www.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gbtpa.sharefile.com/
Effective URL:
https://www.gallagherbassett.com/sso/App/Logon
Submission Tags: falconsandbox
Submission: On July 23 via api (July 23rd 2021, 1:07:43 am UTC) from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 53 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is www.gallagherbassett.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.

This is the only time www.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	76.223.1.166 76.223.1.166	16509 (AMAZON-02) (AMAZON-02)
4	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1 2	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
2	34.107.168.21 34.107.168.21	15169 (GOOGLE) (GOOGLE)
1	104.225.98.129 104.225.98.129	36236 (NETACTUATE) (NETACTUATE)
2	54.87.4.158 54.87.4.158	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
2	151.147.160.186 151.147.160.186	46342 (AJGCO) (AJGCO)
12	45.60.123.80 45.60.123.80	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
53	11

26 76.223.1.166 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com

gbtpa.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gbtpa.sf-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.57.45 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.168.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.168.107.34.bc.googleusercontent.com

citrix-sharefile-content.customer.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.129 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 129.98.225.104.ptr.anycast.net

i2-twgujnxigfinotfqjklnqbwvwqzcvy.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.87.4.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-4-158.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.147.160.186 (United States)

ASN46342 (AJGCO, US)

sso.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.60.123.80 (United States)

ASN19551 (INCAPSULA, US)

www.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sharefile.com 2 redirects gbtpa.sharefile.com	875 KB
14	gallagherbassett.com sso.gallagherbassett.com www.gallagherbassett.com	565 KB
9	sf-api.com gbtpa.sf-api.com	7 KB
6	launchdarkly.com app.launchdarkly.com events.launchdarkly.com	3 KB
3	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	19 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	pendo.io citrix-sharefile-content.customer.pendo.io	255 KB
1	cedexis-radar.net i2-twgujnxigfinotfqjklnqbwvwqzcvy.init.cedexis-radar.net	1 KB
53	8

	Domain	Requested by
17	gbtpa.sharefile.com	2 redirects gbtpa.sharefile.com
12	www.gallagherbassett.com	www.gallagherbassett.com
9	gbtpa.sf-api.com	gbtpa.sharefile.com
4	app.launchdarkly.com	gbtpa.sharefile.com
2	www.google-analytics.com	www.gallagherbassett.com www.google-analytics.com
2	sso.gallagherbassett.com	www.gallagherbassett.com
2	events.launchdarkly.com	gbtpa.sharefile.com
2	citrix-sharefile-content.customer.pendo.io	gbtpa.sharefile.com
2	radar.cedexis.com	1 redirects gbtpa.sharefile.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-twgujnxigfinotfqjklnqbwvwqzcvy.init.cedexis-radar.net	radar.cedexis.com
53	11

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com Amazon	`2020-11-18` - `2021-12-19`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
citrix-sharefile-content.customer.pendo.io GTS CA 1D4	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh
*.sf-api.com Amazon	`2020-11-17` - `2021-12-17`	a year	crt.sh
events.launchdarkly.com Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
sso.gallagherbassett.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-31` - `2022-06-08`	a year	crt.sh
www.gallagherbassett.com DigiCert SHA2 Secure Server CA	`2020-02-24` - `2022-03-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gallagherbassett.com/sso/App/Logon
Frame ID: 26F51D249665C8CBF14D793EAC0A37FF
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gbtpa.sharefile.com/ Page URL
https://gbtpa.sharefile.com/login HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=B... HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=W... Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL

Page Statistics

53
Requests

96 %
HTTPS

20 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

1741 kB
Transfer

5950 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbtpa.sharefile.com/ Page URL
https://gbtpa.sharefile.com/login HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=BjVLe3BgRPKoUG2eJ4iZhQ--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=WD.QR9CNlNovd8GzMLiUxQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1621860284/radar.js

Request Chain 24

https://gbtpa.sharefile.com/login HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=BjVLe3BgRPKoUG2eJ4iZhQ--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gbtpa.sharefile.com/ 3 KB
3 KB 1105ms
886ms Document
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

1f57cd853a25fe5b93eca9ce2469ea73f5cf12755d8edad3b6860aee2769a373

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-F0GBk3SwEM6rBCb5mapfOg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:27 GMT
content-type: text/html; charset=utf-8
content-length: 1301
set-cookie: AWSALBTG=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; Expires=Fri, 30 Jul 2021 01:07:26 GMT; Path=/ AWSALBTGCORS=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; Expires=Fri, 30 Jul 2021 01:07:26 GMT; Path=/; SameSite=None; Secure AWSALB=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; Expires=Fri, 30 Jul 2021 01:07:26 GMT; Path=/ AWSALBCORS=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; Expires=Fri, 30 Jul 2021 01:07:26 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; path=/; secure; HttpOnly; SameSite=None
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 965c69b3-a447-46a9-be71-b63f95194216
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-F0GBk3SwEM6rBCb5mapfOg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

GET
H2 200 spinner.css
gbtpa.sharefile.com/css/ 1 KB
1 KB 104ms
103ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/css/spinner.css

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/spinner.css
pragma: no-cache
cookie: AWSALBTG=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; AWSALBTGCORS=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; AWSALB=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; AWSALBCORS=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:27 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 14:56:50 GMT
server: Microsoft-IIS/10.0
etag: "0659b79c078d71:0"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=7rKOkCnwvaN7aQNP5P8jMR3bk4N80rcuRdsmEq+pECDXRkFQqFuk//GFHLlHPiX+CWms+ilsLWZHrO4OBkm9QyHZd4cM5Tef2yoQsbuTSudV6rKHdYSoQ3wjMFl2eUEt3jnwEovW/91DPe1SnjOKYW2A0ocan838cnWA2g3W71ZU; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBTGCORS=7rKOkCnwvaN7aQNP5P8jMR3bk4N80rcuRdsmEq+pECDXRkFQqFuk//GFHLlHPiX+CWms+ilsLWZHrO4OBkm9QyHZd4cM5Tef2yoQsbuTSudV6rKHdYSoQ3wjMFl2eUEt3jnwEovW/91DPe1SnjOKYW2A0ocan838cnWA2g3W71ZU; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure AWSALB=CJmqcpbd3lfq4sFYeWFUjtkv8VGDWqUzA0+GgskfzWxLrsn8FHzZKrzikuLFHNkXf+xV4uWPDpXwCujatS4sQptfENBJf4eRF7yeIPdgoaSJXlXsf65FdMfItVCc; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBCORS=CJmqcpbd3lfq4sFYeWFUjtkv8VGDWqUzA0+GgskfzWxLrsn8FHzZKrzikuLFHNkXf+xV4uWPDpXwCujatS4sQptfENBJf4eRF7yeIPdgoaSJXlXsf65FdMfItVCc; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 ShimSham Show response
gbtpa.sharefile.com/javascript/bundles/ 86 KB
26 KB 275ms
275ms Script
text/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
pragma: no-cache
cookie: AWSALBTG=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; AWSALBTGCORS=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; AWSALB=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; AWSALBCORS=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid: bb477b5e-7bc5-4e24-94e9-fa3786bbd7c1
date: Fri, 23 Jul 2021 01:07:27 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 23 Jul 2021 01:07:27 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
set-cookie: AWSALBTG=CWT0N6aauCEq61Cykdc6IsWVqPfwZoKSijRRMrh9YU7GjOexh6nXys+A8Ev1hjcY4xpAkFVju9EjPb5+wxCoYoD4ILSsuZGo+tx+8ZntpOdPsmmev4oztuh1pI5nyS16CbkiA3KD7kz1UvC5GFrwPtjyviHO6EGo/1NS29CC68Hm; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBTGCORS=CWT0N6aauCEq61Cykdc6IsWVqPfwZoKSijRRMrh9YU7GjOexh6nXys+A8Ev1hjcY4xpAkFVju9EjPb5+wxCoYoD4ILSsuZGo+tx+8ZntpOdPsmmev4oztuh1pI5nyS16CbkiA3KD7kz1UvC5GFrwPtjyviHO6EGo/1NS29CC68Hm; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure AWSALB=kMbwfavzMcJRJkSeKa9L9tI/6k3rF6ZkggkN0aeDORMpT0MKoYxRIljoTdVyOY3swg74wsvIui0GpH3NeOaBpPTlW0jeRDgxKivz82L3KrIh8+kb7VMMIvPcn9Kn; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBCORS=kMbwfavzMcJRJkSeKa9L9tI/6k3rF6ZkggkN0aeDORMpT0MKoYxRIljoTdVyOY3swg74wsvIui0GpH3NeOaBpPTlW0jeRDgxKivz82L3KrIh8+kb7VMMIvPcn9Kn; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 25784
x-content-type-options: nosniff
expires: Sat, 23 Jul 2022 01:07:27 GMT

GET
H2 200 index.d254a68aa2bffc214576.js Show response
gbtpa.sharefile.com/bundles/ 2 MB
568 KB 114ms
114ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

f5c3c40b1aa5d6c2ed8f733d923197a3b55ad86a2910382e0ec376b605dcbbfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/index.d254a68aa2bffc214576.js
pragma: no-cache
cookie: AWSALBTG=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; AWSALBTGCORS=p8VkELQWtvZFZ6HcWKHzyT4cZJEp07dJhH+mV/jwelazvv2UzTA4tGKHtY7E0nemq+2nqhvsVHUBaRd8/hN48rSGj/cMTPeKOnxKlw6Yl8wQK6Y4p6Wo4GbHr2OaqdT2gf03Xt6gL+tZEqg2gx0MJ9OkO7t1MPA6EwmO/wP5Fmi/; AWSALB=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; AWSALBCORS=zFY+MOd5scX7ijvogVZhZtXmVuGXNwvF7ThwFd8KZXoMh4ns5r/FsMKINrsUiE2UyOjcNG65mZM+lkSDVYislw8LRPz+nhgB5JWZHB//OGibNIi+OLVl9Yw7fed+; ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:27 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 15:01:32 GMT
server: Microsoft-IIS/10.0
etag: "02eb121c178d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=nSIeXyEUrN4GTy6K+Fnq9FqgtHNcDP2NJSJXPTkGfcknBSFGEnZITwt8FB+7Qgjj2gC0Npo575DfCgi5Q1h33AykpWG9n6XIpo0EWoGeonLEB7x+eVuf8gLwT2ohN4KPparsWiGoWx6utX6RHe8pGvauoYKyao2TYTIZ5+Rna5yd; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBTGCORS=nSIeXyEUrN4GTy6K+Fnq9FqgtHNcDP2NJSJXPTkGfcknBSFGEnZITwt8FB+7Qgjj2gC0Npo575DfCgi5Q1h33AykpWG9n6XIpo0EWoGeonLEB7x+eVuf8gLwT2ohN4KPparsWiGoWx6utX6RHe8pGvauoYKyao2TYTIZ5+Rna5yd; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure AWSALB=iL/iMREFEHe2jFiBIhKEWiXNM/PcoPiUvDzuUmBnojdQ6G3tl02LtC7kBEKCCIn8854JLJC06CBROvWElAs9TUBDnMnIq7jKAq6nAaPD031zZULHki4XgICgf5rD; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBCORS=iL/iMREFEHe2jFiBIhKEWiXNM/PcoPiUvDzuUmBnojdQ6G3tl02LtC7kBEKCCIn8854JLJC06CBROvWElAs9TUBDnMnIq7jKAq6nAaPD031zZULHki4XgICgf5rD; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 579787
x-content-type-options: nosniff

GET
H2 200 spinner.svg
gbtpa.sharefile.com/css/ 1 KB
2 KB 240ms
240ms Image
image/svg+xml 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/css/spinner.svg

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/css/spinner.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/spinner.svg
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; AWSALBTG=7rKOkCnwvaN7aQNP5P8jMR3bk4N80rcuRdsmEq+pECDXRkFQqFuk//GFHLlHPiX+CWms+ilsLWZHrO4OBkm9QyHZd4cM5Tef2yoQsbuTSudV6rKHdYSoQ3wjMFl2eUEt3jnwEovW/91DPe1SnjOKYW2A0ocan838cnWA2g3W71ZU; AWSALBTGCORS=7rKOkCnwvaN7aQNP5P8jMR3bk4N80rcuRdsmEq+pECDXRkFQqFuk//GFHLlHPiX+CWms+ilsLWZHrO4OBkm9QyHZd4cM5Tef2yoQsbuTSudV6rKHdYSoQ3wjMFl2eUEt3jnwEovW/91DPe1SnjOKYW2A0ocan838cnWA2g3W71ZU; AWSALB=CJmqcpbd3lfq4sFYeWFUjtkv8VGDWqUzA0+GgskfzWxLrsn8FHzZKrzikuLFHNkXf+xV4uWPDpXwCujatS4sQptfENBJf4eRF7yeIPdgoaSJXlXsf65FdMfItVCc; AWSALBCORS=CJmqcpbd3lfq4sFYeWFUjtkv8VGDWqUzA0+GgskfzWxLrsn8FHzZKrzikuLFHNkXf+xV4uWPDpXwCujatS4sQptfENBJf4eRF7yeIPdgoaSJXlXsf65FdMfItVCc
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/css/spinner.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:27 GMT
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 14:56:50 GMT
server: Microsoft-IIS/10.0
etag: "0659b79c078d71:0"
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=G6WCtIZUHNFzQGPV+Qac1Fuiw+lNjFvYTLZVSID60OZ4j/aEW1/0J+G3JKLUQUorQdhZxeqJ1r5YsmRpkCbAmBBdVVyhVhc4lkXH+Kt9aQkiCjKv1tXU1fAOFjxYgwRn9h8tKpmTHPavM3WSZSA6eX/m+rVSHi03dCohKNBV70JW; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBTGCORS=G6WCtIZUHNFzQGPV+Qac1Fuiw+lNjFvYTLZVSID60OZ4j/aEW1/0J+G3JKLUQUorQdhZxeqJ1r5YsmRpkCbAmBBdVVyhVhc4lkXH+Kt9aQkiCjKv1tXU1fAOFjxYgwRn9h8tKpmTHPavM3WSZSA6eX/m+rVSHi03dCohKNBV70JW; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure AWSALB=0cJh/fzRY+i62/jA8Q0jb6hIEJTPRsCMHguJj+dsIkwuBiWwWuAQ9fD0/kqXUw+vfP7oeUrQ0wvzGwBBgWj5SHLrwqwIpSNDKQE70ImWDl5/N2cXb23ehs6zfs7j; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBCORS=0cJh/fzRY+i62/jA8Q0jb6hIEJTPRsCMHguJj+dsIkwuBiWwWuAQ9fD0/kqXUw+vfP7oeUrQ0wvzGwBBgWj5SHLrwqwIpSNDKQE70ImWDl5/N2cXb23ehs6zfs7j; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

OPTIONS
H2 200 5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 0
0 449ms
391ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Protocol

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 23 Jul 2021 01:07:28 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1627002448.914746,VS0,VE367
vary: Accept-Encoding
age: 0
content-length: 23

OPTIONS
H2 200 user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 0
0 27ms
26ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Protocol: H2
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: REPORT
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-max-age: 300
access-control-allow-methods: OPTIONS, REPORT
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
allow: OPTIONS, REPORT
accept-ranges: bytes
date: Fri, 23 Jul 2021 01:07:27 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1627002448.943087,VS0,VE2
age: 0
content-length: 0

GET
H2 200 5f33f5d44f29ea099db90d2a Show response
app.launchdarkly.com/sdk/goals/ 2 B
160 B 25ms
25ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-User-Agent: JSClient/2.18.0
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Fri, 23 Jul 2021 01:07:28 GMT
content-length: 26
x-served-by: cache-fra19170-FRA
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1627002448.306486,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 1

GET
H2

200

radar.js Show response
radar.cedexis.com/1621860284/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1621860284/radar.js

44 KB
19 KB

28ms
28ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1621860284/radar.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:28 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 12:50:38 GMT
server: nginx
etag: W/"60aba11e-af61"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=1209600, public
alt-svc: clear
expires: Fri, 06 Aug 2021 01:07:28 GMT

Redirect headers

date: Fri, 23 Jul 2021 01:07:27 GMT
via: 1.1 google
server: nginx
vary: User-Agent,DNT
content-type: text/html
location: /1621860284/radar.js
cache-control: max-age=600
alt-svc: clear
content-length: 154
expires: Fri, 23 Jul 2021 01:17:27 GMT

REPORT
H2 200 user Show response
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 3 KB
3 KB 31ms
31ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7b016fac84098e584711da644c532a65839e3526d90cb630fb5ea6817d8c90c1

Request headers

Referer
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Jul 2021 01:07:27 GMT
via: 1.1 varnish
vary: Authorization, Accept-Encoding
age: 0
x-cache: MISS
content-length: 2788
x-served-by: cache-fra19170-FRA
x-timer: S1627002448.969915,VS0,VE7
etag: "704cbb"
access-control-max-age: 300
access-control-allow-methods: OPTIONS, REPORT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 129f7b5892b22dc00329.js Show response
gbtpa.sharefile.com/bundles/ 18 KB
8 KB 103ms
103ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/129f7b5892b22dc00329.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

0177367d58df17de07d06ef2058ce6ebdb61cba00f2557690b415ec6b15c65e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/129f7b5892b22dc00329.js
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; AWSALBTG=G6WCtIZUHNFzQGPV+Qac1Fuiw+lNjFvYTLZVSID60OZ4j/aEW1/0J+G3JKLUQUorQdhZxeqJ1r5YsmRpkCbAmBBdVVyhVhc4lkXH+Kt9aQkiCjKv1tXU1fAOFjxYgwRn9h8tKpmTHPavM3WSZSA6eX/m+rVSHi03dCohKNBV70JW; AWSALBTGCORS=G6WCtIZUHNFzQGPV+Qac1Fuiw+lNjFvYTLZVSID60OZ4j/aEW1/0J+G3JKLUQUorQdhZxeqJ1r5YsmRpkCbAmBBdVVyhVhc4lkXH+Kt9aQkiCjKv1tXU1fAOFjxYgwRn9h8tKpmTHPavM3WSZSA6eX/m+rVSHi03dCohKNBV70JW; AWSALB=0cJh/fzRY+i62/jA8Q0jb6hIEJTPRsCMHguJj+dsIkwuBiWwWuAQ9fD0/kqXUw+vfP7oeUrQ0wvzGwBBgWj5SHLrwqwIpSNDKQE70ImWDl5/N2cXb23ehs6zfs7j; AWSALBCORS=0cJh/fzRY+i62/jA8Q0jb6hIEJTPRsCMHguJj+dsIkwuBiWwWuAQ9fD0/kqXUw+vfP7oeUrQ0wvzGwBBgWj5SHLrwqwIpSNDKQE70ImWDl5/N2cXb23ehs6zfs7j
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:27 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 15:01:32 GMT
server: Microsoft-IIS/10.0
etag: "02eb121c178d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=29zCI6ITZoh44CXDHCQBLOb3tOnhgcXpnEhrutxr/fkppWxwOBKooSZYBpUflZrWn9A7k0bWweTuUC9+qoBVRepJEUl8+P6S4ZSNGPH0VIda3dcEAQwNZwmTpTV49ZsuBYljklROWHn45DdnZUJ0PGZ4pPYDq+wGnm4kB7z6Fn6W; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBTGCORS=29zCI6ITZoh44CXDHCQBLOb3tOnhgcXpnEhrutxr/fkppWxwOBKooSZYBpUflZrWn9A7k0bWweTuUC9+qoBVRepJEUl8+P6S4ZSNGPH0VIda3dcEAQwNZwmTpTV49ZsuBYljklROWHn45DdnZUJ0PGZ4pPYDq+wGnm4kB7z6Fn6W; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure AWSALB=8ThcpMu1OORvfLPtFS6lDH96e9t+9Ga18vhryo5CM2bgTYUyzNqtOkLpIgfKQmYK4/Izwdh8uzQD++O4xWEyJl+UVJppJTccntlOylmlgQo7+kIRGIb2dMVB+0Lu; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/ AWSALBCORS=8ThcpMu1OORvfLPtFS6lDH96e9t+9Ga18vhryo5CM2bgTYUyzNqtOkLpIgfKQmYK4/Izwdh8uzQD++O4xWEyJl+UVJppJTccntlOylmlgQo7+kIRGIb2dMVB+0Lu; Expires=Fri, 30 Jul 2021 01:07:27 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 6762
x-content-type-options: nosniff

GET
H2 200 pendo.js Show response
citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 410 KB
128 KB 110ms
22ms Script
application/javascript 34.107.168.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.168.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ef771d656b7b2ea245d67840cb760264895cfd1f7e15d23380360138dc8ee4e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:05:45 GMT
content-encoding: gzip
age: 103
x-guploader-uploadid: ADPycdsvBp79MUkn_k84sfmVIywILJXw0eJGy172b4EhAZY09u7HLcJ9xfylD-z5D7S7G9ICobrNd0tMkh9BqxFu_hJoGDz9oA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 130059
last-modified: Thu, 22 Jul 2021 19:08:08 GMT
server: UploadServer
etag: "9ad777c1b68242c166b01f0ea6fdb2ec"
vary: Accept-Encoding
x-goog-hash: crc32c=XKnHVg==, md5=mtd3wbaCQsFmsB8Opv2y7A==
x-goog-generation: 1626980888069654
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 130059
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 23 Jul 2021 01:13:15 GMT

GET
H/1.1 200
Ok providers.json Show response
i2-twgujnxigfinotfqjklnqbwvwqzcvy.init.cedexis-radar.net/i2/1/55156/j1/20/123/1627002448/0/0/ 3 KB
1 KB 87ms
23ms XHR
application/json 104.225.98.129
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-twgujnxigfinotfqjklnqbwvwqzcvy.init.cedexis-radar.net/i2/1/55156/j1/20/123/1627002448/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.129 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 129.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 002646a2eba197d28fe48bcf8ccb47a996ee3b6ef926a1832d8f9eac6844d4d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 01:07:28 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H2 200 Branding Show response
gbtpa.sf-api.com/sf/v3/Accounts/ 4 KB
3 KB 379ms
177ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: 9z7h4L8bRq6ChfESzxQcsw
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 220e2837-9d59-4add-b6d2-42108aac8e69
date: Fri, 23 Jul 2021 01:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: 9z7h4L8bRq6ChfESzxQcsw
vary: Accept-Encoding
content-length: 1746
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637625848486539477
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

OPTIONS
H2 200 Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0 358ms
149ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Protocol

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Jul 2021 01:07:28 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637625848483143540
citrix-transactionid: f5016be1-20ac-43e7-bc61-8b429d9be239
correlationid: mtINRw2J40yfzkO3V6UoJA
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

OPTIONS
H/1.1 204
No Content 5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/diagnostic/ 0
0 317ms
105ms Preflight
application/json 54.87.4.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Protocol

HTTP/1.1

Server

54.87.4.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-4-158.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 23 Jul 2021 01:07:28 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=31536000

POST
H/1.1 202
Accepted 5f33f5d44f29ea099db90d2a Show response
events.launchdarkly.com/events/diagnostic/ 0
509 B 110ms
109ms XHR
application/json 54.87.4.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.4.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-4-158.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 23 Jul 2021 01:07:28 GMT
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

GET
H/1.1 200
Ok 1627002447554 Show response
rpt.cedexis.com/n1/0/1627002446335/0/0/0/0/1627002446335/1627002446336/1627002446353/1627002446353/1627002446555/1627002446367/1627002446555/1627002447441/1627002447442/1627002447444/1627002447942/... 16 B
283 B 81ms
21ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1627002446335/0/0/0/0/1627002446335/1627002446336/1627002446353/1627002446353/1627002446555/1627002446367/1627002446555/1627002447441/1627002447442/1627002447444/1627002447942/1627002447942/1627002447942/1627002448122/1627002448122/1627002448123/_CgJqMRAUGHsiBggBEPSuAyj_iduGBjDQrOiHBjjQrOiHBkCss4sJSg8IAxA1GMF2IAAo84OAoARQkJm1A1oQCAMQNRjswgEgACjvg4CgBGABahNidXR0b24xLmFtcy5odi5wcm9kggETCAMQFBixRiDUgIDABCjHgYCgBIgB0szNwAiQAQCYAQA/0/1627002447554
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 01:07:28 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

OPTIONS
H2 200 Users
gbtpa.sf-api.com/sf/v3/ 0
0 115ms
115ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Protocol

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Jul 2021 01:07:28 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637625848488506187
citrix-transactionid: 67f980c6-4685-4481-9f18-6628185cc178
correlationid: sfuOOWVor0uM9g3n6eTqKQ
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

OPTIONS
H2 200 Accounts
gbtpa.sf-api.com/sf/v3/ 0
0 132ms
132ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams

Protocol

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Jul 2021 01:07:28 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637625848488447166
citrix-transactionid: 35f47553-adad-4eb2-ba36-490acd7ee2fe
correlationid: 1WS8BhA8FkCHPeiCvTth8w
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

OPTIONS
H2 200 WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0 136ms
136ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Protocol

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Jul 2021 01:07:28 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637625848488477559
citrix-transactionid: 88c279b4-f5c7-4ac5-b103-4c3cb6c2d0dd
correlationid: FseuHQgHB0CkYa-phbK9mw
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 401 Users
gbtpa.sf-api.com/sf/v3/ 118 B
1 KB 152ms
152ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: GK-ViOqgReR4CY1id6CT_g
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 54b60ffe-a4df-407e-afd9-8ff70d0f68ca
date: Fri, 23 Jul 2021 01:07:29 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: GK-ViOqgReR4CY1id6CT_g
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637625848489625034
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 Accounts
gbtpa.sf-api.com/sf/v3/ 118 B
1 KB 278ms
278ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: xqPPwytIJJ4bJIH0DgDBYw
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 00ac7a87-cbd6-491c-adf7-cb2ec3890671
date: Fri, 23 Jul 2021 01:07:29 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: xqPPwytIJJ4bJIH0DgDBYw
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637625848490036275
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ 118 B
1 KB 277ms
277ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: F3tRtTKokK8nQctIRP4-Fw
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: fd48c1d7-f08b-49b9-912b-af63bddd9a36
date: Fri, 23 Jul 2021 01:07:29 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: F3tRtTKokK8nQctIRP4-Fw
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637625848490036275
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2

200

https://gbtpa.sharefile.com/login
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=BjVLe3BgRPKoUG2eJ4iZhQ--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&...
https://gbtpa.sharefile.com/Authentication/Login

7 KB
5 KB

274ms
273ms

Document
text/html

76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/Authentication/Login

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.d254a68aa2bffc214576.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

ed0a4422d540e75dfa3423c7e89f8511b7c7b0dc109e9af397c4ed533c26387f

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-I1TZBrQl+6yebsDUCS0J9A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /Authentication/Login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbtpa.sharefile.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=fCQ09rvejFtu4svJjoCAOESpHmaduzvMzyYDuXmvpIT2k1XijmGvugIY3pV8YJExrQP787Q1bjnKOURlbggOzR0HR80WFG1M9k2rTvVJyVpapgydJbf91JWM7fzPwgfCi75oGt1q5FtJe5l5o94WVzNk7+8CVvvzlAa2DTIxQoPa; AWSALBTGCORS=fCQ09rvejFtu4svJjoCAOESpHmaduzvMzyYDuXmvpIT2k1XijmGvugIY3pV8YJExrQP787Q1bjnKOURlbggOzR0HR80WFG1M9k2rTvVJyVpapgydJbf91JWM7fzPwgfCi75oGt1q5FtJe5l5o94WVzNk7+8CVvvzlAa2DTIxQoPa; AWSALB=YbntlWU9oAYXEWT9Mg2zd1+sZL1ywrZRcwMTk9gL8sa1eCAMQ3Lkiza9l8oHOiB4XHZmriNpqzft0Z9nmx7INjH8ZtJFHZYPtFNNriZr3R+KS3qhBHCI/vSjGyzq; AWSALBCORS=YbntlWU9oAYXEWT9Mg2zd1+sZL1ywrZRcwMTk9gL8sa1eCAMQ3Lkiza9l8oHOiB4XHZmriNpqzft0Z9nmx7INjH8ZtJFHZYPtFNNriZr3R+KS3qhBHCI/vSjGyzq; clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiQmpWTGUzQmdSUEtvVUcyZUo0aVpoUS0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gbtpa.sharefile.com/

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-type: text/html; charset=utf-8
content-length: 2905
set-cookie: AWSALBTG=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure clientRequest=; expires=Thu, 22-Jul-2021 01:07:29 GMT; path=/
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: aca4403c-249d-4a52-bed7-8c836c9ca990
x-frame-options: SAMEORIGIN
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-I1TZBrQl+6yebsDUCS0J9A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

Redirect headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-type: text/html; charset=utf-8
content-length: 138
set-cookie: AWSALBTG=fCQ09rvejFtu4svJjoCAOESpHmaduzvMzyYDuXmvpIT2k1XijmGvugIY3pV8YJExrQP787Q1bjnKOURlbggOzR0HR80WFG1M9k2rTvVJyVpapgydJbf91JWM7fzPwgfCi75oGt1q5FtJe5l5o94WVzNk7+8CVvvzlAa2DTIxQoPa; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=fCQ09rvejFtu4svJjoCAOESpHmaduzvMzyYDuXmvpIT2k1XijmGvugIY3pV8YJExrQP787Q1bjnKOURlbggOzR0HR80WFG1M9k2rTvVJyVpapgydJbf91JWM7fzPwgfCi75oGt1q5FtJe5l5o94WVzNk7+8CVvvzlAa2DTIxQoPa; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=YbntlWU9oAYXEWT9Mg2zd1+sZL1ywrZRcwMTk9gL8sa1eCAMQ3Lkiza9l8oHOiB4XHZmriNpqzft0Z9nmx7INjH8ZtJFHZYPtFNNriZr3R+KS3qhBHCI/vSjGyzq; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=YbntlWU9oAYXEWT9Mg2zd1+sZL1ywrZRcwMTk9gL8sa1eCAMQ3Lkiza9l8oHOiB4XHZmriNpqzft0Z9nmx7INjH8ZtJFHZYPtFNNriZr3R+KS3qhBHCI/vSjGyzq; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiQmpWTGUzQmdSUEtvVUcyZUo0aVpoUS0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9; path=/; secure; HttpOnly
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
location: /Authentication/Login
citrix-transactionid: 607bf2cc-575a-4d52-b4f0-7b011ecb8e56
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

GET Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0

OPTIONS
H2 200 Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0 311ms
311ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Protocol

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637625848493449320
citrix-transactionid: 2fbd708e-71db-4b5a-a239-f1a585afecf7
correlationid: 0JE3SyZM7Ue2RNBloqX54w
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 200 custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ 27 KB
6 KB 104ms
103ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=pJxpmKIR-YqQGTqJ-1m6nluw49530NjONkd2g5XWyjU1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

856dccde43264858147306265bf53f0b58a6f535905fd9f6a83021f9894112d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/sha/_Auth/Styles/custom/custom.css?v=pJxpmKIR-YqQGTqJ-1m6nluw49530NjONkd2g5XWyjU1
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALBTGCORS=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALB=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2; AWSALBCORS=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 14:59:58 GMT
server: Microsoft-IIS/10.0
etag: "0eba9e9c078d71:0"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=oNsaUe7Q5i/W+J8f/0uNIu9q8zAPD8t3C2GK0xq29TjBccgf0Rop+9OokTqXaag2xrF5VNYf0XtNb+WLJYgRG2KUQ/knGio1Uc4yBtTDdET/GvglmkTFszB/ox/6RKT2GA9AAsQgMnNK28d87YfdqCK2/MGcd3hYB5sAEnjfN3LR; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=oNsaUe7Q5i/W+J8f/0uNIu9q8zAPD8t3C2GK0xq29TjBccgf0Rop+9OokTqXaag2xrF5VNYf0XtNb+WLJYgRG2KUQ/knGio1Uc4yBtTDdET/GvglmkTFszB/ox/6RKT2GA9AAsQgMnNK28d87YfdqCK2/MGcd3hYB5sAEnjfN3LR; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=ewSQ0cpzeVgbpUo/ZB6hzOPg5x5BWwpt0GNxEJs0KuyKn7xQpUeOLbuzM/SMl2ASGnia0fFi7KjJEtqD9Vz0ZetnBkAmGb2uqoLxuCIQ54M27wAI6ozshESwVNrK; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=ewSQ0cpzeVgbpUo/ZB6hzOPg5x5BWwpt0GNxEJs0KuyKn7xQpUeOLbuzM/SMl2ASGnia0fFi7KjJEtqD9Vz0ZetnBkAmGb2uqoLxuCIQ54M27wAI6ozshESwVNrK; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 5338
x-content-type-options: nosniff

GET
H2 200 errorhandler.js Show response
gbtpa.sharefile.com/_Auth/ 548 B
1 KB 104ms
103ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/_Auth/errorhandler.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_Auth/errorhandler.js
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALBTGCORS=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALB=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2; AWSALBCORS=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 14:59:48 GMT
server: Microsoft-IIS/10.0
etag: "0ab4e3c078d71:0"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=+QtSrB3jh3Ih2Rbx0XVQ13sAV0zS4+F0fDqwkEgy57g6c/nujNFPwgAZQpxmMk+okR8cOUepiUtJbvG4gF7z2urniMlWVgw63vWCkP2pmIjQtO9LEYe6sunkr9l+BkzIHy8LfOY1lLTh4vkXn2cnbv2v9f4oPfetPRph6ONHxOM1; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=+QtSrB3jh3Ih2Rbx0XVQ13sAV0zS4+F0fDqwkEgy57g6c/nujNFPwgAZQpxmMk+okR8cOUepiUtJbvG4gF7z2urniMlWVgw63vWCkP2pmIjQtO9LEYe6sunkr9l+BkzIHy8LfOY1lLTh4vkXn2cnbv2v9f4oPfetPRph6ONHxOM1; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=ryf2yd4ugAyyS2HYtFLU/4bqiJBCjvXQXmmXGc9DUNF50zei4ycsrvkuTp4ABiAaBS51DeLvkeDj3H1kHYoTbMV75HYZti9FHeMcoJIT9G8RoN9UMAktIeKPy2fY; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=ryf2yd4ugAyyS2HYtFLU/4bqiJBCjvXQXmmXGc9DUNF50zei4ycsrvkuTp4ABiAaBS51DeLvkeDj3H1kHYoTbMV75HYZti9FHeMcoJIT9G8RoN9UMAktIeKPy2fY; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 349
x-content-type-options: nosniff

GET
H2 200 webpop Show response
gbtpa.sharefile.com/cache/sha/javascript/bundles/ 91 KB
30 KB 109ms
109ms Script
text/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALBTGCORS=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALB=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2; AWSALBCORS=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid: e4666726-5b8c-4204-95d6-cfaa89c59978
date: Fri, 23 Jul 2021 01:07:29 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 23 Jul 2021 01:07:29 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
set-cookie: AWSALBTG=3WTlixlBKso/ctmRBe5djcRXvhrPmnZDF9colDDWf490XE8Z+6WrJUYODYZeYah/cV5E//17Akal9PRvLIB0tnQs2Go6xooAHA7smxCN2Fo7/aDcjrdweN0anPTAs4Bwe+0lmOffqHa65+dmMWzaEZHqf33uTR7I1Xiofc9pt7Jt; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=3WTlixlBKso/ctmRBe5djcRXvhrPmnZDF9colDDWf490XE8Z+6WrJUYODYZeYah/cV5E//17Akal9PRvLIB0tnQs2Go6xooAHA7smxCN2Fo7/aDcjrdweN0anPTAs4Bwe+0lmOffqHa65+dmMWzaEZHqf33uTR7I1Xiofc9pt7Jt; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=mwxNoYjSNiDpqVPw9KHxK+0Oh4dIa6yGO/GajMDacFR0OfBkCpQNBEBKWW3JO1DeOEhZdi7CqMWXh3pKA7qX+lGITRfnHkRth/pCQR7k8BhcNNGpAHciRa7ym6WJ; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=mwxNoYjSNiDpqVPw9KHxK+0Oh4dIa6yGO/GajMDacFR0OfBkCpQNBEBKWW3JO1DeOEhZdi7CqMWXh3pKA7qX+lGITRfnHkRth/pCQR7k8BhcNNGpAHciRa7ym6WJ; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 29743
x-content-type-options: nosniff
expires: Sat, 23 Jul 2022 01:07:29 GMT

GET
H2 200 webpoprequireconfig Show response
gbtpa.sharefile.com/cache/sha/bundles/ 1 KB
2 KB 110ms
109ms Script
text/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=LcWzpTtM1wxRVR7btgLz9Y794DLICOyAGXOr3AgPMLk1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/sha/bundles/webpoprequireconfig?v=LcWzpTtM1wxRVR7btgLz9Y794DLICOyAGXOr3AgPMLk1
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALBTGCORS=taohhWfc6MDZOC16khv1EMFpP94gBP1rsLuZ6sMKwcb4i12X1g/jAxh45ted4+ALuBDWcn8kVFpSMXXHUPCZKxn1Jkq7Ve7k+m8MA/6+M18sCusH1TAh2tf5+1StsAwOg7gSxoEhHivqH4x2LemklKQfbPvLsla+/PpvTSffVsYD; AWSALB=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2; AWSALBCORS=U5H0V4pHiL/7TJal7eXUceg7jc5aat37YmopG1hsADUA8IBgQhjnf5CINlAEquk1Qip7g2WaZfD4/Q0X+Xegf47L3hiSabp49B19zkTKuFUNYkjCeyfsXUd24oP2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid: dbe4f3fd-ce40-4283-8c9e-11da77f04f89
date: Fri, 23 Jul 2021 01:07:29 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 23 Jul 2021 01:07:29 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
set-cookie: AWSALBTG=9/qGoUeYuCXqtnVI/BPvDfLflPtX0XCR6gQuvINn/1X3mo5Sq/twW3wKnMeuaB1kXn9Uj3TRyc6Q90WVyEnchvVPZPIe3Oxw7ohVNzcjHOdOg1a44fQqT3wvllyc2mhKYOGLw0Ir//ZaOYulbqw2gUzaaIGyZ5JsmHMawbs1XnZ5; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=9/qGoUeYuCXqtnVI/BPvDfLflPtX0XCR6gQuvINn/1X3mo5Sq/twW3wKnMeuaB1kXn9Uj3TRyc6Q90WVyEnchvVPZPIe3Oxw7ohVNzcjHOdOg1a44fQqT3wvllyc2mhKYOGLw0Ir//ZaOYulbqw2gUzaaIGyZ5JsmHMawbs1XnZ5; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=Ll7YYg66o9EYNxOcjDtfqwZJZN4zm//N3618sKWKF/m2x6rd++zPmRzsaHHg6/lP6EQAp8+6jobSbvmPIktWHsgRi4wgD8p7NbqnEKh47jgO2iznkmioLSNfoq0A; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=Ll7YYg66o9EYNxOcjDtfqwZJZN4zm//N3618sKWKF/m2x6rd++zPmRzsaHHg6/lP6EQAp8+6jobSbvmPIktWHsgRi4wgD8p7NbqnEKh47jgO2iznkmioLSNfoq0A; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 476
x-content-type-options: nosniff
expires: Sat, 23 Jul 2022 01:07:29 GMT

GET
H2 200 pendo.js Show response
citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 410 KB
127 KB 21ms
20ms Script
application/javascript 34.107.168.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.168.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ef771d656b7b2ea245d67840cb760264895cfd1f7e15d23380360138dc8ee4e1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:05:45 GMT
content-encoding: gzip
age: 104
x-guploader-uploadid: ADPycdsvBp79MUkn_k84sfmVIywILJXw0eJGy172b4EhAZY09u7HLcJ9xfylD-z5D7S7G9ICobrNd0tMkh9BqxFu_hJoGDz9oA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 130059
last-modified: Thu, 22 Jul 2021 19:08:08 GMT
server: UploadServer
etag: "9ad777c1b68242c166b01f0ea6fdb2ec"
vary: Accept-Encoding
x-goog-hash: crc32c=XKnHVg==, md5=mtd3wbaCQsFmsB8Opv2y7A==
x-goog-generation: 1626980888069654
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 130059
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 23 Jul 2021 01:13:15 GMT

GET
H2 200 1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ 8 KB
9 KB 115ms
115ms Image
image/png 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=9/qGoUeYuCXqtnVI/BPvDfLflPtX0XCR6gQuvINn/1X3mo5Sq/twW3wKnMeuaB1kXn9Uj3TRyc6Q90WVyEnchvVPZPIe3Oxw7ohVNzcjHOdOg1a44fQqT3wvllyc2mhKYOGLw0Ir//ZaOYulbqw2gUzaaIGyZ5JsmHMawbs1XnZ5; AWSALBTGCORS=9/qGoUeYuCXqtnVI/BPvDfLflPtX0XCR6gQuvINn/1X3mo5Sq/twW3wKnMeuaB1kXn9Uj3TRyc6Q90WVyEnchvVPZPIe3Oxw7ohVNzcjHOdOg1a44fQqT3wvllyc2mhKYOGLw0Ir//ZaOYulbqw2gUzaaIGyZ5JsmHMawbs1XnZ5; AWSALB=Ll7YYg66o9EYNxOcjDtfqwZJZN4zm//N3618sKWKF/m2x6rd++zPmRzsaHHg6/lP6EQAp8+6jobSbvmPIktWHsgRi4wgD8p7NbqnEKh47jgO2iznkmioLSNfoq0A; AWSALBCORS=Ll7YYg66o9EYNxOcjDtfqwZJZN4zm//N3618sKWKF/m2x6rd++zPmRzsaHHg6/lP6EQAp8+6jobSbvmPIktWHsgRi4wgD8p7NbqnEKh47jgO2iznkmioLSNfoq0A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
referrer-policy: same-origin
last-modified: Mon, 06 Mar 2017 19:21:48 GMT
server: Microsoft-IIS/10.0
etag: "143bc5e6ae96d21:0"
content-type: image/png
x-xss-protection: 1; mode=block
set-cookie: AWSALBTG=olgG4XHPTuoHZqODSyWidiXAzBrtS2RlLcnM1yH9ZOn9xx585Mb8qJFgoPdL3H39OHHG7TMRmQTdJRGwLXkdnfDQcoaQ4Ok/3b2Zv7WtR1iwF+9InKQ8Vje82lv6MUJ/l2VaG+rsVIg7Qt1rEtOJuLjhLvpwHHH2fJPgDorv+Jix; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=olgG4XHPTuoHZqODSyWidiXAzBrtS2RlLcnM1yH9ZOn9xx585Mb8qJFgoPdL3H39OHHG7TMRmQTdJRGwLXkdnfDQcoaQ4Ok/3b2Zv7WtR1iwF+9InKQ8Vje82lv6MUJ/l2VaG+rsVIg7Qt1rEtOJuLjhLvpwHHH2fJPgDorv+Jix; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=stvXWq9MhKM9htQeDxGAqcfc1p/+xLjUHFWPplr2lar6Jba5xdJCAaENnXyrElgVxmclUcdV6OUoYnF3z5d4GD4CGIbpPUDTCBe8EJMdyBnmyH7cMjE4vaH7Wf2x; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=stvXWq9MhKM9htQeDxGAqcfc1p/+xLjUHFWPplr2lar6Jba5xdJCAaENnXyrElgVxmclUcdV6OUoYnF3z5d4GD4CGIbpPUDTCBe8EJMdyBnmyH7cMjE4vaH7Wf2x; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 8438
x-content-type-options: nosniff
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 webpop.js Show response
gbtpa.sharefile.com/cache/73a4e0bf68/bundles/ 731 KB
197 KB 104ms
104ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/73a4e0bf68/bundles/webpop.js
pragma: no-cache
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=9/qGoUeYuCXqtnVI/BPvDfLflPtX0XCR6gQuvINn/1X3mo5Sq/twW3wKnMeuaB1kXn9Uj3TRyc6Q90WVyEnchvVPZPIe3Oxw7ohVNzcjHOdOg1a44fQqT3wvllyc2mhKYOGLw0Ir//ZaOYulbqw2gUzaaIGyZ5JsmHMawbs1XnZ5; AWSALBTGCORS=9/qGoUeYuCXqtnVI/BPvDfLflPtX0XCR6gQuvINn/1X3mo5Sq/twW3wKnMeuaB1kXn9Uj3TRyc6Q90WVyEnchvVPZPIe3Oxw7ohVNzcjHOdOg1a44fQqT3wvllyc2mhKYOGLw0Ir//ZaOYulbqw2gUzaaIGyZ5JsmHMawbs1XnZ5; AWSALB=Ll7YYg66o9EYNxOcjDtfqwZJZN4zm//N3618sKWKF/m2x6rd++zPmRzsaHHg6/lP6EQAp8+6jobSbvmPIktWHsgRi4wgD8p7NbqnEKh47jgO2iznkmioLSNfoq0A; AWSALBCORS=Ll7YYg66o9EYNxOcjDtfqwZJZN4zm//N3618sKWKF/m2x6rd++zPmRzsaHHg6/lP6EQAp8+6jobSbvmPIktWHsgRi4wgD8p7NbqnEKh47jgO2iznkmioLSNfoq0A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 14:59:56 GMT
server: Microsoft-IIS/10.0
etag: "0be78e8c078d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=14Hgm/x6Y6kRSCSr+6OenfsLjwv2KQFsEuYKuVFz6ny5knZOXFk0KuL3ftCDKFm71d731jA5lVHRL3JrxX84bGJ57uVQVZa7KrYwL+ZyJ7Z0e6OFQpxBlJXYurm+HDLM44uLfWLA9kyTAKfu8cLlaMQzqHeaXU+GeFkr8YA9GaqQ; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=14Hgm/x6Y6kRSCSr+6OenfsLjwv2KQFsEuYKuVFz6ny5knZOXFk0KuL3ftCDKFm71d731jA5lVHRL3JrxX84bGJ57uVQVZa7KrYwL+ZyJ7Z0e6OFQpxBlJXYurm+HDLM44uLfWLA9kyTAKfu8cLlaMQzqHeaXU+GeFkr8YA9GaqQ; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=m1UcQGYmuwUSAxFyIzXNJBDMw1bnkmofWLUij2l7L5cu5xVTMSbc/dSczAhNg6osF916FiN12m9wexi8iGwuVS2QZsYzryuh/c9JUO3hzSTekSuB/JdHs5jje4SJ; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=m1UcQGYmuwUSAxFyIzXNJBDMw1bnkmofWLUij2l7L5cu5xVTMSbc/dSczAhNg6osF916FiN12m9wexi8iGwuVS2QZsYzryuh/c9JUO3hzSTekSuB/JdHs5jje4SJ; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 200483
x-content-type-options: nosniff

GET
H2 200 login Show response
gbtpa.sharefile.com/saml/ 5 KB
5 KB 148ms
147ms Document
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=WD.QR9CNlNovd8GzMLiUxQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

a487f305fbdda21af9060f15d56c9adeb5ffa7543eddaa4e6a862c4e2ad4c312

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-tLPX8MJbQWQIJYkDm82a3A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=WD.QR9CNlNovd8GzMLiUxQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbtpa.sharefile.com/Authentication/Login
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=olgG4XHPTuoHZqODSyWidiXAzBrtS2RlLcnM1yH9ZOn9xx585Mb8qJFgoPdL3H39OHHG7TMRmQTdJRGwLXkdnfDQcoaQ4Ok/3b2Zv7WtR1iwF+9InKQ8Vje82lv6MUJ/l2VaG+rsVIg7Qt1rEtOJuLjhLvpwHHH2fJPgDorv+Jix; AWSALBTGCORS=olgG4XHPTuoHZqODSyWidiXAzBrtS2RlLcnM1yH9ZOn9xx585Mb8qJFgoPdL3H39OHHG7TMRmQTdJRGwLXkdnfDQcoaQ4Ok/3b2Zv7WtR1iwF+9InKQ8Vje82lv6MUJ/l2VaG+rsVIg7Qt1rEtOJuLjhLvpwHHH2fJPgDorv+Jix; AWSALB=stvXWq9MhKM9htQeDxGAqcfc1p/+xLjUHFWPplr2lar6Jba5xdJCAaENnXyrElgVxmclUcdV6OUoYnF3z5d4GD4CGIbpPUDTCBe8EJMdyBnmyH7cMjE4vaH7Wf2x; AWSALBCORS=stvXWq9MhKM9htQeDxGAqcfc1p/+xLjUHFWPplr2lar6Jba5xdJCAaENnXyrElgVxmclUcdV6OUoYnF3z5d4GD4CGIbpPUDTCBe8EJMdyBnmyH7cMjE4vaH7Wf2x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gbtpa.sharefile.com/Authentication/Login

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-type: text/html; charset=utf-8
content-length: 3165
set-cookie: AWSALBTG=w4ZJwj4avTZnscSKYGnY9+TldZfIRD87lrpJItJtrnRlTvM8ys/Qi9MIWmU7iigzOLnbtiMPV1+jeW8IVAlJ8oGq6UtRIBr1xuMQ+ZcuCOoJmj3C8bDu8qpbcPsRmbx3hYAzu5QsO++k5sKKa2Q53qqtw30PJjAvQOZJ8yzQnebV; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=w4ZJwj4avTZnscSKYGnY9+TldZfIRD87lrpJItJtrnRlTvM8ys/Qi9MIWmU7iigzOLnbtiMPV1+jeW8IVAlJ8oGq6UtRIBr1xuMQ+ZcuCOoJmj3C8bDu8qpbcPsRmbx3hYAzu5QsO++k5sKKa2Q53qqtw30PJjAvQOZJ8yzQnebV; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=k2/0JVAAMqF5bmJ3+A4l2U5vgmpMvBjA9YlsQ5rgfK/2gJ4/+pLxfFDSOKLkgirluPVvsmd5MBAJt3nwU8E0dQ0lQUkHKAiii/z+yc9C0ijaVmNEZSc2wZ8b9kFG; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=k2/0JVAAMqF5bmJ3+A4l2U5vgmpMvBjA9YlsQ5rgfK/2gJ4/+pLxfFDSOKLkgirluPVvsmd5MBAJt3nwU8E0dQ0lQUkHKAiii/z+yc9C0ijaVmNEZSc2wZ8b9kFG; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: c78b8d34-6ede-4ca7-9923-b8bb1b0f4e05
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-tLPX8MJbQWQIJYkDm82a3A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

GET
H2 200 en.json
gbtpa.sharefile.com/cache/a1d9e828d9abfe8d9d7bb100adc2015ffb2cb872/_Auth/locales/ 25 KB
9 KB 104ms
104ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/a1d9e828d9abfe8d9d7bb100adc2015ffb2cb872/_Auth/locales/en.json

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=1hpphp0he3q4lrs54ll2w3jz; SF_Subdomain=gbtpa; AWSALBTG=olgG4XHPTuoHZqODSyWidiXAzBrtS2RlLcnM1yH9ZOn9xx585Mb8qJFgoPdL3H39OHHG7TMRmQTdJRGwLXkdnfDQcoaQ4Ok/3b2Zv7WtR1iwF+9InKQ8Vje82lv6MUJ/l2VaG+rsVIg7Qt1rEtOJuLjhLvpwHHH2fJPgDorv+Jix; AWSALBTGCORS=olgG4XHPTuoHZqODSyWidiXAzBrtS2RlLcnM1yH9ZOn9xx585Mb8qJFgoPdL3H39OHHG7TMRmQTdJRGwLXkdnfDQcoaQ4Ok/3b2Zv7WtR1iwF+9InKQ8Vje82lv6MUJ/l2VaG+rsVIg7Qt1rEtOJuLjhLvpwHHH2fJPgDorv+Jix; AWSALB=stvXWq9MhKM9htQeDxGAqcfc1p/+xLjUHFWPplr2lar6Jba5xdJCAaENnXyrElgVxmclUcdV6OUoYnF3z5d4GD4CGIbpPUDTCBe8EJMdyBnmyH7cMjE4vaH7Wf2x; AWSALBCORS=stvXWq9MhKM9htQeDxGAqcfc1p/+xLjUHFWPplr2lar6Jba5xdJCAaENnXyrElgVxmclUcdV6OUoYnF3z5d4GD4CGIbpPUDTCBe8EJMdyBnmyH7cMjE4vaH7Wf2x; i18next=en
:path: /cache/a1d9e828d9abfe8d9d7bb100adc2015ffb2cb872/_Auth/locales/en.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:29 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 14:59:58 GMT
server: Microsoft-IIS/10.0
etag: "0eba9e9c078d71:0"
vary: Accept-Encoding
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=5iBLVEMVvHcGOsFxSQq2VMMMQDURTy2cnx4CXcN/g/FnTTfLu8HpHVK8JMxIcSF89Y15sqkp4BmFYGuhB0mA/1cCVs+UGvpbCYYz43OkQ3i7yBZ6/149Rr/XI5pQR519ojv0aOT9DeL5VxEZf2QMeR4p9vX9QDI7+7wo/VgQ1vTP; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBTGCORS=5iBLVEMVvHcGOsFxSQq2VMMMQDURTy2cnx4CXcN/g/FnTTfLu8HpHVK8JMxIcSF89Y15sqkp4BmFYGuhB0mA/1cCVs+UGvpbCYYz43OkQ3i7yBZ6/149Rr/XI5pQR519ojv0aOT9DeL5VxEZf2QMeR4p9vX9QDI7+7wo/VgQ1vTP; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure AWSALB=MMGJNmCW670zlOMOZrx7ZhSMipOi4UKmZ2Slm0YTNsowXcitLZUc6ec1r5McG6aIxLn+b5m32EBkewKOl6ZuN1NEcTe1iLcVdaOwb06SLfc+G0M4dvELuXuByyfp; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/ AWSALBCORS=MMGJNmCW670zlOMOZrx7ZhSMipOi4UKmZ2Slm0YTNsowXcitLZUc6ec1r5McG6aIxLn+b5m32EBkewKOl6ZuN1NEcTe1iLcVdaOwb06SLfc+G0M4dvELuXuByyfp; Expires=Fri, 30 Jul 2021 01:07:29 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 8363
x-content-type-options: nosniff

GET AuthShell.html
gbtpa.sharefile.com/cache/a1d9e828d9abfe8d9d7bb100adc2015ffb2cb872/_Auth/ 0
0

POST
H/1.1 200
OK Cookie set startSSO.ping Show response
sso.gallagherbassett.com/idp/ 6 KB
6 KB 596ms
128ms Document
text/html 151.147.160.186
AJGCO

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.147.160.186 , United States, ASN46342 (AJGCO, US),

Reverse DNS

Software

Resource Hash

7ac75207f4363c1fc311d5c4e1848eacfedf45064a9b1cf9207998933e260eeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;

Request headers

Host: sso.gallagherbassett.com
Connection: keep-alive
Content-Length: 4270
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 01:07:30 GMT
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: PF=GzxbuZG0e9Oegd8TLjXDxV;Path=/;Secure;HttpOnly;SameSite=None
Content-Length: 5670

POST
H2 200 Sharefile Show response
www.gallagherbassett.com/sso/app/startsso/ 5 KB
2 KB 323ms
161ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3c3160919f5da878d9472ed779d9d397cfb7b7006c2c4528763e14834989e613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: POST
:authority: www.gallagherbassett.com
:scheme: https
:path: /sso/app/startsso/Sharefile
content-length: 4526
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://sso.gallagherbassett.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://sso.gallagherbassett.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://sso.gallagherbassett.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sso.gallagherbassett.com/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; expires=Tue, 23-Jul-2041 01:07:30 GMT; path=/; secure; HttpOnly visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; expires=Fri, 22 Jul 2022 06:29:16 GMT; HttpOnly; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None
date: Fri, 23 Jul 2021 01:07:30 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 12-9826268-9727376 pNNN RT(1627002450393 0) q(0 0 0 0) r(2 2) U6

GET
H2 200 gbStyles2059
www.gallagherbassett.com/sso/lib/ 260 KB
47 KB 64ms
63ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/lib/gbStyles2059

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fe460cb24a3b43805ce3f7cd3c71ae52aa964a1bba624af4eb8e7bd6090521d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/lib/gbStyles2059
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 04:25:18 GMT
x-cdn: Imperva
etag: "80aba6a7"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
x-iinfo: 12-9826284-0 0CNN RT(1627002450601 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31288668, public
content-length: 47940
expires: Wed, 20 Jul 2022 04:25:18 GMT

GET
H2 200 preload2059 Show response
www.gallagherbassett.com/sso/bundles/lib/ 697 KB
211 KB 321ms
320ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/preload2059

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/lib/preload2059
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 04:25:18 GMT
x-cdn: Imperva
etag: "8c8b636a"
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
x-iinfo: 12-9826285-0 0CNN RT(1627002450605 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31288668, public
content-length: 215357
expires: Wed, 20 Jul 2022 04:25:18 GMT

GET
H2 200 startssojs2059 Show response
www.gallagherbassett.com/sso/bundles/ 67 KB
20 KB 345ms
345ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/startssojs2059

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

731ff770ae46e620f6c93e76e84f7a43d952ff164f48c4e6ba5190a8b1586992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/startssojs2059
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 04:26:38 GMT
x-cdn: Imperva
etag: "f8734e74"
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
x-iinfo: 12-9826286-0 0CNN RT(1627002450608 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31288748, public
content-length: 20728
expires: Wed, 20 Jul 2022 04:26:38 GMT

GET
H2 200 GBLogo400px.png
www.gallagherbassett.com/sso/images/ 14 KB
14 KB 36ms
36ms Image
image/png 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/images/GBLogo400px.png

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/images/GBLogo400px.png
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:30 GMT
last-modified: Thu, 24 Jun 2021 08:20:54 GMT
x-cdn: Imperva
etag: "077aad9d168d71:0"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 12-9826319-9823515 2CNN RT(1627002450935 0) q(0 0 0 -1) r(0 0)
content-length: 14208

GET
H2 200 spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 3 KB
3 KB 52ms
52ms Image
image/gif 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/SPA/Common/images/spinner.gif
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:31 GMT
last-modified: Thu, 24 Jun 2021 08:21:02 GMT
x-cdn: Imperva
etag: "02b6fded168d71:0"
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 12-9826325-9823392 2CNN RT(1627002451010 0) q(0 0 0 -1) r(0 0)
content-length: 2704

GET
H2 200 postload2059
www.gallagherbassett.com/sso/bundles/lib/ 390 KB
113 KB 43ms
42ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/postload2059

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/lib/postload2059
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 07:10:10 GMT
x-cdn: Imperva
etag: "9c7bb35e"
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
x-iinfo: 12-9826318-0 0CNN RT(1627002450930 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31298560, public
content-length: 115846
expires: Wed, 20 Jul 2022 07:10:10 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 139 KB
20 KB 50ms
50ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=742792130

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=742792130
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20223
content-type: application/javascript

GET
H2 200 analytics.js
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2059

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 992
date: Fri, 23 Jul 2021 00:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 23 Jul 2021 02:50:59 GMT

POST
H2 200 Primary Request Logon Show response
www.gallagherbassett.com/sso/App/ 3 KB
1 KB 168ms
168ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e2ab2ccb9f96e341b0af4cc3df361a1239ab0ef7c6e518670c553629550b690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: POST
:authority: www.gallagherbassett.com
:scheme: https
:path: /sso/App/Logon
content-length: 99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gallagherbassett.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
Upgrade-Insecure-Requests: 1
Origin: https://www.gallagherbassett.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 23 Jul 2021 01:07:30 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 12-9826327-9727376 pNNN RT(1627002451018 0) q(0 0 0 -1) r(1 1) U6

POST
H3-29 200 collect
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1036645153&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=385660870&gjid=765824013&cid=1808284592.1627002451&tid=UA-44339965-5&_gid=1186876660.1627002451&_r=1&_slc=1&z=1791555371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Jul 2021 01:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gallagherbassett.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logonjs2059 Show response
www.gallagherbassett.com/sso/bundles/ 355 KB
102 KB 24ms
23ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/logonjs2059

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/logonjs2059
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==; _ga=GA1.2.1808284592.1627002451; _gid=GA1.2.1186876660.1627002451; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/App/Logon
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 01:07:31 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 04:26:37 GMT
x-cdn: Imperva
etag: "a647ab0b"
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
x-iinfo: 12-9826339-0 0CNN RT(1627002451177 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31288746, public
content-length: 104703
expires: Wed, 20 Jul 2022 04:26:37 GMT

GET
H2 200 _Incapsula_Resource Show response
www.gallagherbassett.com/ 145 KB
20 KB 32ms
32ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=1062561538

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7a28442d238734c79fd0a8429a570fad2646bd37d4293b6148ce008d78456f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=1062561538
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==; _ga=GA1.2.1808284592.1627002451; _gid=GA1.2.1186876660.1627002451; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/App/Logon
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20948
content-type: application/javascript

GET
H/1.1 200
OK openid-configuration Show response
sso.gallagherbassett.com/.well-known/ 3 KB
4 KB 477ms
122ms XHR
application/json 151.147.160.186
AJGCO

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/.well-known/openid-configuration

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2059

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.147.160.186 , United States, ASN46342 (AJGCO, US),

Reverse DNS

Software

Resource Hash

fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;

Request headers

Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Jul 2021 01:07:32 GMT
Referrer-Policy: origin
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.gallagherbassett.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Content-Length: 3169
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 1 B
36 B 22ms
21ms Image
text/plain 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5202530852719145

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.5202530852719145
pragma: no-cache
cookie: mKey=f69ada2b-0c6d-4b95-b53f-0630e094bc7e; visid_incap_1944542=RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ; incap_ses_767_1944542=v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==; _ga=GA1.2.1808284592.1627002451; _gid=GA1.2.1186876660.1627002451; _gat=1; ___utmvc=12TEsXICYgeyWddVfQihO1JZdQuNwtGzHCiV7JI9T3Ulj3Q7ghT8d+EBsPcCk9/o1KTjMxRZ/a6MSiUMWo5cniJgX0DpMxbs2T3+vo7UFsXRtH+lVZdSrM181qHEbTRtKvRtNohFwm2fhlLV9Xq3sx6m4TCH1g3mOllXTgiaoYBEfHoyGNGW0Mzz+D4RLxwmII/jgCtdbWW2j9iX3P7nLoIR4fdAHsJ9XNo6UkEM8h06QQTrDxq+kKWYCCi/p7CxdhDHmlqEU6s8XuSPrQe5GVTZwu9TbWMOSJOaAFmKNst1R3JTug7sRyg6k0qbSEMlHuodKYdLxpOlY7ppm652sMkveV9nodpAoVuQt5Fw2RTAB2A9ISfpT8SM1C47KzmAoSZvIEZXh7yvZ+z5Abyp+LGTCO9XrrkjwoyKDd5CBPqtGL3NqVjyrMZzJBy5rkJoDQshlYeyy/gQJghBWV6+ayhBimhvyfKSqC3Itk1WvBVUl5JXeWaJhMzyBFluihJcc8X8DXb36+24x4Lp/lsGn3WRchSDtSnFynUnIRGyS/XS8NGypY49pY4u9Nc82WA3/iMgExKr8m/U4D+ZWxEcds9d62cYXYeVEy42WzpmRtRlQJw5xmb+RfAcLQBA0LK469DTOc6IX+B+1NEChTZvF2wFbs/I2nBu18XPE+VQfsBnxryOXVuzlJvqVVORkPolhALKgtiaEz0IAozEQ0qiNPbo6zTtBAf++toDWoMrNK4g1fSE89ISrFHQxRBTZE+PmnxOWjUhKOVTxMb7pY9tbSB6v651SY1TK7+3ER7sFfC5GVBYiAYbOzaqkArVJJVLubN5rkE47Q+P2xW9EWONKZ+5mMmy25oFuD9SBzDWx603+vIJLGTjkj5S4jcv5GjD+VwnVlOuIaJ7+VzYv+GaN+GYZQRtxzID8DmST+eSAs48sy/2VtNC0a4TqiS+lMDHRZeYFxsRq7gvpp+2ePD1e10qt4kc8YEBNmSbseJ/gHD/XAIhJ1MyGdcV2ER8HX1HB4TbAJI9OKCAKneicnf/oPCVQOfOPE6NSBZ7WuGyPed2BBZIhj0TKr7fLj5Pq6Zod9xT0XMhdDgavihTJIEByE22Qz2sAXwD68nuByb4/P757M5ogFJrmagX8VqO09im9s097kAIhnd46ckaV4JvarneQmttIDlEmhakZoztMWS37EiB+AQ2Bk+Or2EfMk1TqdKPXYMndRLcTqLyOgQt/8q8deRAtD5J4YzzJXfFq91GPV/pi+jBHkvyx2hQZUuxGn46l7gA+45Is5oPArKu6ANio/SzxzaiiJ+q3n0iBh2gL2mGF09d0YOXcje4cKtT2I4k/ZEfCCZHkIoJRxKC0/SyRhQ5DAVezdrOdx9X9jkqjKDR6HFD5+teuYsImHaicsOBtmOqC5yO98Vgh2hKOsBauBi5xK+KOPwFKKXoVPTn3ARvcuBOxKYIz693VLfj0ba4b9Da5KvxnZl0QrTIKGrKzS4LfyBPjHuRCvXJSZ1xUlX9/EkmiPfQXAyZpPpqJdoobjqoo+T2TLQN02AiRZ8mybJoqXUhqI3kZ3ue+CPSD3bwXCrYOu9rrW2/7c0vzdK+PocFYdMw9ApyDvixjJ+pvuabBoyedw9OqCdpqNze68bjC4FPz7O0T0XlgjanGONWsHkXbX4/Aya86WAP0buCrVXf/lCX/mKZpnW7pTq82wsaxMxUW0TXQCv+1zXV7fTpW87vch+pWAlFS/KpSlLzD3oLJsi6smoTbKs4t8rUXOsVjbVvqx8/kDlFIkbC8Rm5J4tTnaBboB80U0Y14ZOpVYHK672kNFP8AMtmsQ+Z8x66MQ4onhQkzDFAxjq/f6AsKWHc2GYHqOaq6eWw84y4g/hq0wVHHobVo1NSlMS2ApPxeocw/XMFLQd1V6+1Yb9HQQfvsCY+X5EBu99IVGxCa6kEXyDpZqHsJDR61Ao6jrTxz3lqNOTB+sbbwBclwfWrwdTbQ6554XNdzRBtTxZbcV0S/PirZoq4OnmCDfVKbpwsZGlnZXN0PTEzOTU0OCxzPTY5OWY2YzhmOGE4ZTdmODA5MWFlOGFhNTk5Nzg4OWEyOTlhMDg1ODE3Y2E0NmJhNzgyNmJhYzlhYWViMDk5N2E5MjdiYTc5ZjgzOWE3Njcy
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/App/Logon
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gbtpa.sf-api.com
URL: https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Domain: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/a1d9e828d9abfe8d9d7bb100adc2015ffb2cb872/_Auth/AuthShell.html

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gallagherbassett.com/	1970-01-19 19:56:42	Name: _gat Value: 1
.gallagherbassett.com/	1970-01-19 19:58:08	Name: _gid Value: GA1.2.1186876660.1627002451
.gallagherbassett.com/	1970-01-20 13:27:54	Name: _ga Value: GA1.2.1808284592.1627002451
www.gallagherbassett.com/	1970-01-19 19:56:42	Name: ___utmvc Value: 12TEsXICYgeyWddVfQihO1JZdQuNwtGzHCiV7JI9T3Ulj3Q7ghT8d+EBsPcCk9/o1KTjMxRZ/a6MSiUMWo5cniJgX0DpMxbs2T3+vo7UFsXRtH+lVZdSrM181qHEbTRtKvRtNohFwm2fhlLV9Xq3sx6m4TCH1g3mOllXTgiaoYBEfHoyGNGW0Mzz+D4RLxwmII/jgCtdbWW2j9iX3P7nLoIR4fdAHsJ9XNo6UkEM8h06QQTrDxq+kKWYCCi/p7CxdhDHmlqEU6s8XuSPrQe5GVTZwu9TbWMOSJOaAFmKNst1R3JTug7sRyg6k0qbSEMlHuodKYdLxpOlY7ppm652sMkveV9nodpAoVuQt5Fw2RTAB2A9ISfpT8SM1C47KzmAoSZvIEZXh7yvZ+z5Abyp+LGTCO9XrrkjwoyKDd5CBPqtGL3NqVjyrMZzJBy5rkJoDQshlYeyy/gQJghBWV6+ayhBimhvyfKSqC3Itk1WvBVUl5JXeWaJhMzyBFluihJcc8X8DXb36+24x4Lp/lsGn3WRchSDtSnFynUnIRGyS/XS8NGypY49pY4u9Nc82WA3/iMgExKr8m/U4D+ZWxEcds9d62cYXYeVEy42WzpmRtRlQJw5xmb+RfAcLQBA0LK469DTOc6IX+B+1NEChTZvF2wFbs/I2nBu18XPE+VQfsBnxryOXVuzlJvqVVORkPolhALKgtiaEz0IAozEQ0qiNPbo6zTtBAf++toDWoMrNK4g1fSE89ISrFHQxRBTZE+PmnxOWjUhKOVTxMb7pY9tbSB6v651SY1TK7+3ER7sFfC5GVBYiAYbOzaqkArVJJVLubN5rkE47Q+P2xW9EWONKZ+5mMmy25oFuD9SBzDWx603+vIJLGTjkj5S4jcv5GjD+VwnVlOuIaJ7+VzYv+GaN+GYZQRtxzID8DmST+eSAs48sy/2VtNC0a4TqiS+lMDHRZeYFxsRq7gvpp+2ePD1e10qt4kc8YEBNmSbseJ/gHD/XAIhJ1MyGdcV2ER8HX1HB4TbAJI9OKCAKneicnf/oPCVQOfOPE6NSBZ7WuGyPed2BBZIhj0TKr7fLj5Pq6Zod9xT0XMhdDgavihTJIEByE22Qz2sAXwD68nuByb4/P757M5ogFJrmagX8VqO09im9s097kAIhnd46ckaV4JvarneQmttIDlEmhakZoztMWS37EiB+AQ2Bk+Or2EfMk1TqdKPXYMndRLcTqLyOgQt/8q8deRAtD5J4YzzJXfFq91GPV/pi+jBHkvyx2hQZUuxGn46l7gA+45Is5oPArKu6ANio/SzxzaiiJ+q3n0iBh2gL2mGF09d0YOXcje4cKtT2I4k/ZEfCCZHkIoJRxKC0/SyRhQ5DAVezdrOdx9X9jkqjKDR6HFD5+teuYsImHaicsOBtmOqC5yO98Vgh2hKOsBauBi5xK+KOPwFKKXoVPTn3ARvcuBOxKYIz693VLfj0ba4b9Da5KvxnZl0QrTIKGrKzS4LfyBPjHuRCvXJSZ1xUlX9/EkmiPfQXAyZpPpqJdoobjqoo+T2TLQN02AiRZ8mybJoqXUhqI3kZ3ue+CPSD3bwXCrYOu9rrW2/7c0vzdK+PocFYdMw9ApyDvixjJ+pvuabBoyedw9OqCdpqNze68bjC4FPz7O0T0XlgjanGONWsHkXbX4/Aya86WAP0buCrVXf/lCX/mKZpnW7pTq82wsaxMxUW0TXQCv+1zXV7fTpW87vch+pWAlFS/KpSlLzD3oLJsi6smoTbKs4t8rUXOsVjbVvqx8/kDlFIkbC8Rm5J4tTnaBboB80U0Y14ZOpVYHK672kNFP8AMtmsQ+Z8x66MQ4onhQkzDFAxjq/f6AsKWHc2GYHqOaq6eWw84y4g/hq0wVHHobVo1NSlMS2ApPxeocw/XMFLQd1V6+1Yb9HQQfvsCY+X5EBu99IVGxCa6kEXyDpZqHsJDR61Ao6jrTxz3lqNOTB+sbbwBclwfWrwdTbQ6554XNdzRBtTxZbcV0S/PirZoq4OnmCDfVKbpwsZGlnZXN0PTEzOTU0OCxzPTY5OWY2YzhmOGE4ZTdmODA5MWFlOGFhNTk5Nzg4OWEyOTlhMDg1ODE3Y2E0NmJhNzgyNmJhYzlhYWViMDk5N2E5MjdiYTc5ZjgzOWE3Njcy
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_767_1944542 Value: v/2DPaMqHxAyLioEDu+kClIW+mAAAAAA+4AVzVnB0hA+IJS408REYQ==
.gallagherbassett.com/	1970-01-20 04:41:11	Name: visid_incap_1944542 Value: RQ6KWtlVQZWptZRTrJztHVIW+mAAAAAAQUIPAAAAAACP9zIT5bO2NPHq4N+LuxVZ
www.gallagherbassett.com/	1970-01-27 03:15:54	Name: mKey Value: f69ada2b-0c6d-4b95-b53f-0630e094bc7e

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://www.gallagherbassett.com/sso/bundles/logonjs2059(Line 5) Message: UserManager.getUser: user not found in storage
console-api	info	URL: https://www.gallagherbassett.com/sso/bundles/logonjs2059(Line 5) Message: UserManager.getUser: user not found in storage
console-api	log	URL: https://www.gallagherbassett.com/sso/App/Logon(Line 72) Message: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-F0GBk3SwEM6rBCb5mapfOg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
citrix-sharefile-content.customer.pendo.io
events.launchdarkly.com
gbtpa.sf-api.com
gbtpa.sharefile.com
i2-twgujnxigfinotfqjklnqbwvwqzcvy.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
gbtpa.sf-api.com
gbtpa.sharefile.com
104.225.98.129
151.101.14.217
151.147.160.186
2607:f740:e619::1
2a00:1450:4001:80f::200e
34.107.168.21
35.241.57.45
45.60.123.80
54.87.4.158
76.223.1.166
002646a2eba197d28fe48bcf8ccb47a996ee3b6ef926a1832d8f9eac6844d4d2
0177367d58df17de07d06ef2058ce6ebdb61cba00f2557690b415ec6b15c65e6
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1f57cd853a25fe5b93eca9ce2469ea73f5cf12755d8edad3b6860aee2769a373
38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378
3c3160919f5da878d9472ed779d9d397cfb7b7006c2c4528763e14834989e613
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292
69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2
731ff770ae46e620f6c93e76e84f7a43d952ff164f48c4e6ba5190a8b1586992
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
7a28442d238734c79fd0a8429a570fad2646bd37d4293b6148ce008d78456f3e
7ac75207f4363c1fc311d5c4e1848eacfedf45064a9b1cf9207998933e260eeb
7b016fac84098e584711da644c532a65839e3526d90cb630fb5ea6817d8c90c1
856dccde43264858147306265bf53f0b58a6f535905fd9f6a83021f9894112d8
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe
8e2ab2ccb9f96e341b0af4cc3df361a1239ab0ef7c6e518670c553629550b690
a487f305fbdda21af9060f15d56c9adeb5ffa7543eddaa4e6a862c4e2ad4c312
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0a4422d540e75dfa3423c7e89f8511b7c7b0dc109e9af397c4ed533c26387f
ef771d656b7b2ea245d67840cb760264895cfd1f7e15d23380360138dc8ee4e1
f5c3c40b1aa5d6c2ed8f733d923197a3b55ad86a2910382e0ec376b605dcbbfd
fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73
fe460cb24a3b43805ce3f7cd3c71ae52aa964a1bba624af4eb8e7bd6090521d5
ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98

www.gallagherbassett.com Open in urlscan Pro 45.60.123.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

53 Requests

96 %HTTPS

20 %IPv6

8 Domains

11 Subdomains

11 IPs

3 Countries

1741 kBTransfer

5950 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

20 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

1741 kB
Transfer

5950 kB
Size

7
Cookies

53 HTTP transactions
0 data transactions