.access.ca.gov
Referer
https://cwstoken.access.ca.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-language
en
content-length
10941
content-type
text/html;charset=utf-8
date
Thu, 14 Mar 2024 00:07:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
WAF
strict-transport-security
max-age=31536000; includeSubDomains max-age=15768000
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
429
x-frame-options
ALLOW-FROM cloud.us.safenetid.com
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 14 Mar 2024 00:07:46 GMT
location
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
referrer-policy
strict-origin-when-cross-origin
server
WAF
strict-transport-security
max-age=31536000; includeSubDomains max-age=15768000
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-frame-options
ALLOW-FROM cloud.us.safenetid.com
x-robots-tag
none
x-xss-protection
1; mode=block
sasidp-libs.min.css
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/
253 KB
254 KB
Stylesheet
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/sasidp-libs.min.css?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
57e2f276875cf3ab0a23e03953d8fa335a1358250b6bdde3d0732624bd1306b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
styles.css
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/
31 KB
31 KB
Stylesheet
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/styles.css?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
b7b008cd814ed60d9e6c92c78a4e37cc4bfa1886dde6aeb6669229c95d644f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32006
x-xss-protection
1; mode=block
31fc5a1ab4970b42f3ec9e21c87c7b06.css
resources.us.safenetid.com/content/I49NCHDFYY-STA/
5 KB
5 KB
Stylesheet
General
Full URL
https://resources.us.safenetid.com/content/I49NCHDFYY-STA/31fc5a1ab4970b42f3ec9e21c87c7b06.css
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
e27dd73e2755202da28a7dc3ecfff4fb138d8ab0d5f4717409ee299ed1d400f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4830
expires
Sat, 13 Apr 2024 00:07:47 GMT
sasidp-libs.min.js
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/
232 KB
232 KB
Script
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/sasidp-libs.min.js?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
f7ef7c1db0d723180af8d7a57ee1c1b87e0bd91b2f3d48e75c50b53290e4839f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
open-sans.css
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/
5 KB
5 KB
Stylesheet
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/open-sans.css
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/styles.css?v=7.1.0-421953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
04d42f4c477e2188b0546da735d3be7126ecff2fb1ccea2b1728acea4feed480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5034
x-xss-protection
1; mode=block
gto-custom-icons.css
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/gto-custom-icons.css
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/styles.css?v=7.1.0-421953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
674fa25ad5ee1f225afbdcbd0319e36a84f69edce8cc1a60a428e6340ec69507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/css;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2753
x-xss-protection
1; mode=block
loc.js
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/
18 KB
18 KB
Script
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
e0dd726b918b1c7a8a45e950bd098e6acaef9265833d53903a240150d9fe5a93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18041
x-xss-protection
1; mode=block
template.js
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/
1 KB
1 KB
Script
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/template.js?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
78c875ae7fbca65fc38696160e261c1389e18cb29c89beb39744ab97406367ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1041
x-xss-protection
1; mode=block
idfirston-scripts.js
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/
19 KB
19 KB
Script
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/idfirston-scripts.js?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
220f3c3655ee46daa894c7438e0ee96a34e25877af125668e235332be2383298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19929
x-xss-protection
1; mode=block
back-button.js
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/
6 KB
6 KB
Script
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/back-button.js?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
3df0010975efd85f82783f43e201d1902fe24d42acface8d877e3d666c43b79b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5725
x-xss-protection
1; mode=block
0b950fe114f790e5b2eafa7164135507.png
resources.us.safenetid.com/content/I49NCHDFYY-STA/
8 KB
8 KB
Image
General
Full URL
https://resources.us.safenetid.com/content/I49NCHDFYY-STA/0b950fe114f790e5b2eafa7164135507.png
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
7bf694c9fd95e318f7db51f00acfeb1c94f615d9c839c065fd7611626105f36f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8392
expires
Sat, 13 Apr 2024 00:07:48 GMT
59f9c5fcb3f1c690c539c8af5525761d.jpg
resources.us.safenetid.com/content/2THZ46ATM2-STA/
35 KB
35 KB
Image
General
Full URL
https://resources.us.safenetid.com/content/2THZ46ATM2-STA/59f9c5fcb3f1c690c539c8af5525761d.jpg
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
1b5d8dc66c6b72b7acccafcd7d6e6a768a7d4a9ebc22f3f244f4729ae3e6a01d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-envoy-upstream-service-time
154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35804
expires
Sat, 13 Apr 2024 00:07:48 GMT
localeInitialize.js
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/
4 KB
4 KB
Script
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/localeInitialize.js?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
34f592e999a16f7473b6516952d20fcafcba84b21449c2fad21b5838e28265c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
text/javascript;charset=UTF-8
cache-control
no-cache
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3714
x-xss-protection
1; mode=block
fa-solid-900.woff2
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/webfonts/
151 KB
151 KB
Font
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/webfonts/fa-solid-900.woff2
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/css/sasidp-libs.min.css?v=7.1.0-421953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://idp.us.safenetid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
OpenSans-Bold.woff2
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/Bold/
46 KB
46 KB
Font
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/Bold/OpenSans-Bold.woff2
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/open-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://idp.us.safenetid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
no-cache
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
OpenSans-Regular.woff2
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/Regular/
46 KB
46 KB
Font
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/Regular/OpenSans-Regular.woff2
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/open-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://idp.us.safenetid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
cpl-sta-p-app-us-01-us-languages-bucket-01
storage.googleapis.com/
4 KB
4 KB
XHR
General
Full URL
https://storage.googleapis.com/cpl-sta-p-app-us-01-us-languages-bucket-01
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.187 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f27.1e100.net
Software
UploadServer /
Resource Hash
8db832c7d2d18b18465eddbb0d429cfe34ece1c902278f6956119cb365ed1bff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
server
UploadServer
x-guploader-uploadid
ABPtcPqc881SDgkCN29YaUcXBeS7d0-nxXBwyjey_u5yybW9_JkPbCwEFsTYASUvlg9DBQHLdVE
content-type
application/xml; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*, Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-metageneration
14
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3964
expires
Thu, 14 Mar 2024 00:07:48 GMT
lang-list.xml
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/langs/
3 KB
3 KB
XHR
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/langs/lang-list.xml?v=7.1.0-421953
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
61c72c85553329410a8066a218fdba2252366643f66abd0c0244d1dad4da8a94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
no-cache
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3447
x-xss-protection
1; mode=block
languages
resources.us.safenetid.com/organization/2THZ46ATM2-STA/
33 B
53 B
XHR
General
Full URL
https://resources.us.safenetid.com/organization/2THZ46ATM2-STA/languages
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
c26f6f42c2f70f69dfc6dc15ed7fe99392c67706c789b66405aaa7c5b6cf6d77
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33
scripts
re.us.safenetid.com/api/v1/tenants/_unknown_/
1 KB
1 KB
Script
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/scripts
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
ad0fb576cc98ce4ad37827cdffe5c509a92487df97e93cd176b0cd248992fbbf
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
via
1.1 google
server
WAF
accept-ch
sec-ch-ua-platform-version
etag
W/"422-0rDzX1ir27nCNZgcnf6N5bE7DTg"
vary
Origin
x-frame-options
sameorigin
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1058
4c667507019784ddaa4beee34b94921a.jpg
resources.us.safenetid.com/content/I49NCHDFYY-STA/
272 KB
272 KB
Image
General
Full URL
https://resources.us.safenetid.com/content/I49NCHDFYY-STA/4c667507019784ddaa4beee34b94921a.jpg
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/login-actions/authenticate?client_id=https%3A%2F%2Fcwstoken.access.ca.gov&tab_id=j1JA30pA9Wo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
5808d3af034c907c0ee562423cab202dcd514555cab562ef84e7faf3cd2e6825
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278168
expires
Sat, 13 Apr 2024 00:07:48 GMT
signalCollector.min.js
re.us.safenetid.com/javascripts/
17 KB
17 KB
Script
General
Full URL
https://re.us.safenetid.com/javascripts/signalCollector.min.js
Requested by
Host: re.us.safenetid.com
URL: https://re.us.safenetid.com/api/v1/tenants/_unknown_/scripts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
bbfe760cdbf4e93fb8cca59b33530ff11accfc6b4c0ef7eeeef51d61cf402f42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
via
1.1 google
last-modified
Mon, 11 Dec 2023 17:25:52 GMT
server
WAF
etag
W/"4369-18c59e9ed00"
vary
Origin
content-type
application/javascript
cache-control
public, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17257
etag
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
0
0
Preflight
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://idp.us.safenetid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://idp.us.safenetid.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 14 Mar 2024 00:07:48 GMT
server
WAF
vary
Origin,Access-Control-Request-Headers
via
1.1 google
x-envoy-upstream-service-time
2
cache
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
0
0
Preflight
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://idp.us.safenetid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://idp.us.safenetid.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 14 Mar 2024 00:07:48 GMT
server
WAF
vary
Origin,Access-Control-Request-Headers
via
1.1 google
x-envoy-upstream-service-time
2
etag
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
36 B
57 B
XHR
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Requested by
Host: re.us.safenetid.com
URL: https://re.us.safenetid.com/javascripts/signalCollector.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
8b82e211e7a61f35ec45b1b51848a7c87cfe39ccd3b6ff9a703c655cbcf36f90

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://idp.us.safenetid.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
via
1.1 google
server
WAF
accept-ch
sec-ch-ua-platform-version
etag
fa8407a5-802e-42ef-ab06-d0f80eca8793
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://idp.us.safenetid.com
cache-control
private, max-age=630720000
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
expires
Tue, 31 Dec 2030 23:30:45 GMT
cache
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
36 B
57 B
XHR
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Requested by
Host: re.us.safenetid.com
URL: https://re.us.safenetid.com/javascripts/signalCollector.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
4c40a8f6fae0f63d1a4d0b32898044d4e580a09a0e8d4c4dbc131f2ce31d8ef0

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://idp.us.safenetid.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
via
1.1 google
server
WAF
accept-ch
sec-ch-ua-platform-version
etag
W/"24-8k69VUHDS8t+WS7M71asfUGeCIE"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://idp.us.safenetid.com
cache-control
private, max-age=630720000
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
expires
Tue, 31 Dec 2030 23:30:45 GMT
en.json
storage.googleapis.com/cpl-sta-p-app-us-01-us-languages-bucket-01/
25 KB
25 KB
XHR
General
Full URL
https://storage.googleapis.com/cpl-sta-p-app-us-01-us-languages-bucket-01/en.json?f318b037242effa43ab0865444626c7c
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/js/loc.js?v=7.1.0-421953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.187 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f27.1e100.net
Software
UploadServer /
Resource Hash
87dc8c392dfe0a26ed7b95b396c68936ebdd0aa5df5f51fa77373bad607719e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://idp.us.safenetid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 23:47:37 GMT
age
1211
x-guploader-uploadid
ABPtcPr2UPqBrWg10b9p_Yd1ET74i1rx1zZ-lsQl24lLo4aTjNoeT-AUkEpEngbRfC3lDwHtq10
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25132
last-modified
Sat, 09 Mar 2024 16:16:34 GMT
server
UploadServer
etag
"f318b037242effa43ab0865444626c7c"
x-goog-generation
1708426185344999
x-goog-hash
crc32c=3o2avQ==, md5=8xiwNyQu/6Q6sIZURGJsfA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
25132
accept-ranges
bytes
content-type
application/json
expires
Thu, 14 Mar 2024 00:47:37 GMT
truncated
/
277 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b17b504fce7c265ddff3b3d09a9e68c0e75860acae0d16571eb8b0d5df3e53f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
OpenSans-Semibold.woff2
idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/Semibold/
62 KB
62 KB
Font
General
Full URL
https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/Semibold/OpenSans-Semibold.woff2
Requested by
Host: idp.us.safenetid.com
URL: https://idp.us.safenetid.com/auth/resources/mfaqk/login/sas-login-ui/fonts/OpenSans/open-sans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://idp.us.safenetid.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15768000
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
WAF
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
no-cache
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
signals
re.us.safenetid.com/api/v1/tenants/_unknown_/visits/b8ce3647-fd2e-4617-87e9-155cfec22186/
2 B
21 B
XHR
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/visits/b8ce3647-fd2e-4617-87e9-155cfec22186/signals
Requested by
Host: re.us.safenetid.com
URL: https://re.us.safenetid.com/javascripts/signalCollector.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://idp.us.safenetid.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 00:07:49 GMT
via
1.1 google
server
WAF
accept-ch
sec-ch-ua-platform-version
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://idp.us.safenetid.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
etag
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
36 B
57 B
XHR
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Requested by
Host: re.us.safenetid.com
URL: https://re.us.safenetid.com/javascripts/signalCollector.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
62689d314ba26da96870acf15b4709cc7710c42a53f36fbf719950fbeec2fc79

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://idp.us.safenetid.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:49 GMT
via
1.1 google
server
WAF
accept-ch
sec-ch-ua-platform-version
etag
a01bddf7-fb42-4c63-aaed-72bb7886b810
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://idp.us.safenetid.com
cache-control
private, max-age=630720000
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
expires
Tue, 31 Dec 2030 23:30:45 GMT
cache
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
36 B
57 B
XHR
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Requested by
Host: re.us.safenetid.com
URL: https://re.us.safenetid.com/javascripts/signalCollector.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash
1d8e9519ec96c0026ae4ede75a500e7121216b96b2b4203c0d4986af6a1b09fc

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://idp.us.safenetid.com/
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:07:49 GMT
via
1.1 google
server
WAF
accept-ch
sec-ch-ua-platform-version
etag
W/"24-lRFzGeVtZ35E5L2gLvsnuSgazm4"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://idp.us.safenetid.com
cache-control
private, max-age=630720000
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
expires
Tue, 31 Dec 2030 23:30:45 GMT
signals
re.us.safenetid.com/api/v1/tenants/_unknown_/visits/b8ce3647-fd2e-4617-87e9-155cfec22186/
0
0
Preflight
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/visits/b8ce3647-fd2e-4617-87e9-155cfec22186/signals
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PATCH
Origin
https://idp.us.safenetid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://idp.us.safenetid.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 14 Mar 2024 00:07:49 GMT
server
WAF
vary
Origin,Access-Control-Request-Headers
via
1.1 google
x-envoy-upstream-service-time
1
etag
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
0
0
Preflight
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://idp.us.safenetid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://idp.us.safenetid.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 14 Mar 2024 00:07:49 GMT
server
WAF
vary
Origin,Access-Control-Request-Headers
via
1.1 google
x-envoy-upstream-service-time
3
cache
re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/
0
0
Preflight
General
Full URL
https://re.us.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.36.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.36.120.34.bc.googleusercontent.com
Software
WAF /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://idp.us.safenetid.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://idp.us.safenetid.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html
date
Thu, 14 Mar 2024 00:07:49 GMT
server
WAF
vary
Origin,Access-Control-Request-Headers
via
1.1 google
x-envoy-upstream-service-time
2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cwstoken.access.ca.gov
URL
https://cwstoken.access.ca.gov/logon/themes/Default/custom_media/CWS_logo2b.jpg

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Log4js object| log4jsLogger function| $namespace function| $type function| $ function| Exception function| RuntimeException function| IllegalArgumentException function| DateFormat object| $ESAPI number| c object| entityToCharacterMap object| characterToEntityMap string| entity object| ESAPI_Standard_en_US function| pluralRuleParser string| property object| org number| OFF number| FATAL number| ERROR number| WARNING number| INFO number| DEBUG number| TRACE number| ALL object| Base function| jQuery object| jQBrowser function| DOMPurify function| Localization function| Zousan number| signalCollectionStartTime number| signalCollectionTime boolean| reSignalCollected boolean| kerberosTicketCollected undefined| loginFormSubmitted number| loginPageTimeout number| signalCollectionTimeout function| onReSignalCollectedEvent function| updateSignalCollectionTime function| waitForSignalCollection function| showLoading function| showLoadingForLoginTable function| addClickHandler function| switchUser function| eraseCookie function| resetFlow function| authenticate function| pushAuthenticate function| authenticatePush function| autheticateCba function| authenticateFido function| handleFidoCredentials function| base64Decode function| base64Encode function| handleFidoError function| addAuthenticatorButtonClicked function| activateAuthenticatorButtonClicked function| resetGridSurePatternButtonClicked function| notNowActivateLinkClicked function| otherOptionsLinkClicked function| goBackLinkClicked function| pushSpsAjaxCall function| cbaAjaxCall function| submittPushFormWithPushStatus function| submitFormWithCba function| submitFormWithFido function| authenticateManualOtp function| validateUser function| userAuthenticate function| onPressEnterForUserAuthenticate function| checksamluseridpresent function| submitOnReSignalCollected function| submitUser function| validEmail function| otpSelectionEventHandler function| redirectAuthenticatedClient boolean| isIE10 function| recordFirstPageHistoryLength function| goback function| gobacktoFirstPage function| getPageNumber function| incrementSasPage function| getNumberOfPagesForSP function| gobackToSP function| gobackToSPFromLink function| getIEVersion object| localization object| langOverride function| localize function| setLangAttribute function| removeLanguageSelector function| populateLanguages function| switchLanguage function| emptyPseudoClassPatchForIe11 number| notificationTimeout string| revisitid object| head string| mySrc string| dir string| address string| myDomain object| link object| script0 function| addLoadEvent function| _evercookie_flash_var function| Evercookie function| evercookie object| revisitidField

12 Cookies

Domain/Path Name / Value
idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/ Name: AUTH_SESSION_ID
Value: c52030c2-60e9-4ff0-964b-ccf82cad9a0f.idp-746fddc5cc-prp24-9563
idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/ Name: AUTH_SESSION_ID_LEGACY
Value: c52030c2-60e9-4ff0-964b-ccf82cad9a0f.idp-746fddc5cc-prp24-9563
idp.us.safenetid.com/auth/realms/2THZ46ATM2-STA/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmNzU2MTUxNy02OTllLTQ4NGUtODg4OS1mNTk1YTIwNDk3ZTkifQ.eyJjaWQiOiJodHRwczovL2N3c3Rva2VuLmFjY2Vzcy5jYS5nb3YiLCJwdHkiOiJzYW1sIiwicnVyaSI6Imh0dHBzOi8vY3dzdG9rZW4uYWNjZXNzLmNhLmdvdi9jZ2kvc2FtbGF1dGgiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJSZWxheVN0YXRlIjoiYm5OZmNHOXNhV041UFZOaFptVk9aWFJmUTFkVFZHOXJaVzVOU1VjdVFXTmpaWE56WDFOQlRVd0FibVk5UTFkVFZFOUxSVTR0UVVORFJWTlRMVTVHUVVOVVQxSXRVRTlNTFV4QlFrd21hSFIwY0hNNkx5OWpkM04wYjJ0bGJpNWhZMk5sYzNNdVkyRXVaMjkyTHc9PSIsIlNBTUxfUkVRVUVTVF9JRCI6Il9mNGNiMzhhNzM0ZjIxMDE1NDRmM2IxNjQyMzFmYmExMiIsInNhbWxfYmluZGluZyI6InBvc3QifX0.MC6-hD4n6QjhM6sHuX1JcaxIaeZTMklHypvaTx_rIAM
idp.us.safenetid.com/ Name: GWAFSESSION
Value: s.idp1
resources.us.safenetid.com/ Name: GWAFSESSION
Value: s.resources1
idp.us.safenetid.com/ Name: sas_first_page_from_back
Value:
idp.us.safenetid.com/ Name: sas_page
Value: 0
re.us.safenetid.com/ Name: revisit
Value: 1570c368-9787-483f-a96a-977c43401375
re.us.safenetid.com/ Name: GWAFSESSION
Value: s.re1
.idp.us.safenetid.com/ Name: ecookie_etag
Value: fa8407a5-802e-42ef-ab06-d0f80eca8793
.idp.us.safenetid.com/ Name: ecookie_cache
Value: fa8407a5-802e-42ef-ab06-d0f80eca8793
.idp.us.safenetid.com/ Name: ecookieForRE
Value: fa8407a5-802e-42ef-ab06-d0f80eca8793

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cws-internal.access.ca.gov
cwstoken.access.ca.gov
idp.us.safenetid.com
re.us.safenetid.com
resources.us.safenetid.com
storage.googleapis.com
cwstoken.access.ca.gov
134.186.205.172
134.186.205.174
142.251.40.187
34.120.36.59
028f0fbea406d083d48b02a0c3a0860555c9ca5fd5d08725ac3a73803ab57742
036e7a57f8bb75895d2d35b27913f555589881a2e7cda51f1de01a351425ffba
04d42f4c477e2188b0546da735d3be7126ecff2fb1ccea2b1728acea4feed480
0ccc391385db07d263046d352e64c23fb5721461637a83ef097f975b409e6d60
111ce0995fd5170b4289d22d9bac264ffba149c4eda9377a5403423a22d3b76c
128c510c9d60eea7ad93b3d1122a3a20b49e3ada4ff468026ca7642799a477a2
1b5d8dc66c6b72b7acccafcd7d6e6a768a7d4a9ebc22f3f244f4729ae3e6a01d
1d8e9519ec96c0026ae4ede75a500e7121216b96b2b4203c0d4986af6a1b09fc
220f3c3655ee46daa894c7438e0ee96a34e25877af125668e235332be2383298
33262fdef199d32afca0b6fc248e60fd259bef0c7663b0e73584060e07ed3a33
34f592e999a16f7473b6516952d20fcafcba84b21449c2fad21b5838e28265c1
358f835f954b374e6939a261351562f5fabf9b73ac2a7cd9483abf03422f27df
3df0010975efd85f82783f43e201d1902fe24d42acface8d877e3d666c43b79b
4a2cae9a9c5a586f2bd5dc6140e34cac6b18be6b617c602a4a48321452c18c1c
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4c40a8f6fae0f63d1a4d0b32898044d4e580a09a0e8d4c4dbc131f2ce31d8ef0
4cb3347d913b9c97bd684a301ff18c91fc98ff5925946a45273d12d0d67381b0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57e2f276875cf3ab0a23e03953d8fa335a1358250b6bdde3d0732624bd1306b0
5808d3af034c907c0ee562423cab202dcd514555cab562ef84e7faf3cd2e6825
5886f57d6a5eab166a00523fcc6963edafb009029e3ec6092f6ea79da4cd6ae0
5b17b504fce7c265ddff3b3d09a9e68c0e75860acae0d16571eb8b0d5df3e53f
61c72c85553329410a8066a218fdba2252366643f66abd0c0244d1dad4da8a94
62689d314ba26da96870acf15b4709cc7710c42a53f36fbf719950fbeec2fc79
63585356450cc0c31b5cd9b7afa91a7d9555d3055ce2251cdc5201fcc682a91c
674fa25ad5ee1f225afbdcbd0319e36a84f69edce8cc1a60a428e6340ec69507
6de5410d89867293b972467af452db906597b8eb0c973020fd451b08128745e9
75169f9c62b4bc6d546c9b59ee59d0c93ae3f88437777cc0a3e67c254f13a382
78c875ae7fbca65fc38696160e261c1389e18cb29c89beb39744ab97406367ca
7bf694c9fd95e318f7db51f00acfeb1c94f615d9c839c065fd7611626105f36f
8503a198da8417ca0a999c3ba874bc005f250dca576c5a603482e5526a6dfcc6
85d7dde124874210870bb7d3526f56ba3dc4b54ef4572855946f3905233c1455
87dc8c392dfe0a26ed7b95b396c68936ebdd0aa5df5f51fa77373bad607719e3
8b82e211e7a61f35ec45b1b51848a7c87cfe39ccd3b6ff9a703c655cbcf36f90
8db832c7d2d18b18465eddbb0d429cfe34ece1c902278f6956119cb365ed1bff
8e14040cbcb59477e1ee9ee5d8f3a356aec9a6327d44bfaf564bbcfe7e7b5810
9bbbee2c65b74a02eede62ca5a340a0b873e50282dc26db4aeb3a6a587cc1d95
9d280b53a4d980fedaeed18ff0c49bfa575d7100268cc8b9a7e44b5edc404bd4
a2669e4739bfd806b2e638d3aa70167e75d51dea6be4868fc89554fa1c61662b
a5366bdf12ecdd7ff4c87d34ec238717b0c1864598ace0fbd94a5f73f151060f
ad0fb576cc98ce4ad37827cdffe5c509a92487df97e93cd176b0cd248992fbbf
b599d41f5f109ba01fd75627d5e5c871fb46480ab37d20c59fcc2a86fb4ddf4f
b7b008cd814ed60d9e6c92c78a4e37cc4bfa1886dde6aeb6669229c95d644f0c
ba4e6af952ad38ed336e34950ac7dd236db7238c315418431a53263a84760305
ba6a9cb30664d1f83a5a368266d149d53c1c980a12565d009b8acd26e92643be
bbfe760cdbf4e93fb8cca59b33530ff11accfc6b4c0ef7eeeef51d61cf402f42
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c26f6f42c2f70f69dfc6dc15ed7fe99392c67706c789b66405aaa7c5b6cf6d77
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
da38e4f7d8d357e2c820a08d4874c9b9882fbd315f075d8ce710278f18a52fb7
de9a529f96a56dd0b81acdcadc851dde06bea732de686bdef07cb9ddde370b78
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
e0dd726b918b1c7a8a45e950bd098e6acaef9265833d53903a240150d9fe5a93
e27dd73e2755202da28a7dc3ecfff4fb138d8ab0d5f4717409ee299ed1d400f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a5de833705f4384adfad5a78792fb0ad0641cbb04f0f088b7f71d73c685f3b
f358a4d0754631f9027d06c4f9d6511e999c6913028f113c78b0af4d7238eb00
f7ef7c1db0d723180af8d7a57ee1c1b87e0bd91b2f3d48e75c50b53290e4839f
ff86b06185fd98de4f2d748af4b982c6cf9bbd5c4ac5fb035aabb70023d7c3f3