bma.securevdr.com Open in urlscan Pro
76.223.1.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bma.securevdr.com/
Effective URL:
https://bma.securevdr.com/Authentication/Login
Submission: On January 25 via manual (January 25th 2022, 4:48:59 pm UTC) from JE — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 33 HTTP transactions. The main IP is 76.223.1.166, located in United States and belongs to AMAZON-02, US. The main domain is bma.securevdr.com.
TLS certificate: Issued by Amazon on December 7th 2021. Valid for: a year.

This is the only time bma.securevdr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	76.223.1.166 76.223.1.166	16509 (AMAZON-02) (AMAZON-02)
4	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1 2	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	34.107.168.21 34.107.168.21	15169 (GOOGLE) (GOOGLE)
10	13.248.193.251 13.248.193.251	16509 (AMAZON-02) (AMAZON-02)
1	104.225.98.131 104.225.98.131	36236 (NETACTUATE) (NETACTUATE)
4	34.194.47.33 34.194.47.33	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
33	9

10 76.223.1.166 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com

bma.securevdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.54.49.5 (United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.168.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.168.107.34.bc.googleusercontent.com

citrix-sharefile-content.customer.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.248.193.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com

bma.sf-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.131 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 131.98.225.104.ptr.anycast.net

i2-inwxgwcpgjqbfedvcrvudvponizphd.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.194.47.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-47-33.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sf-api.com bma.sf-api.com	14 KB
10	securevdr.com 2 redirects bma.securevdr.com	634 KB
8	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1854 events.launchdarkly.com — Cisco Umbrella Rank: 1649	2 KB
3	cedexis.com 1 redirects radar.cedexis.com — Cisco Umbrella Rank: 3826 rpt.cedexis.com — Cisco Umbrella Rank: 2271	19 KB
1	cedexis-radar.net i2-inwxgwcpgjqbfedvcrvudvponizphd.init.cedexis-radar.net	1 KB
1	pendo.io citrix-sharefile-content.customer.pendo.io — Cisco Umbrella Rank: 26260	137 KB
33	6

	Domain	Requested by
10	bma.sf-api.com	bma.securevdr.com
10	bma.securevdr.com	2 redirects bma.securevdr.com
4	events.launchdarkly.com	bma.securevdr.com
4	app.launchdarkly.com	bma.securevdr.com
2	radar.cedexis.com	1 redirects bma.securevdr.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-inwxgwcpgjqbfedvcrvudvponizphd.init.cedexis-radar.net	radar.cedexis.com
1	citrix-sharefile-content.customer.pendo.io	bma.securevdr.com
33	8

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com Amazon	`2021-12-07` - `2023-01-05`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
citrix-sharefile-content.customer.pendo.io GTS CA 1D4	`2021-12-26` - `2022-03-26`	3 months	crt.sh
*.sf-api.com Amazon	`2021-12-07` - `2023-01-05`	a year	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2021-11-14` - `2022-12-16`	a year	crt.sh
events.launchdarkly.com Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
radar.cedexis.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-09` - `2022-08-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bma.securevdr.com/Authentication/Login
Frame ID: CD8146F86F1004AF1AF87DA9250F5E3A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bma.securevdr.com/ Page URL
https://bma.securevdr.com/login HTTP 302
https://bma.securevdr.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=T... HTTP 302
https://bma.securevdr.com/Authentication/Login Page URL

Page Statistics

33
Requests

88 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

804 kB
Transfer

2602 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bma.securevdr.com/ Page URL
https://bma.securevdr.com/login HTTP 302
https://bma.securevdr.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=TKnkdIvp6acknc0rT8WplA--&redirect_uri=https%3a%2f%2fsecure.securevdr.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=bma&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://bma.securevdr.com/Authentication/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1621860284/radar.js

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
bma.securevdr.com/ 3 KB
3 KB 383ms
179ms Document
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8d99f999691e0eb9521ee8a295ae25a2af351f0bce3ac323f6b6d912cf82ee8b

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-FjGAbUnKBWpF8ouX3cjUIg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 25 Jan 2022 16:48:53 GMT
content-type: text/html; charset=utf-8
content-length: 1273
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 55cac9e3-a2dd-403d-99bc-e335bf5552d7
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-FjGAbUnKBWpF8ouX3cjUIg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

POST
H2 200 cspviolation
bma.securevdr.com/api/ 0
1005 B 382ms
381ms Other
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/api/cspviolation

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bma.securevdr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/csp-report

Response headers

citrix-transactionid: 3e64d116-0dd7-4455-9071-a2242471a242
pragma: no-cache
date: Tue, 25 Jan 2022 16:48:54 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: private,no-cache, no-store, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: 0

GET
H2 200 spinner.css
bma.securevdr.com/css/ 1 KB
1 KB 98ms
98ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/css/spinner.css

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bma.securevdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:48:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 24 Jan 2022 12:54:20 GMT
server: Microsoft-IIS/10.0
etag: "0e6cd802111d81:0"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 index.02f9d7b97efd42ebbd37.js Show response
bma.securevdr.com/bundles/ 2 MB
604 KB 195ms
195ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

a8c3b10cb22229623ab04dd247caa18ac3b52bb5021b99bc44e62019b6c61941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bma.securevdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:48:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 24 Jan 2022 12:59:50 GMT
server: Microsoft-IIS/10.0
etag: "0e77f452211d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 616957
x-content-type-options: nosniff

GET
H2 200 spinner.svg
bma.securevdr.com/css/ 1 KB
2 KB 281ms
281ms Image
image/svg+xml 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bma.securevdr.com/css/spinner.svg

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/css/spinner.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bma.securevdr.com/css/spinner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:48:54 GMT
referrer-policy: same-origin
last-modified: Mon, 24 Jan 2022 12:54:20 GMT
server: Microsoft-IIS/10.0
etag: "0e6cd802111d81:0"
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

OPTIONS
H2 200 5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 0
0 40ms
6ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Tue, 25 Jan 2022 16:48:54 GMT
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-cache: HIT
x-cache-hits: 10
x-timer: S1643129335.723642,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

OPTIONS
H2 200 user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 0
0 7ms
7ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: REPORT
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: REPORT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: REPORT, OPTIONS
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Tue, 25 Jan 2022 16:48:54 GMT
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-cache: HIT
x-cache-hits: 13
x-timer: S1643129335.737204,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

GET
H2 200 5f33f5d44f29ea099db90d2a Show response
app.launchdarkly.com/sdk/goals/ 2 B
179 B 7ms
7ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Tue, 25 Jan 2022 16:48:54 GMT
content-length: 26
x-served-by: cache-hhn4078-HHN
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1643129335.731395,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 5

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1621860284/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1621860284/radar.js

44 KB
19 KB

38ms
38ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1621860284/radar.js
Requested by: Host: bma.securevdr.com
URL: https://bma.securevdr.com/
Protocol: HTTP/1.1
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 16:48:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 May 2021 12:50:45 GMT
Server: nginx
ETag: W/"60aba125-af61"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 08 Feb 2022 16:48:54 GMT

Redirect headers

Date: Tue, 25 Jan 2022 16:48:54 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1621860284/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Tue, 25 Jan 2022 16:58:54 GMT

REPORT
H2 200 user Show response
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 4 KB
1 KB 107ms
106ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Requested by: Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 34c3b3e3adb3207f6c88b68383ee14f9775d7590c73631a10e939b235157806f

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jan 2022 16:48:54 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: MISS
content-length: 854
x-served-by: cache-hhn4078-HHN
access-control-allow-origin: *
x-timer: S1643129335.745688,VS0,VE73
etag: "1589dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, REPORT
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 c1b310d7176d428258d3.js Show response
bma.securevdr.com/bundles/ 20 KB
9 KB 100ms
100ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/bundles/c1b310d7176d428258d3.js

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

2a20938ac07f2ae02f47a0b2117dee2c1da41ed5fb9ae146adbebf3db1045bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bma.securevdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:48:54 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 24 Jan 2022 12:59:50 GMT
server: Microsoft-IIS/10.0
etag: "0e77f452211d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 7779
x-content-type-options: nosniff

GET
H2 200 pendo.js Show response
citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 444 KB
137 KB 90ms
8ms Script
application/javascript 34.107.168.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: bma.securevdr.com
URL: https://bma.securevdr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.168.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f266da7c9d3e020129a7b36a0265252b9e5964b9c90a7a57c755c2b6606acf4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:43:24 GMT
content-encoding: gzip
age: 330
x-guploader-uploadid: ADPycduwvM_mf6uZnBb35AwTCofOZ3FtJGNEgwUVdLgsZ9T7uK52BfktJRTnHl9tIVnAXF4BACYll5ad9VhOI4DjRRMOz6IwhQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140005
last-modified: Fri, 21 Jan 2022 22:11:13 GMT
server: UploadServer
etag: "3ab5491d4a4d411f5265f5960a8d6251"
vary: Accept-Encoding
x-goog-hash: crc32c=NrEiZw==, md5=OrVJHUpNQR9SZfWWCo1iUQ==
x-goog-generation: 1642803073254113
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 140005
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 25 Jan 2022 16:50:54 GMT

GET
H2 200 Branding Show response
bma.sf-api.com/sf/v3/Accounts/ 4 KB
5 KB 1641ms
1449ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

a422587b8f28705851f8a581f719dfbd4964ef2b937bf3c255cab8073ceda93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: Hmf98rewBZlkEQB7UyEtDw
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 876ee6f7-4619-4057-85a3-78b214b6470f
date: Tue, 25 Jan 2022 16:48:56 GMT
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ac52d20a-2a0f-5371-808e-2da6f273d3a3
correlationid: Hmf98rewBZlkEQB7UyEtDw
content-length: 3735
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://bma.securevdr.com
x-sfapi-requestid: 637787081362277344
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

OPTIONS
H2 200 Branding
bma.sf-api.com/sf/v3/Accounts/ 0
0 406ms
190ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts/Branding

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:55 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bma.securevdr.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637787081351221120
citrix-transactionid: d06703ba-b808-4b23-b82c-da05c720ffba
correlationid: lNgmLXw5VEOi2E_Q_dP2sw
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H/1.1 200
Ok providers.json Show response
i2-inwxgwcpgjqbfedvcrvudvponizphd.init.cedexis-radar.net/i2/1/55156/j1/20/123/1643129334/0/0/ 3 KB
1 KB 72ms
15ms XHR
application/json 104.225.98.131
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-inwxgwcpgjqbfedvcrvudvponizphd.init.cedexis-radar.net/i2/1/55156/j1/20/123/1643129334/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.131 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 131.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: d3d91adad583aa791d007b58c9278df4e47284de0f59d50e208a1e667217e7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 16:48:54 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

OPTIONS
H2 204 5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/diagnostic/ 0
0 301ms
97ms Preflight 34.194.47.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.47.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-47-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:55 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000

POST
H2 202 5f33f5d44f29ea099db90d2a Show response
events.launchdarkly.com/events/diagnostic/ 0
328 B 97ms
97ms XHR
application/json 34.194.47.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.47.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-47-33.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jan 2022 16:48:55 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
content-length: 0

GET
H/1.1 200
Ok 1643129334136 Show response
rpt.cedexis.com/n1/0/1643129333620/0/0/0/0/1643129333620/1643129333622/1643129333633/1643129333633/1643129333825/1643129333728/1643129333825/1643129334004/1643129334004/1643129334030/1643129334738/... 16 B
283 B 51ms
14ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1643129333620/0/0/0/0/1643129333620/1643129333622/1643129333633/1643129333633/1643129333825/1643129333728/1643129333825/1643129334004/1643129334004/1643129334030/1643129334738/1643129334738/1643129334738/1643129334893/1643129334893/1643129334894/_CgJqMRAUGHsiBggBEPSuAyjMzqTpCTD208CPBjj208CPBkCs-4ugCEoPCAMQNRjBdiAAKPODgKAEUIWSwAFaEAgDEDUY7MIBIAAo74OAoARgAWoTYnV0dG9uMy5hbXMuaHYucHJvZIIBDwgDEDUYsUYgACjzg4CgBIgB2YHdVJABAJgBAA/0/1643129334136
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 16:48:55 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H2 202 5f33f5d44f29ea099db90d2a Show response
events.launchdarkly.com/events/bulk/ 0
328 B 97ms
97ms XHR
application/json 34.194.47.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f33f5d44f29ea099db90d2a

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.47.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-47-33.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Payload-ID: aff5ced0-7dfe-11ec-a793-973365e02e03
X-LaunchDarkly-Event-Schema: 3
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jan 2022 16:48:57 GMT
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
strict-transport-security: max-age=31536000
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
content-length: 0

OPTIONS
H2 204 5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/bulk/ 0
0 104ms
103ms Preflight 34.194.47.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.47.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-47-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:56 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000

OPTIONS
H2 200 Users
bma.sf-api.com/sf/v3/ 0
0 108ms
108ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:56 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bma.securevdr.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637787081369574208
citrix-transactionid: 1dcf9c72-cfde-4c17-9956-ba485320dfec
correlationid: VT6yknuy3kqF_3xn5BuUag
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

OPTIONS
H2 200 Accounts
bma.sf-api.com/sf/v3/ 0
0 130ms
129ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:56 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bma.securevdr.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637787081369557268
citrix-transactionid: 4c893cb5-6477-42a4-93ae-4ed6e88a2c12
correlationid: jxcXELHdOkyHQDMEw__MMA
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 401 Users
bma.sf-api.com/sf/v3/ 121 B
1 KB 616ms
616ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: bBEjZ_0Nsm4DxDblKk3urw
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: ba5bbc9b-d79c-4469-a815-0d60de6de3a2
date: Tue, 25 Jan 2022 16:48:57 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ac52d20a-2a0f-5371-808e-2da6f273d3a3
correlationid: bBEjZ_0Nsm4DxDblKk3urw
content-length: 121
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://bma.securevdr.com
x-sfapi-requestid: 637787081375678665
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 Accounts
bma.sf-api.com/sf/v3/ 121 B
1 KB 642ms
642ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: 603ac7S4dGSPEg4IVvEmyw
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 2ee05fce-10a1-45e8-99c1-43a695c9c457
date: Tue, 25 Jan 2022 16:48:57 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ac52d20a-2a0f-5371-808e-2da6f273d3a3
correlationid: 603ac7S4dGSPEg4IVvEmyw
content-length: 121
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://bma.securevdr.com
x-sfapi-requestid: 637787081375908458
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 WorkspaceConfig
bma.sf-api.com/sf/v3/Accounts/ 121 B
1 KB 618ms
618ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: hE7gXaKarishC_Bhn1Avww
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: bf21280b-f454-47f6-a5fb-f3fb95a408ce
date: Tue, 25 Jan 2022 16:48:57 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ac52d20a-2a0f-5371-808e-2da6f273d3a3
correlationid: hE7gXaKarishC_Bhn1Avww
content-length: 121
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://bma.securevdr.com
x-sfapi-requestid: 637787081376099447
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

OPTIONS
H2 200 WorkspaceConfig
bma.sf-api.com/sf/v3/Accounts/ 0
0 169ms
169ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:57 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bma.securevdr.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637787081369717842
citrix-transactionid: dec06afe-80f8-497a-86a8-4b35871ab17c
correlationid: qMbJAibXZkmqMt6RFBiZ_Q
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2

200

Primary Request Login Show response
bma.securevdr.com/Authentication/
Redirect Chain

https://bma.securevdr.com/login
https://bma.securevdr.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=TKnkdIvp6acknc0rT8WplA--&redirect_uri=https%3a%2f%2fsecure.securevdr.com%2flogin%2foauthlogin&sa...
https://bma.securevdr.com/Authentication/Login

6 KB
4 KB

318ms
317ms

Document
text/html

76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/Authentication/Login

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8a255eeb9575473b9baa6fe3bb6c2b3d65832c4726510e2c618f22d8cc1c11ff

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-OOKgAyyDyWZTeBlUQLeJQg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bma.securevdr.com/

Response headers

date: Tue, 25 Jan 2022 16:48:58 GMT
content-type: text/html; charset=utf-8
content-length: 2653
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 92a2b596-c12b-41cf-a054-053953f0f30d
x-frame-options: SAMEORIGIN
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-OOKgAyyDyWZTeBlUQLeJQg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

Redirect headers

date: Tue, 25 Jan 2022 16:48:58 GMT
content-type: text/html; charset=utf-8
content-length: 138
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
location: /Authentication/Login
citrix-transactionid: 7e0c4ad4-9f50-4b10-bb43-4b335b77d12b
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

GET
H2 200 Branding
bma.sf-api.com/sf/v3/Accounts/ 4 KB
5 KB 920ms
920ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/bundles/index.02f9d7b97efd42ebbd37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: lRhx5EMEjniep9Waj7GHzw
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 288b45fd-4aee-4fb5-a22b-2b5a39d96c54
date: Tue, 25 Jan 2022 16:48:58 GMT
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ac52d20a-2a0f-5371-808e-2da6f273d3a3
correlationid: lRhx5EMEjniep9Waj7GHzw
content-length: 3735
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://bma.securevdr.com
x-sfapi-requestid: 637787081382187826
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

OPTIONS
H2 200 Branding
bma.sf-api.com/sf/v3/Accounts/ 0
0 150ms
150ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.sf-api.com/sf/v3/Accounts/Branding

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://bma.securevdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 25 Jan 2022 16:48:57 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://bma.securevdr.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637787081377368244
citrix-transactionid: ad6dc63c-036f-46e9-80de-e91536983bd3
correlationid: t2dkzDRSwECm_xkAjgFwCw
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 200 custom.css
bma.securevdr.com/cache/sha/_Auth/Styles/custom/ 27 KB
6 KB 98ms
97ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bma.securevdr.com/cache/sha/_Auth/Styles/custom/custom.css?v=zRr9-Ecp5SFin_ykpjpLlsJtU8b6Ccxiiby_jb5647c1

Requested by

Host: bma.securevdr.com
URL: https://bma.securevdr.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bma.securevdr.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:48:58 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 24 Jan 2022 12:58:26 GMT
server: Microsoft-IIS/10.0
etag: "0856e132211d81:0"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 5339
x-content-type-options: nosniff

GET errorhandler.js
bma.securevdr.com/_Auth/ 0
0

GET webpop
bma.securevdr.com/cache/sha/javascript/bundles/ 0
0

GET webpoprequireconfig
bma.securevdr.com/cache/sha/bundles/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bma.securevdr.com
URL: https://bma.securevdr.com/_Auth/errorhandler.js

Domain: bma.securevdr.com
URL: https://bma.securevdr.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Domain: bma.securevdr.com
URL: https://bma.securevdr.com/cache/sha/bundles/webpoprequireconfig?v=jWlLbyFw0-Fc1ZuEBA9OsqzolkRNAODk4V9Z5w3TqQc1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bma.securevdr.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: w4jivwasdzpdkyocnkajn1wc
bma.sf-api.com/	1970-01-20 00:35:34	Name: AWSALBTGCORS Value: kEyqBX4443UlRewmgsN8RasJiEHg/xJz9KPPaV5ZoHa8nIWnKOfkTm1umRucnvm7jJ+MfF81hBaFpnOczZHChObPGS23GcFXi8CFJH+qn2r4X0tpjqPB5zuiaANFIPOptUIh7yR3AwFdXZ18V64L0zJLRkYt/N/4KesR24ToEkug
bma.sf-api.com/	1970-01-20 00:35:34	Name: AWSALBCORS Value: qjkgGxt+cDG/xAPKWGOx0iycraC9pTX8JIT7a8WywJtiMRL9VBXqavXYizNbp2bycwuTm1liqKED3YYGyRp8/VYhQNydeg/UMA9jOnd10UtkQ12ptLiEwAkeOWOz
.securevdr.com/	1969-12-31 23:59:59	Name: SF_Subdomain Value: bma
bma.securevdr.com/	1970-01-20 00:35:34	Name: AWSALBTG Value: skG8V//3G2119fPtmXLeqm2HCuVNzznhhnZybx0xI6kftphaU3zaGFA34idnZjCupUfciOPazybUP1631tANVLdv7DBvB8zgP+2iSQOPUO5saKbH8lFDHdExgU7nq2/4INQK5jMu8yWFDzGuMoI1FUYNogs4o4dMSEoRHfhViIcS
bma.securevdr.com/	1970-01-20 00:35:34	Name: AWSALBTGCORS Value: skG8V//3G2119fPtmXLeqm2HCuVNzznhhnZybx0xI6kftphaU3zaGFA34idnZjCupUfciOPazybUP1631tANVLdv7DBvB8zgP+2iSQOPUO5saKbH8lFDHdExgU7nq2/4INQK5jMu8yWFDzGuMoI1FUYNogs4o4dMSEoRHfhViIcS
bma.securevdr.com/	1970-01-20 00:35:34	Name: AWSALB Value: TuSyoSA8BsUohHt3sU3fLnCtZatad2BgV9Gcw/blqrem46klvGD7C9t4CEwxhMQKAQE9e4vVhbS7KxDavQigMsxN5l1ixWDqaOXaFc0q4ib3l4C6GnUSY2JcWIqp
bma.securevdr.com/	1970-01-20 00:35:34	Name: AWSALBCORS Value: TuSyoSA8BsUohHt3sU3fLnCtZatad2BgV9Gcw/blqrem46klvGD7C9t4CEwxhMQKAQE9e4vVhbS7KxDavQigMsxN5l1ixWDqaOXaFc0q4ib3l4C6GnUSY2JcWIqp
bma.securevdr.com/	1969-12-31 23:59:59	Name: clientRequest Value: eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNlY3VyZXZkci5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiVEtua2RJdnA2YWNrbmMwclQ4V3BsQS0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJibWEiLCI8dGhlbWU+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8dXNlckhpbnQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8dXNlcm5hbWU+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8d2lkdGg+a19fQmFja2luZ0ZpZWxkIjpudWxsfQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bma.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://bma.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://bma.sf-api.com/sf/v3/Accounts/WorkspaceConfig Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-FjGAbUnKBWpF8ouX3cjUIg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
bma.securevdr.com
bma.sf-api.com
citrix-sharefile-content.customer.pendo.io
events.launchdarkly.com
i2-inwxgwcpgjqbfedvcrvudvponizphd.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
bma.securevdr.com
104.225.98.131
13.248.193.251
151.101.130.217
2607:f740:e619::1
34.107.168.21
34.194.47.33
45.54.49.5
76.223.1.166
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
2a20938ac07f2ae02f47a0b2117dee2c1da41ed5fb9ae146adbebf3db1045bde
34c3b3e3adb3207f6c88b68383ee14f9775d7590c73631a10e939b235157806f
38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
8a255eeb9575473b9baa6fe3bb6c2b3d65832c4726510e2c618f22d8cc1c11ff
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8d99f999691e0eb9521ee8a295ae25a2af351f0bce3ac323f6b6d912cf82ee8b
a422587b8f28705851f8a581f719dfbd4964ef2b937bf3c255cab8073ceda93a
a8c3b10cb22229623ab04dd247caa18ac3b52bb5021b99bc44e62019b6c61941
d3d91adad583aa791d007b58c9278df4e47284de0f59d50e208a1e667217e7d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f266da7c9d3e020129a7b36a0265252b9e5964b9c90a7a57c755c2b6606acf4c

bma.securevdr.com Open in urlscan Pro 76.223.1.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

33 Requests

88 %HTTPS

13 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

804 kBTransfer

2602 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

bma.securevdr.com Open in urlscan Pro
76.223.1.166 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

88 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

804 kB
Transfer

2602 kB
Size

9
Cookies

33 HTTP transactions
0 data transactions