sso.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551
Effective URL:
https://sso.gallagherbassett.com/as/authorization.oauth2?client_id=GBSSO&redirect_uri=https%3A%2F%2Fwww.gallagherbassett.com%2Fss...
Submission: On February 07 via manual (February 7th 2023, 6:37:57 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 46 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is sso.gallagherbassett.com. The Cisco Umbrella rank of the primary domain is 249580.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 16th 2022. Valid for: a year.

This is the only time sso.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	76.223.1.166 76.223.1.166	16509 (AMAZON-02) (AMAZON-02)
2	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
1	34.107.168.21 34.107.168.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	45.60.123.80 45.60.123.80	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
46	6

19 76.223.1.166 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com

gbtpa.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.168.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.168.107.34.bc.googleusercontent.com

citrix-sharefile-content.customer.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 45.60.123.80 (United States)

ASN19551 (INCAPSULA, US)

sso.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	sharefile.com 2 redirects gbtpa.sharefile.com — Cisco Umbrella Rank: 681313	1 MB
16	gallagherbassett.com sso.gallagherbassett.com — Cisco Umbrella Rank: 249580 www.gallagherbassett.com — Cisco Umbrella Rank: 229743	566 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 734	179 B
1	pendo.io citrix-sharefile-content.customer.pendo.io — Cisco Umbrella Rank: 23769 citrix-sharefile-data.customer.pendo.io Failed	135 KB
46	5

	Domain	Requested by
19	gbtpa.sharefile.com	2 redirects gbtpa.sharefile.com
11	www.gallagherbassett.com	www.gallagherbassett.com
5	sso.gallagherbassett.com	sso.gallagherbassett.com www.gallagherbassett.com
2	www.google-analytics.com	www.gallagherbassett.com www.google-analytics.com
2	app.launchdarkly.com	gbtpa.sharefile.com
1	citrix-sharefile-content.customer.pendo.io	gbtpa.sharefile.com
0	citrix-sharefile-data.customer.pendo.io Failed	citrix-sharefile-content.customer.pendo.io
46	7

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com Amazon RSA 2048 M02	`2023-01-03` - `2024-02-01`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
citrix-sharefile-content.customer.pendo.io GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
sso.gallagherbassett.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-16` - `2023-06-08`	a year	crt.sh
www.gallagherbassett.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-03-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Frame: https://www.gallagherbassett.com/sso/app/startsso/IdPApp
Frame ID: 46B02EAF41869F9AB412E9303E172761
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551 Page URL
https://gbtpa.sharefile.com/login?cmd=route&id=/d-e5098a28dad94431&a=f733f742eec72551 HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8... HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8... Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL
https://sso.gallagherbassett.com/as/authorization.oauth2?client_id=GBSSO&redirect_uri=https%3A%2F%2Fwww.galla... Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

46
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

1765 kB
Transfer

6325 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551 Page URL
https://gbtpa.sharefile.com/login?cmd=route&id=/d-e5098a28dad94431&a=f733f742eec72551 HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8Gj17gRFFI1ZQ_1uSeaqNw--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&a=f733f742eec72551&PromptLoginAfterActivation=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8Gj17gRFFI1ZQ_1uSeaqNw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL
https://sso.gallagherbassett.com/as/authorization.oauth2?client_id=GBSSO&redirect_uri=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FCode&response_type=code&scope=edit&state=2e34e2c0652a403d96e79b3f94241aba&code_challenge=c7TNJnCB9XtF5UwU7eP_nYr_UKWpLl2uZeP_7Zz0hNs&code_challenge_method=S256&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://gbtpa.sharefile.com/login?cmd=route&id=/d-e5098a28dad94431&a=f733f742eec72551 HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8Gj17gRFFI1ZQ_1uSeaqNw--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&a=f733f742eec72551&PromptLoginAfterActivation=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 d-e5098a28dad94431 Show response
gbtpa.sharefile.com/ 67 KB
21 KB 1350ms
1117ms Document
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

1522471c7ef74bf42cfe35a28e97beef435a9379b78cdbcc601ccf4ee8ef0dca

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-2WmNH3DZfh9V217APc8V5Q==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: d6cd027f-15fe-4e89-83e1-bcf564093fb4
content-encoding: gzip
content-length: 20171
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-2WmNH3DZfh9V217APc8V5Q==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:37:51 GMT
expires: 0
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 spinner.css
gbtpa.sharefile.com/css/ 1 KB
1 KB 99ms
99ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/css/spinner.css

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:21:42 GMT
etag: "0bfd7323337d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 425
x-xss-protection: 1; mode=block

GET
H2 200 index.f8297ee262ad3971d9b2.js Show response
gbtpa.sharefile.com/bundles/ 3 MB
723 KB 108ms
108ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/index.f8297ee262ad3971d9b2.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

48b5dfd2f4144b35665fb8ba9c5e679e86e442759ceee7dd6901e5d709ca396f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:30:08 GMT
etag: "03871603437d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 738439
x-xss-protection: 1; mode=block

POST
H2 200 cspviolation
gbtpa.sharefile.com/api/ 0
1004 B 105ms
105ms Other
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/api/cspviolation

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

citrix-transactionid: 76270759-e328-4be7-a27c-70b2444bc3f4
pragma: no-cache
date: Tue, 07 Feb 2023 18:37:51 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
cache-control: private,no-cache, no-store, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 spinner.svg
gbtpa.sharefile.com/css/ 1 KB
2 KB 201ms
201ms Image
image/svg+xml 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/css/spinner.svg

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/css/spinner.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:51 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:21:42 GMT
etag: "0bfd7323337d91:0"
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-xss-protection: 1; mode=block

OPTIONS
H2 200 5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 0
0 112ms
22ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://gbtpa.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 07 Feb 2023 18:37:52 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-hhn-etou8220065-HHN
x-timer: S1675795072.283811,VS0,VE10

GET
H2 200 5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 2 B
179 B 12ms
12ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Tue, 07 Feb 2023 18:37:52 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-hhn-etou8220065-HHN
x-timer: S1675795072.305960,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 3

GET
H2

200

https://gbtpa.sharefile.com/login?cmd=route&id=/d-e5098a28dad94431&a=f733f742eec72551
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8Gj17gRFFI1ZQ_1uSeaqNw--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&...
https://gbtpa.sharefile.com/Authentication/Login

7 KB
4 KB

980ms
978ms

Document
text/html

76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/Authentication/Login

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.f8297ee262ad3971d9b2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

06459735468802070abc6f735dd8ef77a71c713bc045d9dcfe7c02eefb561f9b

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-HKYqIBM5ptajfh+NoeFNpg==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 951646ef-8a8f-46e8-92bd-33809e2139d0
content-encoding: gzip
content-length: 2870
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-HKYqIBM5ptajfh+NoeFNpg==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:37:53 GMT
expires: 0
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 076f933e-3d73-4901-ba2a-42d72cb53077
content-length: 138
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:37:52 GMT
expires: 0
location: /Authentication/Login
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ 27 KB
6 KB 102ms
101ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=Tn9rKbcrofni3sjlTDTWVOoV6YHj16em2vsqwHD17CM1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

d9296174757f12c23805ca589cffa7bcaf19652f3f0f8d89c87503b63448d337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:28:42 GMT
etag: "0a92e2d3437d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 5341
x-xss-protection: 1; mode=block

GET
H2 200 errorhandler.js Show response
gbtpa.sharefile.com/_Auth/ 548 B
1 KB 103ms
102ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/_Auth/errorhandler.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:28:20 GMT
etag: "0ba11203437d91:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 349
x-xss-protection: 1; mode=block

GET
H2 200 webpop Show response
gbtpa.sharefile.com/cache/sha/javascript/bundles/ 91 KB
30 KB 113ms
112ms Script
text/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

citrix-transactionid: fc0a623e-3d0c-44bd-b9de-e153054c0e6c
date: Tue, 07 Feb 2023 18:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Tue, 07 Feb 2023 18:37:53 GMT
referrer-policy: same-origin
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 29743
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 18:37:53 GMT

GET
H2 200 webpoprequireconfig Show response
gbtpa.sharefile.com/cache/sha/bundles/ 1 KB
2 KB 110ms
109ms Script
text/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=bK5vc0SGuMCooCbaNCCWeoGfyYtFXizRkCpDE0iiGis1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

94d789b3f07f64b6104c977cfd0f0d140418345a965a9657bf8c6e82ed90080d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

citrix-transactionid: f0fe90f4-b3ff-4d84-bd60-e29f261b9e4e
date: Tue, 07 Feb 2023 18:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
last-modified: Tue, 07 Feb 2023 18:37:53 GMT
referrer-policy: same-origin
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
content-length: 485
x-xss-protection: 1; mode=block
expires: Wed, 07 Feb 2024 18:37:53 GMT

GET
H2 200 1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ 8 KB
9 KB 109ms
109ms Image
image/png 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:53 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Mon, 06 Mar 2017 19:21:48 GMT
etag: "143bc5e6ae96d21:0"
content-type: image/png
accept-ranges: bytes
content-length: 8438
x-xss-protection: 1; mode=block
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 pendo.js
citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 408 KB
135 KB 612ms
30ms Script
application/javascript 34.107.168.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.168.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:36:34 GMT
content-encoding: gzip
age: 80
x-guploader-uploadid: ADPycds8bsPkcZ7IFlyfV-jm49k8JhvZUBV1I__H5Y7b3fF1p6G51wM1FACKVAna3hn7GxS2e1k0DS3hBFnM7ILP30H6GQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137439
last-modified: Fri, 03 Feb 2023 17:17:58 GMT
server: UploadServer
etag: "c0ef6eb8228e4f7bdeb78da4525bdec3"
vary: Accept-Encoding
x-goog-generation: 1675444678873558
x-goog-hash: crc32c=StKJag==, md5=wO9uuCKOT3vet42kUlveww==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 137439
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Feb 2023 18:44:04 GMT

GET
H2 200 webpop.js
gbtpa.sharefile.com/cache/6b5467e864/bundles/ 790 KB
215 KB 116ms
115ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/6b5467e864/bundles/webpop.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:28:40 GMT
etag: "07cfd2b3437d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 219319
x-xss-protection: 1; mode=block

GET
H2 200 login
gbtpa.sharefile.com/saml/ 5 KB
5 KB 232ms
231ms Document
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8Gj17gRFFI1ZQ_1uSeaqNw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/6b5467e864/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-FmJBQa1OI076plqbc6RO3Q==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 69d26555-75c0-4797-9c9e-d4b939358fcd
content-encoding: gzip
content-length: 3198
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-FmJBQa1OI076plqbc6RO3Q==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:37:54 GMT
expires: 0
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 de.json
gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/locales/ 27 KB
10 KB 134ms
133ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/locales/de.json

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/6b5467e864/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:28:42 GMT
etag: "0a92e2d3437d91:0"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 9555
x-xss-protection: 1; mode=block

GET
H2 200 en.json
gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/locales/ 25 KB
9 KB 132ms
131ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/locales/en.json

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/6b5467e864/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:28:42 GMT
etag: "0a92e2d3437d91:0"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 8319
x-xss-protection: 1; mode=block

GET 74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/ptm.gif/ 0
0

GET 74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/guide.json/ 0
0

GET 74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/guide.gif/ 0
0

GET
H2 200 AuthShell.html
gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/ 1 KB
1 KB 118ms
117ms XHR
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/AuthShell.html

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/6b5467e864/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Thu, 02 Feb 2023 18:28:42 GMT
etag: "0a92e2d3437d91:0"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 494
x-xss-protection: 1; mode=block

POST ActivateUser
gbtpa.sharefile.com/sf/v3/Users/ 0
0

GET CitrixSans-Light.woff
gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_auth/styles/fonts/ 0
0

GET 97b66c76-ca97-44b7-8807-7269aa8eb7a7.png
gbtpa.sharefile.com/styles/images/ 0
0

GET ActivateUser.html
gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/ActivateUser/ 0
0

POST
H2 200 cspviolation
gbtpa.sharefile.com/api/ 0
1000 B 116ms
115ms Other
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/api/cspviolation

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-e5098a28dad94431?a=f733f742eec72551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=8Gj17gRFFI1ZQ_1uSeaqNw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/csp-report

Response headers

citrix-transactionid: cb854ea5-6f77-4d55-a8d4-180cbdaed6a4
pragma: no-cache
date: Tue, 07 Feb 2023 18:37:54 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
cache-control: private,no-cache, no-store, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 startSSO.ping Show response
sso.gallagherbassett.com/idp/ 6 KB
4 KB 1078ms
602ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d9db44623573f049bd61d5a2537501fd2b5c3569c00a5db140581e5e541cb741

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
content-type: text/html;charset=utf-8
date: Tue, 07 Feb 2023 18:37:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
referrer-policy: origin
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 2-4762898-4762908 NNYN CT(197 160 0) RT(1675795075222 12) q(0 1 5 104) r(6 6) U6

GET
H2 200 _Incapsula_Resource Show response
sso.gallagherbassett.com/ 140 KB
20 KB 13ms
12ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1819462940

Requested by

Host: sso.gallagherbassett.com
URL: https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c4bd8b27631ce3e67bd00b9a96ab6d415d9eedf6c05cdc361b57f0026d6b5f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20150
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
sso.gallagherbassett.com/ 1 B
36 B 16ms
16ms Image
text/plain 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.32618131393245564

Requested by

Host: sso.gallagherbassett.com
URL: https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H2 200 Sharefile Show response
www.gallagherbassett.com/sso/app/startsso/ 5 KB
2 KB 690ms
129ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c8e4e9178b97dac904ab94d072fdf02f403a88958a33ae3397a124bc03173155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://sso.gallagherbassett.com
Referer: https://sso.gallagherbassett.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:37:55 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 9-10496474-10367296 pNNN RT(1675795076463 11) q(0 0 0 0) r(1 1) U6

GET
H2 200 gbStyles2064
www.gallagherbassett.com/sso/lib/ 260 KB
47 KB 18ms
17ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/lib/gbStyles2064

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be532b88c5b02663e0240b914427e011b6cce820d1105300807a3e9fcc3d0c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 03 Jan 2023 10:13:09 GMT
x-cdn: Imperva
etag: "d1a8ef44"
content-type: text/css; charset=utf-8
x-iinfo: 9-10496474-0 0CNN RT(1675795076463 148) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28481713, public
content-length: 47951
expires: Wed, 03 Jan 2024 10:13:09 GMT

GET
H2 200 preload2064
www.gallagherbassett.com/sso/bundles/lib/ 697 KB
211 KB 41ms
40ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/preload2064

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 03 Jan 2023 10:13:09 GMT
x-cdn: Imperva
etag: "719a5438"
content-type: text/javascript; charset=utf-8
x-iinfo: 9-10496474-0 0CNN RT(1675795076463 151) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28481713, public
content-length: 215365
expires: Wed, 03 Jan 2024 10:13:09 GMT

GET
H2 200 startssojs2064 Show response
www.gallagherbassett.com/sso/bundles/ 68 KB
20 KB 50ms
49ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/startssojs2064

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f8fe7080d21b337e254254648a2c18d4b6bbb937a634c8ebb18a29a3e3e1be5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 03 Jan 2023 10:13:09 GMT
x-cdn: Imperva
etag: "dfa34aa2"
content-type: text/javascript; charset=utf-8
x-iinfo: 9-10496474-0 0CNN RT(1675795076463 155) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28481713, public
content-length: 20884
expires: Wed, 03 Jan 2024 10:13:09 GMT

GET
H2 200 spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 3 KB
3 KB 26ms
26ms Image
image/gif 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:56 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 10 May 2022 09:34:20 GMT
x-cdn: Imperva
etag: "0b68205164d81:0"
content-type: image/gif
x-iinfo: 9-10496474-0 0CNN RT(1675795076463 231) q(0 -1 -1 -1) r(0 -1)
content-length: 2704

GET
H2 200 postload2064
www.gallagherbassett.com/sso/bundles/lib/ 390 KB
113 KB 16ms
15ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/postload2064

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 17 Jan 2023 09:03:34 GMT
x-cdn: Imperva
etag: "9c7bb35e"
content-type: text/javascript; charset=utf-8
x-iinfo: 9-10496474-0 0CNN RT(1675795076463 205) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29687138, public
content-length: 115846
expires: Wed, 17 Jan 2024 09:03:34 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 138 KB
20 KB 25ms
25ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=440519424

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20010
content-type: application/javascript

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 114ms
27ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 17:12:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5148
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 07 Feb 2023 19:12:08 GMT

POST
H2 200 Logon Show response
www.gallagherbassett.com/sso/App/ 3 KB
1 KB 130ms
129ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1dfa4b67f84b8f55b2181f36ad619bec7f42a70a4c084bcf658b246a4c3d43fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.gallagherbassett.com
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 18:37:56 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 9-10496474-10367296 pNNN RT(1675795076463 364) q(0 0 0 -1) r(1 1) U6

POST
H2 200 collect
www.google-analytics.com/j/ 2 B
213 B 52ms
51ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1212076002&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAC~&jid=228474493&gjid=351768483&cid=1243358797.1675795077&tid=UA-44339965-5&_gid=1935231268.1675795077&_r=1&_slc=1&z=1008984392

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:37:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gallagherbassett.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logonjs2064 Show response
www.gallagherbassett.com/sso/bundles/ 355 KB
102 KB 9ms
8ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/logonjs2064

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:37:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 17 Jan 2023 16:16:06 GMT
x-cdn: Imperva
etag: "a647ab0b"
content-type: text/javascript; charset=utf-8
x-iinfo: 9-10496474-0 0CNN RT(1675795076463 489) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29713090, public
content-length: 104703
expires: Wed, 17 Jan 2024 16:16:06 GMT

GET
H2 200 _Incapsula_Resource Show response
www.gallagherbassett.com/ 137 KB
19 KB 18ms
18ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=8&cb=1938254546

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ca84035e391d604e551a087318d6f98fc1fac65f8a5fb68f2ed9cf7ef4d325f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19819
content-type: application/javascript

GET
H2 200 openid-configuration
sso.gallagherbassett.com/.well-known/ 4 KB
2 KB 525ms
489ms XHR
application/json 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/.well-known/openid-configuration

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 18:37:57 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
referrer-policy: origin
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gallagherbassett.com
x-iinfo: 4-33480059-33480062 NNYN CT(118 126 0) RT(1675795076512 21) q(0 0 2 0) r(5 5) U4
cache-control: no-cache, no-store
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 1 B
36 B 6ms
6ms Image
text/plain 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9455097301336792

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 Primary Request authorization.oauth2 Show response
sso.gallagherbassett.com/as/ 2 KB
945 B 134ms
133ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/as/authorization.oauth2?client_id=GBSSO&redirect_uri=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FCode&response_type=code&scope=edit&state=2e34e2c0652a403d96e79b3f94241aba&code_challenge=c7TNJnCB9XtF5UwU7eP_nYr_UKWpLl2uZeP_7Zz0hNs&code_challenge_method=S256&response_mode=query

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6b384f8a6392a0988b177e24d70845de9af2b3e6045ed9b5aed13bebc1dd8aad

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
content-type: text/html;charset=utf-8
date: Tue, 07 Feb 2023 18:37:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
referrer-policy: origin
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 2-4762898-4762908 PNYN RT(1675795075222 2394) q(0 0 0 -1) r(1 1) U12

POST IdPApp
www.gallagherbassett.com/sso/app/startsso/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: citrix-sharefile-data.customer.pendo.io
URL: https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.169.2_prod&ct=1675795074566&jzb=eJzFkc9OwkAQxt9lz7Vdtv-5EfFgYhQjaIwxzdIu7UK722ynIBDenVlQ4ombsaed6czv-2bmY09g2woyJI0AThwyN3rTCZOBbDA7iOIwTkMaB2EYOmQtOwnaZLLAhmxy9zh-yqZZQoPVc5K8V71AAM9z3Ss41ai-rh3SmxrLK4C2G3peOYeWu13FjVjIWri5brxRD5VQIHMOUivvQZdSIao1uu3IcP-ja5_XpGuuyp6XdhqhstkLOVzsYCsGLYoqGP1OFRxsPY09yjxGmY-ctTAd-sA0cwdR6rIMnRSWdgZM-fz-Mh2cAyL9we6LzkaLt12UT5YtchaGN-L08zWY0TEt1eo2KJerTW0XvQWBw_lxdHAuR6g1L64eIfm_I1hv345uWJq4jNovjljqp0H4J8thMTt8HgHHN9lC

Domain: citrix-sharefile-data.customer.pendo.io
URL: https://citrix-sharefile-data.customer.pendo.io/data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=4&jzb=eJx9jr1OxDAQhN9l61NsDIKQ7iQokBA_Agoqa0kW28K3jpz1NSjvfpvmREXnHX2eb37hmJYkpT5MMIB_uX-6e_bvvrdXP699_xkbwQ5wHEtj2RBuOe-g1ax0FJmXwZjwJTN2S8RK3ylTN5aD2TeJxJJGlFTYPJaQWJsOJDihIAxn8fZM_8gzcmgYSAli__EG63mQftVjVi_L_m-kio23N8Y646y71J4j1UWnaOy6i-vbzvm5lgnW9QQ7rFT4&v=2.169.2_prod&ct=1675795074569

Domain: citrix-sharefile-data.customer.pendo.io
URL: https://citrix-sharefile-data.customer.pendo.io/data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1675795074570&v=2.169.2_prod

Domain: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/sf/v3/Users/ActivateUser?activationToken=f733f742eec72551&oAuthClientId=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6

Domain: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_auth/styles/fonts/CitrixSans-Light.woff

Domain: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/styles/images/97b66c76-ca97-44b7-8807-7269aa8eb7a7.png

Domain: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/cf7c638a033c67ac8ac23399a61715085364450a/_Auth/ActivateUser/ActivateUser.html

Domain: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/IdPApp

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gbtpa.sharefile.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: libnba0vsz4e3lgs2lepmub1
.sharefile.com/	1969-12-31 23:59:59	Name: SF_Subdomain Value: gbtpa
gbtpa.sharefile.com/	1969-12-31 23:59:59	Name: i18next Value: de
gbtpa.sharefile.com/	1970-01-20 09:39:59	Name: AWSALBTG Value: 9Z0we28om5PF9iYY2bNW1xn62aiU1IgP8fQerLvcwaBSnmseXfN+9Br0dXni1DaVtheQXZ/F7fPv2ihwIXTFLjhnf/Gql4qMeBzjqW1XLIO8zitdbBhdI4dJLXAVKxrhYYxnc5RIIu6u6sYWTvJ0KOU/nnybQa1fSkXT5P1aCCwQ
gbtpa.sharefile.com/	1970-01-20 09:39:59	Name: AWSALBTGCORS Value: 9Z0we28om5PF9iYY2bNW1xn62aiU1IgP8fQerLvcwaBSnmseXfN+9Br0dXni1DaVtheQXZ/F7fPv2ihwIXTFLjhnf/Gql4qMeBzjqW1XLIO8zitdbBhdI4dJLXAVKxrhYYxnc5RIIu6u6sYWTvJ0KOU/nnybQa1fSkXT5P1aCCwQ
gbtpa.sharefile.com/	1970-01-20 09:39:59	Name: AWSALB Value: /vn2ePwrBLESKwrcl20fWRVFq4h4nl3LxP+AzXC88Wl3kv/EmB+A9Au8/BQM9G0FGTSzOu9vOaAJtcRm7gq+3oMahADf2ys9MhtdEGM0Mknd5P8JqmWKcILap0Ln
gbtpa.sharefile.com/	1970-01-20 09:39:59	Name: AWSALBCORS Value: /vn2ePwrBLESKwrcl20fWRVFq4h4nl3LxP+AzXC88Wl3kv/EmB+A9Au8/BQM9G0FGTSzOu9vOaAJtcRm7gq+3oMahADf2ys9MhtdEGM0Mknd5P8JqmWKcILap0Ln
sso.gallagherbassett.com/	1969-12-31 23:59:59	Name: PF Value: oleDmlCfd5EnfEgEqRAqtD
.gallagherbassett.com/	1970-01-20 18:14:21	Name: visid_incap_2619824 Value: AlHQJUrdRbyzI4hB0dGIsIOa4mMAAAAAQUIPAAAAAABNJS1dD55eUa5Bm6bN6WZ5
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_474_2619824 Value: MvDFVqJAR0sHWIZWRf2TBoOa4mMAAAAAdryvXW4JU1dVFmeVRqKXxg==
sso.gallagherbassett.com/	1970-01-20 09:29:55	Name: ___utmvc Value: QgXLPzcvvVib+GE1lBwQSDITKc2kofrfYuKpKFntGUshvt1cfwSpkmS/kzduaxlc0+noPBsI/MyQOwJLO3G6DwtglGrW1Zo0OvE5A1dXarD54qKBcjnMBq6uPc9Gi0Je7ic7Stj7KOXP3wlgK8dnswDT31clhbkWT3IIcuPNzkOqfSoFJuYd/zJPBeiugwzhILPMi+NCfeSYSWjQWvS+x5uAYifpSmuEeD2pnEoK72RRpbdbFlfRmRHy6xGmt8cO+dsSTPw2/i+9XAE0zVXQ07ezdMZ4IOH1aPb6Q/y5l5/uFXoX98l2ZDweiRqdGGISNQglnXUPujFQ9Uk74LwCwVKWOddfFClETI2q1HIo6Gm8CKZC+wxsCb8mSpzLTRFHfGnGtlW4nrBmJ9oiUUsACM7ZSdD8pJBZzHo464CSTjV0ODN/38vMzPnmuudXpwVrGmt0DgNVA0GAUY7lQnLZwJSXbK7I5DQkERU03oHhf5B9UMTquYd5BTYFNLxiD1/JhC6JUe++d82eMilBnfXdhdw/DULU3f7esghQZj2vg41WAVO4i8DXFo1DQUCfvn3Q6RMRiYmxazuv00Mf3dDAM6llXgyLrwvDWPBFssEa0hrwnnEmPaqjNatNoO7IfajQKpKa+uEt2lulinNyZWbnr2M5rjO+SKiiTPVgo2trnWAN0gSkZk1+PioNy/2dYgHmh6X0sGrDGN0ag7SrdWAur6jq5aAh3EHfxhUsGA15O3YyfZ9e8sHzH3tIRfBiDKAUwVDZ8A4WZdycXwqDo9fygi4hCbHq9Nn/Opi/QoVa7Y3rwr26JXphOVpsNO0OIgd3ZOFbjH88fWsP01FyeWrudb0qgu7CeR+DVPTIsb42u1fEw+8cuZchv8oPWgkhw0s87782IBfXjgAA07LdkE5YZ5TjPKv25WA+eVlxPW0yajflsLTI9EsaM4/70o27GyEPKP+QHgDBDROnay+BKUwG3ZpDQdzaR/03GaRnawGe5s8gXbkYWbCABO2ZNWkRBUwb5+XoN8IdLc27KkzGJ1+1zZbfwTnVMnD/dYaZNgZ4V75staS3zT31j5p71abav6Rr+JZd7XK9651Pj35blRxPwxMUNUi9Gzumg3PaWQ8F/11vcU0DChFvO/Cw9qztr5cwIGPDZLm9lzkZtKrihe+5vqfM7Su2oUWFkBZGDRlys+07alhsPaZqGHvyHqZsBRgT6iqiCnFjyWLcc5mYCiGUSwY0uBtenBFL5u1QrG+W4e2hVqv6A7f1q+Gk8XcUJ4+Gg7vv2ESarQx9s5VJKfqWYRqK5uen1SqynX0r5t1LQZKsDig2A+USQyD9+2hqVg+QHwZXjNSepaNaqLuM11wQ1uy4CQjGQGbMCqDFgQR7ZKL35GqKsCNqEEOiBoQIa7lKGyUKoraDzUomdoaZS4Sjda+FVd4Uqf4UThiJy1M4LZ83FjSIzkXX+oqaujkCLpzgynHurMr5BSUQAWoWTDyScnGitUIrVtObtt0XpoEq5tSlTQ4BVTtu76VfdYV3tNp6n/Uc164vLRtNLhVmuIuLyYZ4zGexpe1UEUJ0ql4C1jb+aJMb8GL5/IUzUjUwjSWKmS1ECHJBC65XySO1scjKq8w0xI7J5cTTpUyvMLn+68E0PXuotYqf8Y//5Dze+61KqwQZs5DW8mV5mCccudMKJJ49rbTyDwU7WlrmAXFLQyXDfyJK475cyuHcPK153z6poIisrHlgYOUETuiB7OFwAXdjxoZ/3JNHgZK5UIVPGiVgrN+HnxERx1bNR0zLSxYym75ms4va9otxPVi83n1zsKMQkTll+kz8RztSzU4gNp0TyBXp+lZPha3gPpLdjHDFYlwf8qC7gww/IknrjgmoNcaLsF0Dxm/pTmHo98GOPq+cebPwkXfu5d7on5gGapAPTYJ4a7/dMXNtw9vBvXc8XGKMni86OFNVrkjikdiUOHSgR6wHR8JNen0O2vVHhbf/Yy/inlTovsfmgSkqK6hkepLCYVN0Bd+7MoINzmn4LoyZwsus2pFKYB/KrbA0Jg91fF87pdDRHavxNptHf94ykLmdh+6aI8BZfZLWlOCAlhXaNmZ3S2sB0UuGkoiZwCm2PQgjQUIGKDGMyNkW0LC7OVHAqcwmekQ7nVwd3JIcrCVU7XTKO9mdkBfEvLPwtzI0A/D2TCZN1C5244KKrc6GvFUOfUCeEZUTboqEonhdCgbF/MLspT4wnFwRM3gF98vF4Ab0JBqQY3GDGijFukJTSjUyELcArSr/gQnKCIdhBh8FFsUVBTnCMQD9JHTY5BrfC1TsTdsxv+wcfKRN0jMi74Xy34aEBulf04gBkGmZ8OQVlb8XFHRjEb1SqEA8R77jJNoMwCgoaHOBQdvAVAUw7iSFPBTHbRlv2bClZFrxGT+z9/fF7+ViyWvf+fCxtDc8orR1uEMhENGwTC9gJGX/RtZxgwqip+BOmzD1k0Xp8qqJz4vQURiwQeHM/vmAHw9nsDR943gq/hHLLf6RuQBnteSIE0ue7eOPM25rRP+Wgav92QNq6Y8pGqX1kmPQ4A5Vvixz2klsMF4Qy7gv+LF1AhNQwZWiO1SSO6cye0Rr5qs/JxhopQ7+OxUU9pLqNK33yG2D0Z6U4QaY9cbcB0IhVQmpbMicsE9NyjXveJh3DSOL86yo2Y9CYIZEJ7yWEdt0LGRpZ2VzdD0xODQxNTMscz04ODljYTY5ODhlOGM4MTg5ODZhYTlmOGM3ZjkyOGE2Mzg4NzU3YWIyODE3ZjdkNzY2NzhiYWQ5ODg4Nzg3MjY4YWVhN2FkOGM4NDg5NzE2ZQ==
www.gallagherbassett.com/	1970-01-20 19:05:55	Name: mKey Value: 46f14ec9-0d4c-46c1-ae8a-66954901b3be
.gallagherbassett.com/	1970-01-20 18:14:21	Name: visid_incap_1944542 Value: rBlDMWUHSdK8ACBjCTbR34Sa4mMAAAAAQUIPAAAAAABTX4W2Lq6OqqXQvnM6NwSt
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_474_1944542 Value: 5K/BbGWPYU+2WoZWRf2TBoSa4mMAAAAA2erOkZrw56fGKO9PivBFZg==
.gallagherbassett.com/	1970-01-20 19:05:55	Name: _ga Value: GA1.2.1243358797.1675795077
.gallagherbassett.com/	1970-01-20 09:31:21	Name: _gid Value: GA1.2.1935231268.1675795077
.gallagherbassett.com/	1970-01-20 09:29:55	Name: _gat Value: 1
www.gallagherbassett.com/	1970-01-20 09:29:55	Name: ___utmvc Value: Y8pdUt5vTAtRqfOYSLMjSbhtOBm0YlulsD78Xo7466Vie/FPRYS249etkv07Pw3NiL3Sbb38GOdgvObla0u5LKYdVIiyerT4s/LBLKOeY6Y08PX6sRnEFDz79fpFDGrePd5C8GFaPDgoaP5h6cn4Ot+ciQgsRAeMtk8WI6/1zaOeNujSdA0KDbR+JFHTzSqxOeYGRNz9n5xcigIiR0q0tP9qgXHiteuP3wQAecs5W4s/7B+SUNZKdHUIk8oDVoJ1ZRpsSkmMB8ocsDCLklfSWgBM9a+ouIDX7ySaRNX6G5xGeAIvt+yN/gD0IN5xn1eLRHY4bnY3AYiZEYwwmwGMrE4+/HggSXj6Tab5nlCSGYq7hd1L+ov67yZCuidxhd3apS08A84fYjKfS89sRW48uZyuqBKU0jIcDNbUwTnUyMi9q7YkY//QA2D3pimv9PVzzxwro8o21yzMB7a5FAMVDUniHwTtJRAfMAJk+EflTWKJywWTm9I/12RoFewRuQgsK1U9UNxS9jt7pukATiT4gjeoHzdR1eUWMwMjQ6uaWhp9YfiXDZgi6KtVznrUQ+AksPbT1NOTbuToArPksZhFGIaQ/URM3b4whxL6ZzPwgy8UnXTCyTsNzmdsJUUZ6XB4JJHrkEly8AdXu8KCwVeDAdn1yi+9gmqJbfdSOsnsJYu8s/dXGR2gbjnAilwbiJgRFv7Rw/3q+rFDTxV8z6eGbR7wklButBevWR6JR0saocTh05v1IKpLa92sqP0ol2KQdjPlnl80XwapSLF9/rC5eNajSUsbFEEMACTReoNwWeSvT1+5XY06QWrTNeJD+Y++cvQS/DZbOMSkv6MCpa6ujKKfpj1VQ6zOQSi20t3IvoG4xq1YbPzuIH3lLnRbODZ2Av0CEzEfpaVkaPIYEwhGpISvSI14sGd6Q0GcznCH1t3kEZssAKtl50fiFBWYBdEHzGojvqa+96jdA+BURu28y+bjD6Am2IDkBavF+pdu7Eig6lfJ8azH1NcurT1nBJJn/gB/gy5/p5sDxXoctbjCQY8rFr6QM1D4uWWIGfFc3jktj0Fz02gbONxtX5kFNeDY2ZeD//n/YICo6Rfrs6/n0Wp5TGf4hh3TmE9uDNWhZdPmNxE425vX8EGoipirRg3K/6RHywCa4/qcTCL8PMRajvHbZxswjDLxTaLF+wiiCSfimcZof+4WJtGassdpDP5PbC5EobynAJIUgg1zEmS+uNAa9ZwLkRUCmpcAjorP7CRuRWDui0UYE6VvCPpia1GGFmJLkz5DZN7FhCjdYj29mdUYbaQuwv1EWyEdKGGtK2I+RjkkVaMjxrdhF5x+TAUPN9LNBIpgJcPTgCK0LY9mq/HEJwrbQbIqryuWfga5SQoEE47Cf8YPBszMH70bku0ny41DJlkhZQZoCCtHti1GsOGm72CJcjmLZfDSE/aC3j8sEzuDnBdJqS/H2dA9z1Kc1JbWKGLKryOV6Xa8mzWLO5uq8KHKmNFv2I1yI9TVR3KSzu4bfbSIuPTztPwfCB7u8qfQbAIh52/p4Vy+6AZL8qla4wctkorAC4hJura/Ly6bYcMZMufdLBuXqz4EYHsqVSVTvSzwZ9yRM7cQUNIq2rJuCOZXSN7f5WbjsiDS1EiYDoJFAM1IleXnHzuenmk3VHDXai/SzUdbVfBYAqkVg9OaVl5nZkgZgU7irg7LSaLrzkJwlKJhd5RawGtfE9tls004LNo9ShTrt0rKD/LDu2XXZpMSqrJpi4TCNx077KV7OlDutRAIcS6sEqTq9UgeLhStjSxTADQ3PpgOz9moGApJaxzXTsKeBZKCY1FZcCRZp3AbqbX+SOSUVMZwC7gu8KyMlb8JRtpMULn30e5/hbFEzcpF/8Cf7dK5moWT4ZDkNQlHdIqsNA6D1LgKLrPP2vXH/MBzSfRQVoKTIi/boNI8oVO1QqepHROEuFm06quzDSVTNc12pKCFZz2m0nH1bXgISEYjAkQ77c8reAU8TDngCikJcE9/Jlsv2DQDZHNBL3o/ohljxc7/QRLD8LiOKIajHUv0JA8ljSpC57RFpwiEcrzCfw8YuKKDKPa2BNh7XYzjhrq060siZpWMBfMmwtt8IXpzw9C6zFVpLtRqVRIMgvCH0ibMLPRSW5bQRdJZtwQLBcUW7W/K3jGbbOgW/Us2Cabo4xcreLUlVV21qzQRwg6C/hAcYEcCXgUP6TSanCNT3CyvnKpYOFpPqRXlBm8wZWaT4KMVb3CjYta0b5j8ZWmFtaTcJASJCzEGBDlnS32sr8fxY0Ikhd9mUmg0YEMd65fNRGhBT9LEYW9fFYlJSm+M1qUENrC6qp2Lj7uhsZk3KJR31aDeTk90MytYIu1wQLo/TcBoJBIWgcVQrlAKsDgk5ATMr2F2rjeY9g9KuRPYd8jl8ZECILLUvfHHSWHa6sMiJh3hvJ99KC60a0HG9gZY0W8aj9PHwR0d4ANn4Sei2D7RC/ANKnidl9QmQEOH1vRP5Vigtz/Cw2mgo0AxG9Xbf1MtsqvEK+pMUzgBg6F5fnZh/JlyuhvEPLFLa4URmaua902xKbHlj15cWb3FdqRAFCSknuI+Evh4mtTHp6E7d7gDQa8aJKbmLmxfs1Q3h1XqSMBRk3CIn29A85CIxbfzp9+Lx4O/TrOV7y13GUEsZGlnZXN0PTE4Mjk2MywxODI3Mzcscz02NWFkOThhZDk5YTI4MDgyOGFhYmExYWQ3YWEwNmZhNThjYTU5YjhlNjZhYjkzOWU1ZWEwOTI2NzljNjQ4MWE1OTg3OTZlOTg3Yzg0NzQ2ZQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile(Line 9) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.
security	error	URL: https://www.gallagherbassett.com/sso/App/Logon(Line 9) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-2WmNH3DZfh9V217APc8V5Q==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
citrix-sharefile-content.customer.pendo.io
citrix-sharefile-data.customer.pendo.io
gbtpa.sharefile.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
citrix-sharefile-data.customer.pendo.io
gbtpa.sharefile.com
www.gallagherbassett.com
151.101.2.217
2a00:1450:400d:803::200e
34.107.168.21
45.60.123.80
76.223.1.166
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
06459735468802070abc6f735dd8ef77a71c713bc045d9dcfe7c02eefb561f9b
1522471c7ef74bf42cfe35a28e97beef435a9379b78cdbcc601ccf4ee8ef0dca
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1dfa4b67f84b8f55b2181f36ad619bec7f42a70a4c084bcf658b246a4c3d43fe
48b5dfd2f4144b35665fb8ba9c5e679e86e442759ceee7dd6901e5d709ca396f
69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2
6b384f8a6392a0988b177e24d70845de9af2b3e6045ed9b5aed13bebc1dd8aad
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
94d789b3f07f64b6104c977cfd0f0d140418345a965a9657bf8c6e82ed90080d
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
be532b88c5b02663e0240b914427e011b6cce820d1105300807a3e9fcc3d0c21
c4bd8b27631ce3e67bd00b9a96ab6d415d9eedf6c05cdc361b57f0026d6b5f1f
c8e4e9178b97dac904ab94d072fdf02f403a88958a33ae3397a124bc03173155
ca84035e391d604e551a087318d6f98fc1fac65f8a5fb68f2ed9cf7ef4d325f0
d9296174757f12c23805ca589cffa7bcaf19652f3f0f8d89c87503b63448d337
d9db44623573f049bd61d5a2537501fd2b5c3569c00a5db140581e5e541cb741
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8fe7080d21b337e254254648a2c18d4b6bbb937a634c8ebb18a29a3e3e1be5c

sso.gallagherbassett.com Open in urlscan Pro 45.60.123.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

83 %HTTPS

20 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

1765 kBTransfer

6325 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sso.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

1765 kB
Transfer

6325 kB
Size

18
Cookies

46 HTTP transactions
0 data transactions