www.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gbtpa.sharefile.com/
Effective URL:
https://www.gallagherbassett.com/sso/App/Logon
Submission: On May 17 via manual (May 17th 2021, 5:43:30 pm UTC) from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 53 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is www.gallagherbassett.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.

This is the only time www.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	13.248.193.251 13.248.193.251	16509 (AMAZON-02) (AMAZON-02)
4	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1 2	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
2	13.224.95.83 13.224.95.83	16509 (AMAZON-02) (AMAZON-02)
1	104.225.98.129 104.225.98.129	36236 (NETACTUATE) (NETACTUATE)
2	34.197.25.35 34.197.25.35	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
2	151.147.160.186 151.147.160.186	46342 (AJGCO) (AJGCO)
12	45.60.123.80 45.60.123.80	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
53	11

27 13.248.193.251 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com

gbtpa.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gbtpa.sf-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.57.45 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.95.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-83.zrh50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.129 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 129.98.225.104.ptr.anycast.net

i2-muzqopwrnedranraivkauuxaqwswmo.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.25.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-25-35.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.147.160.186 (United States)

ASN46342 (AJGCO, US)

sso.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 45.60.123.80 (United States)

ASN19551 (INCAPSULA, US)

www.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sharefile.com 2 redirects gbtpa.sharefile.com	872 KB
14	gallagherbassett.com sso.gallagherbassett.com www.gallagherbassett.com	448 KB
10	sf-api.com gbtpa.sf-api.com	10 KB
6	launchdarkly.com app.launchdarkly.com events.launchdarkly.com	1 KB
3	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	19 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	pendo.io cdn.pendo.io	249 KB
1	cedexis-radar.net i2-muzqopwrnedranraivkauuxaqwswmo.init.cedexis-radar.net	1 KB
53	8

	Domain	Requested by
17	gbtpa.sharefile.com	2 redirects gbtpa.sharefile.com
12	www.gallagherbassett.com	www.gallagherbassett.com
10	gbtpa.sf-api.com	gbtpa.sharefile.com
4	app.launchdarkly.com	gbtpa.sharefile.com
2	www.google-analytics.com	www.gallagherbassett.com www.google-analytics.com
2	sso.gallagherbassett.com	www.gallagherbassett.com
2	events.launchdarkly.com	gbtpa.sharefile.com
2	cdn.pendo.io	gbtpa.sharefile.com
2	radar.cedexis.com	1 redirects gbtpa.sharefile.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-muzqopwrnedranraivkauuxaqwswmo.init.cedexis-radar.net	radar.cedexis.com
53	11

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com Amazon	`2020-11-18` - `2021-12-19`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.sf-api.com Amazon	`2020-11-17` - `2021-12-17`	a year	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh
events.launchdarkly.com Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
sso.gallagherbassett.com DigiCert SHA2 Secure Server CA	`2020-05-05` - `2021-05-31`	a year	crt.sh
www.gallagherbassett.com DigiCert SHA2 Secure Server CA	`2020-02-24` - `2022-03-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gallagherbassett.com/sso/App/Logon
Frame ID: 192C6E80F6690DCE1B7D78688A4BEC1E
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gbtpa.sharefile.com/ Page URL
https://gbtpa.sharefile.com/login HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Y... HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=K... Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL

Page Statistics

53
Requests

98 %
HTTPS

20 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

1616 kB
Transfer

5644 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbtpa.sharefile.com/ Page URL
https://gbtpa.sharefile.com/login HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=YsaUc2dO99R9Q_8FDdfm4Q--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=K6RqlwjjDtTm4V7Fu1AoIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1593429750/radar.js

Request Chain 24

https://gbtpa.sharefile.com/login HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=YsaUc2dO99R9Q_8FDdfm4Q--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gbtpa.sharefile.com/ 3 KB
3 KB 345ms
140ms Document
text/html 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

57ed0dbf2bab2a584824131cf8f2669cbf1f463c4938972f53c63aed6ddae2f1

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-R+WA7vGX1LhaqTjcyq3wKA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
content-type: text/html; charset=utf-8
content-length: 1292
set-cookie: AWSALBTG=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; Expires=Mon, 24 May 2021 17:43:13 GMT; Path=/ AWSALBTGCORS=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; Expires=Mon, 24 May 2021 17:43:13 GMT; Path=/; SameSite=None; Secure AWSALB=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; Expires=Mon, 24 May 2021 17:43:13 GMT; Path=/ AWSALBCORS=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; Expires=Mon, 24 May 2021 17:43:13 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; path=/; secure; HttpOnly; SameSite=None
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 9c2dbfe5-26ce-44ee-80fa-1880fa7b8471
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-R+WA7vGX1LhaqTjcyq3wKA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

GET
H2 200 spinner.css
gbtpa.sharefile.com/css/ 1 KB
1 KB 117ms
116ms Stylesheet
text/css 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/css/spinner.css

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/spinner.css
pragma: no-cache
cookie: AWSALBTG=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; AWSALBTGCORS=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; AWSALB=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; AWSALBCORS=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 15:58:42 GMT
server: Microsoft-IIS/10.0
etag: "0651bae4747d71:0"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=PB/XP30kIbpo4VOTg4z93gDDnYw4jh25ElSB8TFMKvJ+OotZMD65PJ2OVu3OI7nDJCn5RW0wUXRAQMmfPhEs+G9KtTZZueeFRF8MWVVsJWeh5Uy7WosjM3+TiAAAtjjKQOzyOFmWvXR1v+DfNh8dweNWtYF+U4zgo8EWXcWXoprD; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBTGCORS=PB/XP30kIbpo4VOTg4z93gDDnYw4jh25ElSB8TFMKvJ+OotZMD65PJ2OVu3OI7nDJCn5RW0wUXRAQMmfPhEs+G9KtTZZueeFRF8MWVVsJWeh5Uy7WosjM3+TiAAAtjjKQOzyOFmWvXR1v+DfNh8dweNWtYF+U4zgo8EWXcWXoprD; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure AWSALB=OrF9OVSq3mUo+BFvr05NjW6DN6Sp5hpisYgnj7AI8RMVoOc5ysFhcFkp2qcKW3AMY90s3qFKAOfrRlb9jbDwI1vNUAXv+ylZzwkyczVMi2ZnukOOOe60LKe3bTsr; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBCORS=OrF9OVSq3mUo+BFvr05NjW6DN6Sp5hpisYgnj7AI8RMVoOc5ysFhcFkp2qcKW3AMY90s3qFKAOfrRlb9jbDwI1vNUAXv+ylZzwkyczVMi2ZnukOOOe60LKe3bTsr; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 ShimSham Show response
gbtpa.sharefile.com/javascript/bundles/ 86 KB
26 KB 197ms
197ms Script
text/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
pragma: no-cache
cookie: AWSALBTG=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; AWSALBTGCORS=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; AWSALB=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; AWSALBCORS=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid: a95b9054-9c09-4015-b2fb-0ffa7c799448
date: Mon, 17 May 2021 17:43:14 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 17 May 2021 17:43:14 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
set-cookie: AWSALBTG=PtpB/6xnp8I5+xN0MKdLxwNeirfPDpA07lDSE8OZ9S4XkapBBQ3K10lv4UO77r5csZpOckn5RAHxvbl+SVprUCYvRZV1lY3pyXy3Lw9AQchvxX/f9kSky5M7QTMUeBQ2FwPEsWH/Mnotz8EUdMqvRcK474JAC5bhRIoBZp+H4V6V; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBTGCORS=PtpB/6xnp8I5+xN0MKdLxwNeirfPDpA07lDSE8OZ9S4XkapBBQ3K10lv4UO77r5csZpOckn5RAHxvbl+SVprUCYvRZV1lY3pyXy3Lw9AQchvxX/f9kSky5M7QTMUeBQ2FwPEsWH/Mnotz8EUdMqvRcK474JAC5bhRIoBZp+H4V6V; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure AWSALB=lW4rmRc1MB8DsSPxdn761nUI8BsR/JBtHrQ6KP26uqSqAWGSct+i5C5mJJ07CYgPA5I6/6X1/4m277pQUwivDeiwKhJA/nE+vag/mqqneeU5ThdtnNYY7AXeMTwr; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBCORS=lW4rmRc1MB8DsSPxdn761nUI8BsR/JBtHrQ6KP26uqSqAWGSct+i5C5mJJ07CYgPA5I6/6X1/4m277pQUwivDeiwKhJA/nE+vag/mqqneeU5ThdtnNYY7AXeMTwr; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 25784
x-content-type-options: nosniff
expires: Tue, 17 May 2022 17:43:14 GMT

GET
H2 200 index.bdf435ee10b95f848a86.js Show response
gbtpa.sharefile.com/bundles/ 2 MB
564 KB 214ms
213ms Script
application/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

eaaeed609327c4ba82db5346f9a5985bd76b33c28e91d1767c36171fe369d961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/index.bdf435ee10b95f848a86.js
pragma: no-cache
cookie: AWSALBTG=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; AWSALBTGCORS=djb0Ye0OCzP397kzLeiwGvH6OPoK6FI6aGsrX5ycAiwUdnlZbupsHCCiM6ATKqRwuY1DpgGwC/Kl5A/3KDjWI9JQt8hl38qbTRHCeIO8buOzpGhpKUS5WM2NrIwOYT6wJ/Z4yFQhFnCrTA3oJXhEzYEtfoqe5ALl+WfWNna30yp/; AWSALB=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; AWSALBCORS=cfyGXlz00pT20YBwmZwPyNOLvYnSfM37jRcwcnqvyLNyGBjDmu+LGxknHH8u3bE8CRWf931IyOYLZdtk5x91yTN0SNDpqrUopmTg+WQGcyCL0WgOfqkJZYxkPIvL; ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 16:02:42 GMT
server: Microsoft-IIS/10.0
etag: "07d283d4847d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=0Sy5dDDeXGa00Pkp8PZwI+T9P/XhuA57hvib6cYYd7zZW0ElWTIqX4bMe7ezkaK3jg1ML7p0B2h4cSxCmwx5T0QhV9JEBQlW4wXzYQGQJnI0AfZbST9NniXuYen2VPGkVxdw9je30HiTJ0wsU2IC14DxFm9toTonM2CIQy9T+JYr; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBTGCORS=0Sy5dDDeXGa00Pkp8PZwI+T9P/XhuA57hvib6cYYd7zZW0ElWTIqX4bMe7ezkaK3jg1ML7p0B2h4cSxCmwx5T0QhV9JEBQlW4wXzYQGQJnI0AfZbST9NniXuYen2VPGkVxdw9je30HiTJ0wsU2IC14DxFm9toTonM2CIQy9T+JYr; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure AWSALB=C8F3LaA1H1xeXmOQGJTdqrA/DKO7OeeTOAR147vy0f0O8xm8XEFXUbfDipXYvUqfTIrIgb8YLFAgpuofkOMinPHFJ4Kz6EQoicLiMS/NbhW5b1Lv9BG4hiIphno9; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBCORS=C8F3LaA1H1xeXmOQGJTdqrA/DKO7OeeTOAR147vy0f0O8xm8XEFXUbfDipXYvUqfTIrIgb8YLFAgpuofkOMinPHFJ4Kz6EQoicLiMS/NbhW5b1Lv9BG4hiIphno9; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 576210
x-content-type-options: nosniff

GET
H2 200 spinner.svg
gbtpa.sharefile.com/css/ 1 KB
2 KB 225ms
224ms Image
image/svg+xml 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/css/spinner.svg

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/css/spinner.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/spinner.svg
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; AWSALBTG=PB/XP30kIbpo4VOTg4z93gDDnYw4jh25ElSB8TFMKvJ+OotZMD65PJ2OVu3OI7nDJCn5RW0wUXRAQMmfPhEs+G9KtTZZueeFRF8MWVVsJWeh5Uy7WosjM3+TiAAAtjjKQOzyOFmWvXR1v+DfNh8dweNWtYF+U4zgo8EWXcWXoprD; AWSALBTGCORS=PB/XP30kIbpo4VOTg4z93gDDnYw4jh25ElSB8TFMKvJ+OotZMD65PJ2OVu3OI7nDJCn5RW0wUXRAQMmfPhEs+G9KtTZZueeFRF8MWVVsJWeh5Uy7WosjM3+TiAAAtjjKQOzyOFmWvXR1v+DfNh8dweNWtYF+U4zgo8EWXcWXoprD; AWSALB=OrF9OVSq3mUo+BFvr05NjW6DN6Sp5hpisYgnj7AI8RMVoOc5ysFhcFkp2qcKW3AMY90s3qFKAOfrRlb9jbDwI1vNUAXv+ylZzwkyczVMi2ZnukOOOe60LKe3bTsr; AWSALBCORS=OrF9OVSq3mUo+BFvr05NjW6DN6Sp5hpisYgnj7AI8RMVoOc5ysFhcFkp2qcKW3AMY90s3qFKAOfrRlb9jbDwI1vNUAXv+ylZzwkyczVMi2ZnukOOOe60LKe3bTsr
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/css/spinner.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 15:58:42 GMT
server: Microsoft-IIS/10.0
etag: "0651bae4747d71:0"
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=zcFPeIaMC7KcxZoexs9NQVIhrpvx5JUqKgXtla/LT6w+rvnI9KBk49aI3izeaMpf5B5V7iUt0Dhswj8X7Vpv2RkS19dexQJ4A6KcU8m4L7SZKOAlbeqvc+77znjqe+VzW7Ov37mp97/ciDOlh0QOc89biOJH6omJC2HyTlfB9F1v; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBTGCORS=zcFPeIaMC7KcxZoexs9NQVIhrpvx5JUqKgXtla/LT6w+rvnI9KBk49aI3izeaMpf5B5V7iUt0Dhswj8X7Vpv2RkS19dexQJ4A6KcU8m4L7SZKOAlbeqvc+77znjqe+VzW7Ov37mp97/ciDOlh0QOc89biOJH6omJC2HyTlfB9F1v; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure AWSALB=IPd+PQe+iU3eziPK9GqhVdKB6KvO2s2vkKTIDOcNfM+ZpepO18EvZkj4d4Jlm5TH1hk+wkTdYePJ+cur8H1p+W+nOJXYCcxdDzkcmTWqZXTyLaxZgLw/iUdrrpIK; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBCORS=IPd+PQe+iU3eziPK9GqhVdKB6KvO2s2vkKTIDOcNfM+ZpepO18EvZkj4d4Jlm5TH1hk+wkTdYePJ+cur8H1p+W+nOJXYCcxdDzkcmTWqZXTyLaxZgLw/iUdrrpIK; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

OPTIONS
H2 200 5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 0
0 100ms
28ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Protocol

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Mon, 17 May 2021 17:43:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19171-FRA
x-cache: HIT
x-cache-hits: 6
x-timer: S1621273395.560246,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

OPTIONS
H2 200 user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 0
0 34ms
28ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user

Protocol

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: REPORT
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: REPORT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
allow: REPORT, OPTIONS
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Mon, 17 May 2021 17:43:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19171-FRA
x-cache: HIT
x-cache-hits: 7
x-timer: S1621273395.560380,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

GET
H2 200 5f33f5d44f29ea099db90d2a Show response
app.launchdarkly.com/sdk/goals/ 2 B
172 B 29ms
29ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-User-Agent: JSClient/2.18.0
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Mon, 17 May 2021 17:43:14 GMT
content-length: 26
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1621273395.589588,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 7

GET
H2

200

radar.js Show response
radar.cedexis.com/1593429750/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1593429750/radar.js

44 KB
19 KB

31ms
31ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1593429750/radar.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 11:30:33 GMT
server: nginx
etag: W/"5ef9d0d9-af5c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=1209600, public
alt-svc: clear
expires: Mon, 31 May 2021 17:43:14 GMT

Redirect headers

date: Mon, 17 May 2021 17:43:14 GMT
via: 1.1 google
server: nginx
vary: User-Agent,DNT
content-type: text/html
location: /1593429750/radar.js
cache-control: max-age=600
alt-svc: clear
content-length: 154
expires: Mon, 17 May 2021 17:53:14 GMT

REPORT
H2 200 user Show response
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 2 KB
583 B 119ms
119ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

793a7bdbca22b99d5482d76687cce9fe033aad560fe7471a9cef65a046e4b8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
age: 0
x-cache: MISS
access-control-max-age: 300
date: Mon, 17 May 2021 17:43:14 GMT
x-served-by: cache-fra19171-FRA
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1621273395.589615,VS0,VE91
etag: "478cb"
vary: Accept-Encoding, Authorization
access-control-allow-methods: REPORT, OPTIONS
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 0

GET
H2 200 59b554da6502be68a43c.js Show response
gbtpa.sharefile.com/bundles/ 17 KB
8 KB 103ms
102ms Script
application/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/59b554da6502be68a43c.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

8dc2d4e78fa4e1f268d5b767cdc47f64f26d9283c66e6ce6bdbe49c503243561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/59b554da6502be68a43c.js
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; AWSALBTG=zcFPeIaMC7KcxZoexs9NQVIhrpvx5JUqKgXtla/LT6w+rvnI9KBk49aI3izeaMpf5B5V7iUt0Dhswj8X7Vpv2RkS19dexQJ4A6KcU8m4L7SZKOAlbeqvc+77znjqe+VzW7Ov37mp97/ciDOlh0QOc89biOJH6omJC2HyTlfB9F1v; AWSALBTGCORS=zcFPeIaMC7KcxZoexs9NQVIhrpvx5JUqKgXtla/LT6w+rvnI9KBk49aI3izeaMpf5B5V7iUt0Dhswj8X7Vpv2RkS19dexQJ4A6KcU8m4L7SZKOAlbeqvc+77znjqe+VzW7Ov37mp97/ciDOlh0QOc89biOJH6omJC2HyTlfB9F1v; AWSALB=IPd+PQe+iU3eziPK9GqhVdKB6KvO2s2vkKTIDOcNfM+ZpepO18EvZkj4d4Jlm5TH1hk+wkTdYePJ+cur8H1p+W+nOJXYCcxdDzkcmTWqZXTyLaxZgLw/iUdrrpIK; AWSALBCORS=IPd+PQe+iU3eziPK9GqhVdKB6KvO2s2vkKTIDOcNfM+ZpepO18EvZkj4d4Jlm5TH1hk+wkTdYePJ+cur8H1p+W+nOJXYCcxdDzkcmTWqZXTyLaxZgLw/iUdrrpIK
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 16:02:44 GMT
server: Microsoft-IIS/10.0
etag: "0aa593e4847d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=+1zNoAnDRWxkuip/n4UCT40dUudAiKPRgc5hqPnOd7s6ZgqEZoy8dU+EZDqoI1DHSoVXD5CFsPcK3Q+vg55loXqJe1Z0STrbunI+ZL+VA068Mt4NQZuI92DvOOmHY3gYAvBnaYskrwAhQTVeBHCg2lPEHq9Qynorp70DE7QmVVwV; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBTGCORS=+1zNoAnDRWxkuip/n4UCT40dUudAiKPRgc5hqPnOd7s6ZgqEZoy8dU+EZDqoI1DHSoVXD5CFsPcK3Q+vg55loXqJe1Z0STrbunI+ZL+VA068Mt4NQZuI92DvOOmHY3gYAvBnaYskrwAhQTVeBHCg2lPEHq9Qynorp70DE7QmVVwV; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure AWSALB=xrQE4SB5tMtX3HGDSSAsFGpuLX+eA49rkASdlqFeUGPR80kchKLZzRuR3msdYL1rtaABku1xLFjsNsdjBQfH38GqcUuSZlZOjPmtqEPVq+GIoLqQ6oyYgcW7xabo; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/ AWSALBCORS=xrQE4SB5tMtX3HGDSSAsFGpuLX+eA49rkASdlqFeUGPR80kchKLZzRuR3msdYL1rtaABku1xLFjsNsdjBQfH38GqcUuSZlZOjPmtqEPVq+GIoLqQ6oyYgcW7xabo; Expires=Mon, 24 May 2021 17:43:14 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 6697
x-content-type-options: nosniff

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 396 KB
124 KB 214ms
47ms Script
application/javascript 13.224.95.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-83.zrh50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 18bb515a611b1aa19cc5520f9016f6ca2bde7005e190cefab802b1b30610ace5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 17:39:24 GMT
Content-Encoding: gzip
Age: 236
X-GUploader-UploadID: ABg5-UyPjAPNf1QFgFFays9r0bXqg8qRZejCUowTvwT5XXFthJb5i5SZ13wiYgpelh1zdFj4pt_Jgt9KUS2-IrfblA
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 126265
Access-Control-Allow-Origin: *
Last-Modified: Thu, 06 May 2021 19:09:08 GMT
Server: UploadServer
ETag: "a2dc759886a81bf2c64e1cc0c9e8c710"
Vary: Accept-Encoding
x-goog-hash: crc32c=WQO3Bw==, md5=otx1mIaoG/LGThzAyejHEA==
x-goog-generation: 1620328148644613
Via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 126265
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: LFOdF8auQHXehMfNNXsRZlSJpgCWsvuYyybsj0LswzG8cK0dWqrmFg==
Expires: Mon, 17 May 2021 17:46:48 GMT

OPTIONS
H2 200 Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0 349ms
144ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Protocol

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 17:43:14 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637568557949074301
citrix-transactionid: 11648461-e46f-4b7b-bece-262eee4d2ff8
correlationid: jwX4ikFtEUaQgWqfgiBEZw
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 200 Branding Show response
gbtpa.sf-api.com/sf/v3/Accounts/ 4 KB
3 KB 369ms
172ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: uHL2XPdeqKi3_O8G5zpPEg
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 0e59a87a-fcde-4ace-80a2-8538be712143
date: Mon, 17 May 2021 17:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: uHL2XPdeqKi3_O8G5zpPEg
vary: Accept-Encoding
content-length: 1746
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637568557952408592
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

GET
H/1.1 200
Ok providers.json Show response
i2-muzqopwrnedranraivkauuxaqwswmo.init.cedexis-radar.net/i2/1/55156/j1/20/122/1621273394/0/0/ 3 KB
1 KB 116ms
30ms XHR
application/json 104.225.98.129
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-muzqopwrnedranraivkauuxaqwswmo.init.cedexis-radar.net/i2/1/55156/j1/20/122/1621273394/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.129 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 129.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 6794cb4a2ad45c17fe6006479b8a185642f59ce95b5f5b456eead626405ae81c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 17:43:14 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

OPTIONS
H/1.1 204
No Content 5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/diagnostic/ 0
0 299ms
99ms Preflight
application/json 34.197.25.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Protocol

HTTP/1.1

Server

34.197.25.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-25-35.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Mon, 17 May 2021 17:43:15 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=31536000

POST
H/1.1 202
Accepted 5f33f5d44f29ea099db90d2a Show response
events.launchdarkly.com/events/diagnostic/ 0
509 B 100ms
100ms XHR
application/json 34.197.25.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.25.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-25-35.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-User-Agent: JSClient/2.18.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 17 May 2021 17:43:15 GMT
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

GET
H/1.1 200
Ok 1621273394186 Show response
rpt.cedexis.com/n1/0/1621273393711/0/0/0/0/1621273393711/1621273393712/1621273393720/1621273393720/1621273393916/1621273393738/1621273393916/1621273394056/1621273394057/1621273394060/1621273394548/... 16 B
283 B 87ms
22ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1621273393711/0/0/0/0/1621273393711/1621273393712/1621273393720/1621273393720/1621273393916/1621273393738/1621273393916/1621273394056/1621273394057/1621273394060/1621273394548/1621273394548/1621273394548/1621273394839/1621273394839/1621273394840/_CgJqMRAUGHoiBggBEPSuAyiY1ueTAzCy1oqFBjiy1oqFBkCs-4enAkoPCAMQNRjBdiAAKPODgKAEULL_7AJaEAgDEDUY7MIBIAAo7oOAoARgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEwgDEEYYsUYgooCAwAQojYaAoASIAdLMyZAHkAEAmAEA/0/1621273394186
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 17:43:15 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

OPTIONS
H2 200 Users
gbtpa.sf-api.com/sf/v3/ 0
0 125ms
124ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Protocol

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 17:43:15 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637568557951428635
citrix-transactionid: 315ed540-2410-40e3-87e1-0fddec9f0116
correlationid: 8Gx60MQdvEKDZ9DpK-EzOA
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

OPTIONS
H2 200 Accounts
gbtpa.sf-api.com/sf/v3/ 0
0 196ms
196ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams

Protocol

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 17:43:15 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637568557954649806
citrix-transactionid: d05dc6fc-8a5d-409d-a673-609911c085da
correlationid: 8lQPKCTNtkqXnrWeRqA89A
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 401 Users
gbtpa.sf-api.com/sf/v3/ 118 B
1 KB 124ms
124ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: QN2CLwWVQqeRhAIci7dXoA
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 3a85f91c-f2c3-445b-ba4c-a2253efb0d80
date: Mon, 17 May 2021 17:43:15 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: QN2CLwWVQqeRhAIci7dXoA
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637568557955508447
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 Accounts
gbtpa.sf-api.com/sf/v3/ 118 B
1 KB 148ms
148ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: czdoDYrZSFa7VvJyXv_Ecw
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 9fa433c0-272d-401d-a17e-99a600926dce
date: Mon, 17 May 2021 17:43:15 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: czdoDYrZSFa7VvJyXv_Ecw
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637568557956133500
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ 118 B
1 KB 166ms
165ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: i1BKmptJaP7UOtPzV9UmYQ
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 32568c3e-c73b-4792-ba93-ceab44e88783
date: Mon, 17 May 2021 17:43:15 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: i1BKmptJaP7UOtPzV9UmYQ
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637568557955679059
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

OPTIONS
H2 200 WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0 140ms
140ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Protocol

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 17:43:15 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637568557954321793
citrix-transactionid: c68f223f-b8d2-49d0-9df0-5fbfe3d5e876
correlationid: Cc9gv1kkcU28m0FoK3jQrg
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2

200

https://gbtpa.sharefile.com/login
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=YsaUc2dO99R9Q_8FDdfm4Q--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&...
https://gbtpa.sharefile.com/Authentication/Login

7 KB
5 KB

322ms
321ms

Document
text/html

13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/Authentication/Login

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

1967b6660bdf14b62a299456f325fb7582feba5aaf7bc4754aae2dfa5e350e1c

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-tQ0Toh4C5oDTdO/+oAc4XA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /Authentication/Login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbtpa.sharefile.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=aPmPkcYHe15xUCIniKc61fF6v1/246577M3SnLHcCFNgXbPwBTUQpSfsGwFpzF0IYij5eJ3azi1zCCaP/3NjHBcM17XNp7tWQuoDC2s304oldZ9UHIF3zeWLEycdQJGQTQnqifkEKJ0pfKcYtKn17XSY7Tyxa4CNhm8L//QEEvx4; AWSALBTGCORS=aPmPkcYHe15xUCIniKc61fF6v1/246577M3SnLHcCFNgXbPwBTUQpSfsGwFpzF0IYij5eJ3azi1zCCaP/3NjHBcM17XNp7tWQuoDC2s304oldZ9UHIF3zeWLEycdQJGQTQnqifkEKJ0pfKcYtKn17XSY7Tyxa4CNhm8L//QEEvx4; AWSALB=SkZhHaDEtbbM39DBMkOR0xlHGFtEZO2tq5nTCKQq1xTFVqXDsJte7c/HZhQUadDoWLEAnq67dcqaQMk9e7McQvOAYM12O4d3QMr0xsx7WdzTFRzmTNt7WUgQBiYM; AWSALBCORS=SkZhHaDEtbbM39DBMkOR0xlHGFtEZO2tq5nTCKQq1xTFVqXDsJte7c/HZhQUadDoWLEAnq67dcqaQMk9e7McQvOAYM12O4d3QMr0xsx7WdzTFRzmTNt7WUgQBiYM; clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiWXNhVWMyZE85OVI5UV84RkRkZm00US0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gbtpa.sharefile.com/

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
content-type: text/html; charset=utf-8
content-length: 2936
set-cookie: AWSALBTG=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/ AWSALBTGCORS=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/; SameSite=None; Secure AWSALB=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/ AWSALBCORS=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/; SameSite=None; Secure clientRequest=; expires=Sun, 16-May-2021 17:43:15 GMT; path=/
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 9621b24b-cf35-4caa-b241-38c7b0f827ad
x-frame-options: SAMEORIGIN
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-tQ0Toh4C5oDTdO/+oAc4XA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

Redirect headers

date: Mon, 17 May 2021 17:43:15 GMT
content-type: text/html; charset=utf-8
content-length: 138
set-cookie: AWSALBTG=aPmPkcYHe15xUCIniKc61fF6v1/246577M3SnLHcCFNgXbPwBTUQpSfsGwFpzF0IYij5eJ3azi1zCCaP/3NjHBcM17XNp7tWQuoDC2s304oldZ9UHIF3zeWLEycdQJGQTQnqifkEKJ0pfKcYtKn17XSY7Tyxa4CNhm8L//QEEvx4; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/ AWSALBTGCORS=aPmPkcYHe15xUCIniKc61fF6v1/246577M3SnLHcCFNgXbPwBTUQpSfsGwFpzF0IYij5eJ3azi1zCCaP/3NjHBcM17XNp7tWQuoDC2s304oldZ9UHIF3zeWLEycdQJGQTQnqifkEKJ0pfKcYtKn17XSY7Tyxa4CNhm8L//QEEvx4; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/; SameSite=None; Secure AWSALB=SkZhHaDEtbbM39DBMkOR0xlHGFtEZO2tq5nTCKQq1xTFVqXDsJte7c/HZhQUadDoWLEAnq67dcqaQMk9e7McQvOAYM12O4d3QMr0xsx7WdzTFRzmTNt7WUgQBiYM; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/ AWSALBCORS=SkZhHaDEtbbM39DBMkOR0xlHGFtEZO2tq5nTCKQq1xTFVqXDsJte7c/HZhQUadDoWLEAnq67dcqaQMk9e7McQvOAYM12O4d3QMr0xsx7WdzTFRzmTNt7WUgQBiYM; Expires=Mon, 24 May 2021 17:43:15 GMT; Path=/; SameSite=None; Secure clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiWXNhVWMyZE85OVI5UV84RkRkZm00US0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9; path=/; secure; HttpOnly
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
location: /Authentication/Login
citrix-transactionid: 56dd87f1-12bd-4b71-8a48-61a23dbbd26a
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

OPTIONS
H2 200 Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 0
0 137ms
137ms Preflight 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Protocol

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Origin: https://gbtpa.sharefile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 17:43:15 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: https://gbtpa.sharefile.com
access-control-allow-credentials: true
access-control-allow-headers: correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid: 637568557957655292
citrix-transactionid: 6843caa0-f4d3-4e56-ac3f-8160cdd0d364
correlationid: 91aqonk_mEqi4z9bVBXiMw
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-robots-tag: noindex

GET
H2 200 Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 4 KB
3 KB 151ms
150ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bdf435ee10b95f848a86.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: 0fMsOoXieXnNwvrbr8gE2A
Accept: application/json, text/plain, */*
Referer
Accept-Language: en
X-SF-App: ShareFileWeb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: d29ea23a-0f9e-44a9-9521-9ac4228da3e2
date: Mon, 17 May 2021 17:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid: 0fMsOoXieXnNwvrbr8gE2A
vary: Accept-Encoding
content-length: 1746
x-xss-protection: 1; mode=block
pragma: no-cache
server: Microsoft-IIS/10.0
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637568557959157673
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

GET
H2 200 custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ 27 KB
6 KB 103ms
102ms Stylesheet
text/css 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=3xQDp02DNGv-az-PYoJOeQ25ibM2MCMVRSMN7r5rKq01

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

1e5a662f5ad0fbcb44b4fc1b7a8558ecded0f4e5976d6abf96d26b7e3577fb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/sha/_Auth/Styles/custom/custom.css?v=3xQDp02DNGv-az-PYoJOeQ25ibM2MCMVRSMN7r5rKq01
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALBTGCORS=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALB=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax; AWSALBCORS=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 16:01:00 GMT
server: Microsoft-IIS/10.0
etag: "0865c04847d71:0"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=lN0OeDhj+h6JM04UKOEhIt9GGbjREC2eLCkQpa1B2m7VQC4rN6EJnDvSnVx9Qe/hEVDH14jGrTBYE9uStPa5yTpJfDqc8OPvGWwl/l8Ry8BwvVMWTn0HEBj0yzsIV6r8w1xpfXlVYc8LdU/MAMdTuYF0ELD48leHPJpy7zt8+1I7; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=lN0OeDhj+h6JM04UKOEhIt9GGbjREC2eLCkQpa1B2m7VQC4rN6EJnDvSnVx9Qe/hEVDH14jGrTBYE9uStPa5yTpJfDqc8OPvGWwl/l8Ry8BwvVMWTn0HEBj0yzsIV6r8w1xpfXlVYc8LdU/MAMdTuYF0ELD48leHPJpy7zt8+1I7; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=aPQ0pONyNloZqxPj27cEn/tLrzT/5cxhXDS1LRcm73OuMK8erJMKBQTqIZSdPvcWzIZJRTOZ1H7f0UN5/7xuBUWD04jhQysbpSiBdx2+UFiyfOJXddvShBg80XHi; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=aPQ0pONyNloZqxPj27cEn/tLrzT/5cxhXDS1LRcm73OuMK8erJMKBQTqIZSdPvcWzIZJRTOZ1H7f0UN5/7xuBUWD04jhQysbpSiBdx2+UFiyfOJXddvShBg80XHi; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 5333
x-content-type-options: nosniff

GET
H2 200 errorhandler.js Show response
gbtpa.sharefile.com/_Auth/ 548 B
1 KB 104ms
103ms Script
application/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/_Auth/errorhandler.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /_Auth/errorhandler.js
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALBTGCORS=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALB=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax; AWSALBCORS=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 16:00:50 GMT
server: Microsoft-IIS/10.0
etag: "0a566fa4747d71:0"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=gkkragVEyJD2vh8Qm2VIIBow41ggxGo4zNpPK5K3H1KSpSxK8aJnBHaszJSzuGFi1sWUhtDpTGyhEbByrAOQaezRc2XrximoxVBLiEoVXGNC0ajQsQNdKN2gHpcdD5dZH2c0a7ObI85j4nVTkrv39OqfLgSc52lApP95akyCH3tN; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=gkkragVEyJD2vh8Qm2VIIBow41ggxGo4zNpPK5K3H1KSpSxK8aJnBHaszJSzuGFi1sWUhtDpTGyhEbByrAOQaezRc2XrximoxVBLiEoVXGNC0ajQsQNdKN2gHpcdD5dZH2c0a7ObI85j4nVTkrv39OqfLgSc52lApP95akyCH3tN; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=/0YCDI/Tzhhm7NRsIfY5QUHLhMizSJXGoEBeaOnGc+VPHlAs8gL3vmM81FDuAaoLYS7kySiylbqkVUjIMc0+d58gvbYDp2ZzZUNkjICCemypVFXWRu+lOUbBJbdT; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=/0YCDI/Tzhhm7NRsIfY5QUHLhMizSJXGoEBeaOnGc+VPHlAs8gL3vmM81FDuAaoLYS7kySiylbqkVUjIMc0+d58gvbYDp2ZzZUNkjICCemypVFXWRu+lOUbBJbdT; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 349
x-content-type-options: nosniff

GET
H2 200 webpop Show response
gbtpa.sharefile.com/cache/sha/javascript/bundles/ 91 KB
30 KB 111ms
110ms Script
text/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALBTGCORS=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALB=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax; AWSALBCORS=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid: 0241ac81-96be-40be-b500-ffd6fb4edc74
date: Mon, 17 May 2021 17:43:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 17 May 2021 17:43:16 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
set-cookie: AWSALBTG=KQ8TuSJu/NJZtQgMALs47u4BMdvuKeeP6KSoKq9HhSxv2z5FY39dZxWmQFtqr7EC4e7QHrQmzpuoZ+kJ5hlfmQrDMUkK2E9jZdKMnhE8iG95tZO243WSmS+vLpk0V3iphBU8D8LF3uze7pmBBcSw0lWeKVp+CdReg47m8hpEwlO4; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=KQ8TuSJu/NJZtQgMALs47u4BMdvuKeeP6KSoKq9HhSxv2z5FY39dZxWmQFtqr7EC4e7QHrQmzpuoZ+kJ5hlfmQrDMUkK2E9jZdKMnhE8iG95tZO243WSmS+vLpk0V3iphBU8D8LF3uze7pmBBcSw0lWeKVp+CdReg47m8hpEwlO4; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=f7TzvYa1YkJ0I+jf7CFI7pV/OY3bJyI0H+tYGXfYTXs8xQgHgAGR+JKDgnXjcAD1lw5AeeAdKwyYkeImzbe/dab5YJDFwPb4NrQ0Ip07JoLnsbAlX3Es+0qoI5e1; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=f7TzvYa1YkJ0I+jf7CFI7pV/OY3bJyI0H+tYGXfYTXs8xQgHgAGR+JKDgnXjcAD1lw5AeeAdKwyYkeImzbe/dab5YJDFwPb4NrQ0Ip07JoLnsbAlX3Es+0qoI5e1; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 29743
x-content-type-options: nosniff
expires: Tue, 17 May 2022 17:43:16 GMT

GET
H2 200 webpoprequireconfig Show response
gbtpa.sharefile.com/cache/sha/bundles/ 1 KB
2 KB 118ms
118ms Script
text/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=LcWzpTtM1wxRVR7btgLz9Y794DLICOyAGXOr3AgPMLk1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/sha/bundles/webpoprequireconfig?v=LcWzpTtM1wxRVR7btgLz9Y794DLICOyAGXOr3AgPMLk1
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALBTGCORS=NdD2Cu5DlxOfywKw7Ppa1NL/GL3G8KUkIXpKS8ZsHzamV3X1eTcg2IJ+U5nRmvPz8y/mZLkqv3mDYILSjad3vM1qER+kH/HdU/MaeAS1JS6KQZyXvpJQSso7uFQeV+sa8RcZJDkeRV0WkHVdL7pclbdTiK9Z6w1AU2oKSZ1I8inw; AWSALB=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax; AWSALBCORS=KS8jqiUKce2XvEYSUFIgaurXbMwvzlUu05BD+2T9x3wTn8bOML862flefuSTr4EaKsvs0KDFbxcQmmN+BK9eW5DdTRk3panhv+hu8PjjJ4Vj7IQglLiBqXzqF5ax
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid: c9546971-f1d2-4973-a9cc-b35ae0e26788
date: Mon, 17 May 2021 17:43:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 17 May 2021 17:43:16 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
set-cookie: AWSALBTG=qibPDSyJLL7kmrt7H3NlK7xtodO01SHY4eo1dgeH7GYFOKhrB1Pu88IdYHTb3XIqR+pHjFlzBEIwH+0JoSepAqBh4D7OwFfxbyLscE+7NMRaQ6v7aE53oZGmb97xPiQwDz2rLz6G03X2SNrH1VdainUbKkFXcjPsor0vHuP0X3JV; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=qibPDSyJLL7kmrt7H3NlK7xtodO01SHY4eo1dgeH7GYFOKhrB1Pu88IdYHTb3XIqR+pHjFlzBEIwH+0JoSepAqBh4D7OwFfxbyLscE+7NMRaQ6v7aE53oZGmb97xPiQwDz2rLz6G03X2SNrH1VdainUbKkFXcjPsor0vHuP0X3JV; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=V25SJfUbsG+NDue/PfCHwkcESTQv+OWUFbmqrdIQ+tOfUBObnEeJTJy6tmjyUnxbJjgtyro52VGElOiejVdfyLokUh66CSNih8D0dDDpBsPbhtcAWgA/u/nZvFbb; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=V25SJfUbsG+NDue/PfCHwkcESTQv+OWUFbmqrdIQ+tOfUBObnEeJTJy6tmjyUnxbJjgtyro52VGElOiejVdfyLokUh66CSNih8D0dDDpBsPbhtcAWgA/u/nZvFbb; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
x-xss-protection: 1; mode=block
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 476
x-content-type-options: nosniff
expires: Tue, 17 May 2022 17:43:16 GMT

GET
H2 200 1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ 8 KB
9 KB 118ms
118ms Image
image/png 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=KQ8TuSJu/NJZtQgMALs47u4BMdvuKeeP6KSoKq9HhSxv2z5FY39dZxWmQFtqr7EC4e7QHrQmzpuoZ+kJ5hlfmQrDMUkK2E9jZdKMnhE8iG95tZO243WSmS+vLpk0V3iphBU8D8LF3uze7pmBBcSw0lWeKVp+CdReg47m8hpEwlO4; AWSALBTGCORS=KQ8TuSJu/NJZtQgMALs47u4BMdvuKeeP6KSoKq9HhSxv2z5FY39dZxWmQFtqr7EC4e7QHrQmzpuoZ+kJ5hlfmQrDMUkK2E9jZdKMnhE8iG95tZO243WSmS+vLpk0V3iphBU8D8LF3uze7pmBBcSw0lWeKVp+CdReg47m8hpEwlO4; AWSALB=f7TzvYa1YkJ0I+jf7CFI7pV/OY3bJyI0H+tYGXfYTXs8xQgHgAGR+JKDgnXjcAD1lw5AeeAdKwyYkeImzbe/dab5YJDFwPb4NrQ0Ip07JoLnsbAlX3Es+0qoI5e1; AWSALBCORS=f7TzvYa1YkJ0I+jf7CFI7pV/OY3bJyI0H+tYGXfYTXs8xQgHgAGR+JKDgnXjcAD1lw5AeeAdKwyYkeImzbe/dab5YJDFwPb4NrQ0Ip07JoLnsbAlX3Es+0qoI5e1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
referrer-policy: same-origin
last-modified: Mon, 06 Mar 2017 19:21:48 GMT
server: Microsoft-IIS/10.0
etag: "143bc5e6ae96d21:0"
content-type: image/png
x-xss-protection: 1; mode=block
set-cookie: AWSALBTG=VYFl+eNx7mThLxF/j/PslOLbkUwKuAi5iqo6huVj3DlXka6ntOrAdEszot82uTgqsoa+n6mD/poNS/UXWdvn/GEXsYdotl6XIjAxloU+RLSOCFBaeSIdpK2MYMpzTkdIaxlOMlTDF+Fvnu2Ty7VX7vu03vDFmER3/w1GPcBJm8kx; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=VYFl+eNx7mThLxF/j/PslOLbkUwKuAi5iqo6huVj3DlXka6ntOrAdEszot82uTgqsoa+n6mD/poNS/UXWdvn/GEXsYdotl6XIjAxloU+RLSOCFBaeSIdpK2MYMpzTkdIaxlOMlTDF+Fvnu2Ty7VX7vu03vDFmER3/w1GPcBJm8kx; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=Eq77I8KyTcXNFVn7um4++F7XAu9yP9Mm4/lG4XlnBl5joiAWfdI55G1S4yVl4q5N0ImFT576Hhu/qpWVqkOlOVzwNYUuLfhdrqMcdJ45/npmQcN0BdsYAwLoAa82; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=Eq77I8KyTcXNFVn7um4++F7XAu9yP9Mm4/lG4XlnBl5joiAWfdI55G1S4yVl4q5N0ImFT576Hhu/qpWVqkOlOVzwNYUuLfhdrqMcdJ45/npmQcN0BdsYAwLoAa82; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 8438
x-content-type-options: nosniff
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 396 KB
124 KB 41ms
41ms Script
application/javascript 13.224.95.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-83.zrh50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 18bb515a611b1aa19cc5520f9016f6ca2bde7005e190cefab802b1b30610ace5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 17:39:24 GMT
Content-Encoding: gzip
Age: 238
X-GUploader-UploadID: ABg5-UyPjAPNf1QFgFFays9r0bXqg8qRZejCUowTvwT5XXFthJb5i5SZ13wiYgpelh1zdFj4pt_Jgt9KUS2-IrfblA
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 126265
Access-Control-Allow-Origin: *
Last-Modified: Thu, 06 May 2021 19:09:08 GMT
Server: UploadServer
ETag: "a2dc759886a81bf2c64e1cc0c9e8c710"
Vary: Accept-Encoding
x-goog-hash: crc32c=WQO3Bw==, md5=otx1mIaoG/LGThzAyejHEA==
x-goog-generation: 1620328148644613
Via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 126265
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: IkcwfKO5c0098L6Rff-bdAGsjXJkOqGVf10u38_BOJLcd0fdb1gLXg==
Expires: Mon, 17 May 2021 17:46:48 GMT

GET
H2 200 webpop.js Show response
gbtpa.sharefile.com/cache/73a4e0bf68/bundles/ 731 KB
197 KB 105ms
105ms Script
application/javascript 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /cache/73a4e0bf68/bundles/webpop.js
pragma: no-cache
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=qibPDSyJLL7kmrt7H3NlK7xtodO01SHY4eo1dgeH7GYFOKhrB1Pu88IdYHTb3XIqR+pHjFlzBEIwH+0JoSepAqBh4D7OwFfxbyLscE+7NMRaQ6v7aE53oZGmb97xPiQwDz2rLz6G03X2SNrH1VdainUbKkFXcjPsor0vHuP0X3JV; AWSALBTGCORS=qibPDSyJLL7kmrt7H3NlK7xtodO01SHY4eo1dgeH7GYFOKhrB1Pu88IdYHTb3XIqR+pHjFlzBEIwH+0JoSepAqBh4D7OwFfxbyLscE+7NMRaQ6v7aE53oZGmb97xPiQwDz2rLz6G03X2SNrH1VdainUbKkFXcjPsor0vHuP0X3JV; AWSALB=V25SJfUbsG+NDue/PfCHwkcESTQv+OWUFbmqrdIQ+tOfUBObnEeJTJy6tmjyUnxbJjgtyro52VGElOiejVdfyLokUh66CSNih8D0dDDpBsPbhtcAWgA/u/nZvFbb; AWSALBCORS=V25SJfUbsG+NDue/PfCHwkcESTQv+OWUFbmqrdIQ+tOfUBObnEeJTJy6tmjyUnxbJjgtyro52VGElOiejVdfyLokUh66CSNih8D0dDDpBsPbhtcAWgA/u/nZvFbb
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 16:01:00 GMT
server: Microsoft-IIS/10.0
etag: "0865c04847d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=PW1IOf0crvGUpJz++p2L+ycwy12ng1De/npLQ7d40HUIGVrbBoDkGM1looNp0QBa90qWhSDyg7ltIwAOPD+XzYfr34FKjbjRxfyXLfucUzDdAX9NOP/KlwqtrpQF1Q8cYMIuQA0v0XZGYjqqzfiJRNwHZ6nUMnhHjhNPJ5Yt//ps; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=PW1IOf0crvGUpJz++p2L+ycwy12ng1De/npLQ7d40HUIGVrbBoDkGM1looNp0QBa90qWhSDyg7ltIwAOPD+XzYfr34FKjbjRxfyXLfucUzDdAX9NOP/KlwqtrpQF1Q8cYMIuQA0v0XZGYjqqzfiJRNwHZ6nUMnhHjhNPJ5Yt//ps; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=U2C9yun/Th3H5HFb1gQs3wp/bvYuLx+gulFxsJaQGmEUxB9Vc1U/7io3udGROAvVCI0e+EQZXpnudF/Av3eJlKgOkH9ppjqKKRxB+uhYuDSmoLN0EAH+LuOYZkLN; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=U2C9yun/Th3H5HFb1gQs3wp/bvYuLx+gulFxsJaQGmEUxB9Vc1U/7io3udGROAvVCI0e+EQZXpnudF/Av3eJlKgOkH9ppjqKKRxB+uhYuDSmoLN0EAH+LuOYZkLN; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 200483
x-content-type-options: nosniff

GET
H2 200 login
gbtpa.sharefile.com/saml/ 5 KB
5 KB 173ms
172ms Document
text/html 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=K6RqlwjjDtTm4V7Fu1AoIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-SJTxq46ryOI6Ktwt7pXlfw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=K6RqlwjjDtTm4V7Fu1AoIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbtpa.sharefile.com/Authentication/Login
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=PW1IOf0crvGUpJz++p2L+ycwy12ng1De/npLQ7d40HUIGVrbBoDkGM1looNp0QBa90qWhSDyg7ltIwAOPD+XzYfr34FKjbjRxfyXLfucUzDdAX9NOP/KlwqtrpQF1Q8cYMIuQA0v0XZGYjqqzfiJRNwHZ6nUMnhHjhNPJ5Yt//ps; AWSALBTGCORS=PW1IOf0crvGUpJz++p2L+ycwy12ng1De/npLQ7d40HUIGVrbBoDkGM1looNp0QBa90qWhSDyg7ltIwAOPD+XzYfr34FKjbjRxfyXLfucUzDdAX9NOP/KlwqtrpQF1Q8cYMIuQA0v0XZGYjqqzfiJRNwHZ6nUMnhHjhNPJ5Yt//ps; AWSALB=U2C9yun/Th3H5HFb1gQs3wp/bvYuLx+gulFxsJaQGmEUxB9Vc1U/7io3udGROAvVCI0e+EQZXpnudF/Av3eJlKgOkH9ppjqKKRxB+uhYuDSmoLN0EAH+LuOYZkLN; AWSALBCORS=U2C9yun/Th3H5HFb1gQs3wp/bvYuLx+gulFxsJaQGmEUxB9Vc1U/7io3udGROAvVCI0e+EQZXpnudF/Av3eJlKgOkH9ppjqKKRxB+uhYuDSmoLN0EAH+LuOYZkLN
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gbtpa.sharefile.com/Authentication/Login

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
content-type: text/html; charset=utf-8
content-length: 3160
set-cookie: AWSALBTG=Ysl7bfTT4LHqQUsy/ldRn+GBvBvStk/1xR7ygLuZ1JWEShJeVPsz1IIrYRx0EXYs20BLMwFnqGMRq3wjCJMaThHm7TcHDITyZZpeDhfP3yALwbX6X5UP+8xegd/0yg2eRrCVcXsQ/xIHloWR+OL4TvdC89qjZNx+ipUYPeL6NReL; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=Ysl7bfTT4LHqQUsy/ldRn+GBvBvStk/1xR7ygLuZ1JWEShJeVPsz1IIrYRx0EXYs20BLMwFnqGMRq3wjCJMaThHm7TcHDITyZZpeDhfP3yALwbX6X5UP+8xegd/0yg2eRrCVcXsQ/xIHloWR+OL4TvdC89qjZNx+ipUYPeL6NReL; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=2SZOP84crl5gKEKaYqBGlDTM2x3R0GdTLO23NbfNfGvMjx/BWBpfMZVDUh4VpnIYpSLD2OrheOhtoORxhEadXf0ioSt6cWlxPGKgc6rcIUR0wRhoZkr4E6QOk6LR; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=2SZOP84crl5gKEKaYqBGlDTM2x3R0GdTLO23NbfNfGvMjx/BWBpfMZVDUh4VpnIYpSLD2OrheOhtoORxhEadXf0ioSt6cWlxPGKgc6rcIUR0wRhoZkr4E6QOk6LR; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 21848454-7d82-4e4a-b74f-b5f9d268da7d
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-SJTxq46ryOI6Ktwt7pXlfw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin

GET
H2 200 en.json
gbtpa.sharefile.com/cache/dcf7c4c57f0315c95a0d015f9f4d42ae9155fc31/_Auth/locales/ 25 KB
9 KB 104ms
104ms XHR
application/json 13.248.193.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/dcf7c4c57f0315c95a0d015f9f4d42ae9155fc31/_Auth/locales/en.json

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.193.251 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=m4rqkzxa4edubw1hgwvbsbd1; SF_Subdomain=gbtpa; AWSALBTG=PW1IOf0crvGUpJz++p2L+ycwy12ng1De/npLQ7d40HUIGVrbBoDkGM1looNp0QBa90qWhSDyg7ltIwAOPD+XzYfr34FKjbjRxfyXLfucUzDdAX9NOP/KlwqtrpQF1Q8cYMIuQA0v0XZGYjqqzfiJRNwHZ6nUMnhHjhNPJ5Yt//ps; AWSALBTGCORS=PW1IOf0crvGUpJz++p2L+ycwy12ng1De/npLQ7d40HUIGVrbBoDkGM1looNp0QBa90qWhSDyg7ltIwAOPD+XzYfr34FKjbjRxfyXLfucUzDdAX9NOP/KlwqtrpQF1Q8cYMIuQA0v0XZGYjqqzfiJRNwHZ6nUMnhHjhNPJ5Yt//ps; AWSALB=U2C9yun/Th3H5HFb1gQs3wp/bvYuLx+gulFxsJaQGmEUxB9Vc1U/7io3udGROAvVCI0e+EQZXpnudF/Av3eJlKgOkH9ppjqKKRxB+uhYuDSmoLN0EAH+LuOYZkLN; AWSALBCORS=U2C9yun/Th3H5HFb1gQs3wp/bvYuLx+gulFxsJaQGmEUxB9Vc1U/7io3udGROAvVCI0e+EQZXpnudF/Av3eJlKgOkH9ppjqKKRxB+uhYuDSmoLN0EAH+LuOYZkLN; i18next=en
:path: /cache/dcf7c4c57f0315c95a0d015f9f4d42ae9155fc31/_Auth/locales/en.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: gbtpa.sharefile.com
referer: https://gbtpa.sharefile.com/Authentication/Login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:16 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 12 May 2021 16:01:00 GMT
server: Microsoft-IIS/10.0
etag: "0865c04847d71:0"
vary: Accept-Encoding
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
set-cookie: AWSALBTG=R9oVy4sRJ/F68Jl0qN3nvoy+0dds3sJRUPmIp6Oiwb2k5RN3+qi7DE5Kz9jaaxjPxku7Goo+I8khQDCdpK9x09DtquIrcLt6zPQFgMEtgEmp0HrhJDAL8Yly2lJYRtyA5EQHZJsx00mJ+qpfw7/65PYPHr8MzZbHkgK0uDFL+MRb; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBTGCORS=R9oVy4sRJ/F68Jl0qN3nvoy+0dds3sJRUPmIp6Oiwb2k5RN3+qi7DE5Kz9jaaxjPxku7Goo+I8khQDCdpK9x09DtquIrcLt6zPQFgMEtgEmp0HrhJDAL8Yly2lJYRtyA5EQHZJsx00mJ+qpfw7/65PYPHr8MzZbHkgK0uDFL+MRb; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure AWSALB=lyeZyZZRXySx7kthmCegMvkeI6OEFx57xh9pahqGG44UfyIkxYYzHygNTLQc1+Zst2/k0rHRO9wxpT1AHIU6CYoVP1QJtdy/wQAFziH+1OomrRxEMTkgHorcXNNV; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/ AWSALBCORS=lyeZyZZRXySx7kthmCegMvkeI6OEFx57xh9pahqGG44UfyIkxYYzHygNTLQc1+Zst2/k0rHRO9wxpT1AHIU6CYoVP1QJtdy/wQAFziH+1OomrRxEMTkgHorcXNNV; Expires=Mon, 24 May 2021 17:43:16 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 8363
x-content-type-options: nosniff

GET AuthShell.html
gbtpa.sharefile.com/cache/dcf7c4c57f0315c95a0d015f9f4d42ae9155fc31/_Auth/ 0
0

POST
H/1.1 200
OK Cookie set startSSO.ping Show response
sso.gallagherbassett.com/idp/ 6 KB
6 KB 673ms
221ms Document
text/html 151.147.160.186
AJGCO

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

151.147.160.186 , United States, ASN46342 (AJGCO, US),

Reverse DNS

Software

Resource Hash

4b8dbac9a041a30e767b8bc5321c920edcbd59efe00ef317b856b06efb8e50e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://www.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;

Request headers

Host: sso.gallagherbassett.com
Connection: keep-alive
Content-Length: 4270
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 17:43:17 GMT
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://www.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: PF=GKzNLdnVYKc1Cxn5svPzVY;Path=/;Secure;HttpOnly;SameSite=None
Content-Length: 5670

POST
H2 200 Sharefile Show response
www.gallagherbassett.com/sso/app/startsso/ 5 KB
2 KB 674ms
619ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e5d0a697acc9af810e15c01514fc6970ffe57d7e005a2a1418f1ee850a35fde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: POST
:authority: www.gallagherbassett.com
:scheme: https
:path: /sso/app/startsso/Sharefile
content-length: 4526
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://sso.gallagherbassett.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://sso.gallagherbassett.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://sso.gallagherbassett.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sso.gallagherbassett.com/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; expires=Fri, 17-May-2041 17:42:44 GMT; path=/; secure; HttpOnly visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; expires=Tue, 17 May 2022 02:54:13 GMT; HttpOnly; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None
date: Mon, 17 May 2021 17:42:43 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 5-98236037-98236038 NNNN CT(97 300 0) RT(1621273396736 0) q(0 0 4 0) r(6 6) U6

GET
H2 200 gbStyles2056
www.gallagherbassett.com/sso/lib/ 260 KB
47 KB 21ms
20ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/lib/gbStyles2056

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7abb827a0bf979a7bfe47f2147e3b2076224db866c72f95cf3f38273bd8380c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/lib/gbStyles2056
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:17 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 07:03:21 GMT
x-cdn: Imperva
etag: "25798256"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
x-iinfo: 5-98236114-0 0CNN RT(1621273397360 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31065604, public
content-length: 47887
expires: Thu, 12 May 2022 07:03:21 GMT

GET
H2 200 preload2056 Show response
www.gallagherbassett.com/sso/bundles/lib/ 697 KB
211 KB 134ms
133ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/preload2056

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/lib/preload2056
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:42:44 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 17:42:44 GMT
x-cdn: Imperva
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 5-98236115-98236038 PNNN RT(1621273397362 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
strict-transport-security: max-age=31536000
expires: Tue, 17 May 2022 17:42:44 GMT

GET
H2 200 startssojs2056 Show response
www.gallagherbassett.com/sso/bundles/ 67 KB
20 KB 321ms
321ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/startssojs2056

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

efd4d7eb61b87967f6a2bba872988aeca627db9572494172c095142c9ada7f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/startssojs2056
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:42:44 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 17:42:44 GMT
x-cdn: Imperva
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 5-98236116-98236117 NNNN CT(97 98 0) RT(1621273397363 0) q(0 0 2 -1) r(3 3) U18
cache-control: public
strict-transport-security: max-age=31536000
content-length: 20737
expires: Tue, 17 May 2022 17:42:44 GMT

GET
H2 200 GBLogo400px.png
www.gallagherbassett.com/sso/images/ 14 KB
14 KB 20ms
20ms Image
image/png 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/images/GBLogo400px.png

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/images/GBLogo400px.png
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:17 GMT
last-modified: Tue, 16 Mar 2021 12:46:44 GMT
x-cdn: Imperva
etag: "0524c6b621ad71:0"
strict-transport-security: max-age=31536000
content-type: image/png
x-iinfo: 5-98236197-0 0CNN RT(1621273397990 0) q(0 -1 -1 -1) r(0 -1)
content-length: 14208

GET
H2 200 spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 3 KB
3 KB 30ms
29ms Image
image/gif 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/SPA/Common/images/spinner.gif
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:43:18 GMT
last-modified: Tue, 16 Mar 2021 12:46:48 GMT
x-cdn: Imperva
etag: "0acae6d621ad71:0"
strict-transport-security: max-age=31536000
content-type: image/gif
x-iinfo: 5-98236202-98233631 2CNN RT(1621273398037 0) q(0 0 0 -1) r(0 0)
content-length: 2704

GET
H2 200 postload2056
www.gallagherbassett.com/sso/bundles/lib/ 171 KB
0 131ms
131ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/postload2056

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/lib/postload2056
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:42:44 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 17:42:45 GMT
x-cdn: Imperva
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 5-98236183-98236117 PNNN RT(1621273397881 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
strict-transport-security: max-age=31536000
expires: Tue, 17 May 2022 17:42:45 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 134 KB
19 KB 28ms
27ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1966539726

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1966539726
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19486
content-type: application/javascript

GET
H2 200 analytics.js
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4586
date: Mon, 17 May 2021 16:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 18:26:52 GMT

POST
H2 200 Primary Request Logon Show response
www.gallagherbassett.com/sso/App/ 3 KB
1 KB 134ms
133ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9d09919ec7b0fe6bf1e1e1fe1d1769ddf4eb8063bec6c28cb2733f6b5fc61651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: POST
:authority: www.gallagherbassett.com
:scheme: https
:path: /sso/App/Logon
content-length: 99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gallagherbassett.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
Upgrade-Insecure-Requests: 1
Origin: https://www.gallagherbassett.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 17 May 2021 17:42:45 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 5-98236206-98236038 PNNN RT(1621273398052 0) q(0 0 0 -1) r(1 1) U6

POST
H3-29 200 collect
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=637842453&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=179166359&gjid=746157057&cid=1124283294.1621273399&tid=UA-44339965-5&_gid=1871915827.1621273399&_r=1&_slc=1&z=351558261

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 17:43:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gallagherbassett.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logonjs2056 Show response
www.gallagherbassett.com/sso/bundles/ 355 KB
102 KB 147ms
146ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/logonjs2056

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sso/bundles/logonjs2056
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==; _ga=GA1.2.1124283294.1621273399; _gid=GA1.2.1871915827.1621273399; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/App/Logon
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:42:45 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 17:42:45 GMT
x-cdn: Imperva
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 5-98236237-98236038 PNNN RT(1621273398200 0) q(0 1 1 -1) r(2 2) U18
cache-control: public
strict-transport-security: max-age=31536000
expires: Tue, 17 May 2022 17:42:45 GMT

GET
H2 200 _Incapsula_Resource Show response
www.gallagherbassett.com/ 129 KB
18 KB 40ms
40ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=570243426

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

18e62c7d1c4f38e018ee26adf73eac302ea2935ae1cd6889dc6d1b92d043b9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=570243426
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==; _ga=GA1.2.1124283294.1621273399; _gid=GA1.2.1871915827.1621273399; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/App/Logon
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 18763
content-type: application/javascript

GET
H/1.1 200
OK openid-configuration Show response
sso.gallagherbassett.com/.well-known/ 3 KB
4 KB 475ms
127ms XHR
application/json 151.147.160.186
AJGCO

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/.well-known/openid-configuration

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2056

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

151.147.160.186 , United States, ASN46342 (AJGCO, US),

Reverse DNS

Software

Resource Hash

fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://www.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;

Request headers

Referer: https://www.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 17:43:19 GMT
Referrer-Policy: origin
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.gallagherbassett.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://www.gallagherbassett.com https://ng10.risxfacs.com https://ng10interactive.luminos-gb.com;
Content-Length: 3169
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 1 B
36 B 24ms
24ms Image
text/plain 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7032210276368183

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.7032210276368183
pragma: no-cache
cookie: mKey=456d2310-f165-459e-b111-1c63e91033aa; visid_incap_1944542=tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G; incap_ses_391_1944542=u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==; _ga=GA1.2.1124283294.1621273399; _gid=GA1.2.1871915827.1621273399; _gat=1; ___utmvc=P2BMzAGKHsoefqDm/xWXcMi6EXA2HhNfpFKDDi3fIsf3IqOmuO9HhB1eNG+SZucdWPzv/lxJznkmJJ+fiUAYbSnokOjWjIAEIy6zGBaM0r3VVxqEh66YaGbzKps5df01CXCgApyt1puAGhy/ds4A/GYGai34K7kSOY2reKE2LjmNiwZoyZjWXEFB17buqRVOS1MBqtmHDTHZc8gWfl/tqJhy1H1QrVAvkmBBAcgN0KsVCqWd9iRgKE05wUheB2AiZOxMdebTQs3LPnOdQnjUhw2Um2gnAbBV/dVMcAPpg38SNipvx+zX2KkrQUYgQfn5I8l4L1Bqyc6g1TiIHaJ6cheQf4WReR3IOAhACKcfiSrQ6WG6gWVr1rPUHX5boT0+milCuX5pV7vTEt+6Hob701LZ+W9dXMhOxyASlb/5BrlGQL6LJ8E1o+M+XJj3zy2Imli+6/SVSNPB9oeFFmilZYMKYZGhfkmVnyo9mCtklH4nG0sa2NO9NNc53QZx8gUzcOt0GUEaw7fe92YcrLogAJSI896AowIU6OeJmR4uLpreyIZ1929cV6WXU+ySkwXk/SYSbNk8+3UdJ8TFmGy+CI5XkwN3F1Ago6rslFdflLwf4e7L0paZJFkGurt0fbXGPxQSH1WUSAIERf0gElyP6gLjvfY/BsZbYJeK7K0NTUf+JC8i1lasyLcOrYJmNacCTqIYCYC0r6aveqyub0kE5KUIcFxyEP/Fn04nwts3BkAhvvkLjKBL8NRRQCp9lh5ukxjL5rti2AJlYBBLdvXNd3xoWk6CQCa/bAwIZMdOLzfbn+JgoKwPHxpcOLvF5nRM+J1RuxdP9rYKnVp+vmipQzF75LjOJBFByIg5MoNWKt5TISRdlX4iXEiiS2oqEpFnjbfq0YpQyefU0QEwVydS5/eEPU3+rUWPKjTUs19wi/tLcXiFeczg+IYl6NNHiG7u+yD8Q8yFrI+x8vAKcBpXzKknLCNZU9px/4y7qk/CxAPnQ98ro7fGY74MaACKudvS1HPOlbYUGzAdQTpUdLF0GUnDDIulomzC54/2g32JxtPQI84RfCZ4vpGwrHnHZOWYLRfxOILEKvMvL87PqoaZ/J4uzWklHat7+hRObA2ibDYaROreZ15KZslGkpBwOTE/m8MgbG+y3fXQ+v6cV9FBzHlEr+zLvwRuxPK1NkUWlH+1wgXRcx+IcuMsvZdhtSV99E7F3ll1+UeR7j6VG2aspR2ScxvzzIqwpL2mKbXmqJMUsuRpSjJXwHBTt2xwvFAQ/3ZvK8i1ZJtrV54woKPHcfkZ8k2OrSWyZx8uva68rXfBlJ9yaXiqdDIcKw0GM1C4XcETr2nI7gmeAM2GCKQtUEtu2L53sDmPoWZGuCQbf7laGI6jM4M9Z65BkU+bRSEgcj4OfZSOvo3oRJR4Cy9TlmWxM3cFTK2DB4oQsHG3460xzf4Cw/UJb6NCjejdXH7NN7D2AF3pP5npiBvSYYoQKYPBDyDMKFt01vbv0wNUfbMc+YhTxqGPCBCbt8BCThKQpEYFoTQl1i83A6OYRGNXUuOV9VF8SD87g3ai0f7MKgpyAMIcZb6sgg3jDTHcQWUOIgGrlbZJ6ce5OL8IDvUQj3+zLV89wAxE46+0pIEDs1Bi+z9QlAHIASVbnCiCsYYdTxROOuGDapNC1Q10VDGRjD0A+IgAk+L4y1bzZGgyKj3YpdospnmHyhWkIgC/X+g8EVNhItRlW0mzuFY7D+mQvRYsI3mXPPHk1x0cx/yadHo1Ca1reJEAIlzHmjX6+oHdJmq91Tm82CwokLt5pszGr5eTrbwB8I8azfYbwnic/Ypaqm/OfMCiZUhKt7DdtcRdvB8ZmoGM93alvDUETVTC+GE/mE3k8ISqPLEM93jMw1LrDmOX8WjlkgAwhRAwxuzI2uO7i8ucnYOF38V4b31AfKOwN33ww8FIP6uAds0uZZJTYx2qWi0oMKSLhg2svl36c+xyiGTfK14+Y2Yb3jv+JzDz4cBIepP6vQhsYAqXb8c6rb4sZGlnZXN0PTEzOTc4MSxzPTYwYWE4NDg3OWU3NTkzOWI3YmIwOGY4YmE1NmFhNThiYTA4NjgwODFhNTg2NmM4NDYwODhhZDY5OTI5NDY5NjJhNjZjOGNhODg3ODQ3Njc0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gallagherbassett.com
referer: https://www.gallagherbassett.com/sso/App/Logon
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/dcf7c4c57f0315c95a0d015f9f4d42ae9155fc31/_Auth/AuthShell.html

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gallagherbassett.com/	1970-01-19 18:21:13	Name: ___utmvc Value: P2BMzAGKHsoefqDm/xWXcMi6EXA2HhNfpFKDDi3fIsf3IqOmuO9HhB1eNG+SZucdWPzv/lxJznkmJJ+fiUAYbSnokOjWjIAEIy6zGBaM0r3VVxqEh66YaGbzKps5df01CXCgApyt1puAGhy/ds4A/GYGai34K7kSOY2reKE2LjmNiwZoyZjWXEFB17buqRVOS1MBqtmHDTHZc8gWfl/tqJhy1H1QrVAvkmBBAcgN0KsVCqWd9iRgKE05wUheB2AiZOxMdebTQs3LPnOdQnjUhw2Um2gnAbBV/dVMcAPpg38SNipvx+zX2KkrQUYgQfn5I8l4L1Bqyc6g1TiIHaJ6cheQf4WReR3IOAhACKcfiSrQ6WG6gWVr1rPUHX5boT0+milCuX5pV7vTEt+6Hob701LZ+W9dXMhOxyASlb/5BrlGQL6LJ8E1o+M+XJj3zy2Imli+6/SVSNPB9oeFFmilZYMKYZGhfkmVnyo9mCtklH4nG0sa2NO9NNc53QZx8gUzcOt0GUEaw7fe92YcrLogAJSI896AowIU6OeJmR4uLpreyIZ1929cV6WXU+ySkwXk/SYSbNk8+3UdJ8TFmGy+CI5XkwN3F1Ago6rslFdflLwf4e7L0paZJFkGurt0fbXGPxQSH1WUSAIERf0gElyP6gLjvfY/BsZbYJeK7K0NTUf+JC8i1lasyLcOrYJmNacCTqIYCYC0r6aveqyub0kE5KUIcFxyEP/Fn04nwts3BkAhvvkLjKBL8NRRQCp9lh5ukxjL5rti2AJlYBBLdvXNd3xoWk6CQCa/bAwIZMdOLzfbn+JgoKwPHxpcOLvF5nRM+J1RuxdP9rYKnVp+vmipQzF75LjOJBFByIg5MoNWKt5TISRdlX4iXEiiS2oqEpFnjbfq0YpQyefU0QEwVydS5/eEPU3+rUWPKjTUs19wi/tLcXiFeczg+IYl6NNHiG7u+yD8Q8yFrI+x8vAKcBpXzKknLCNZU9px/4y7qk/CxAPnQ98ro7fGY74MaACKudvS1HPOlbYUGzAdQTpUdLF0GUnDDIulomzC54/2g32JxtPQI84RfCZ4vpGwrHnHZOWYLRfxOILEKvMvL87PqoaZ/J4uzWklHat7+hRObA2ibDYaROreZ15KZslGkpBwOTE/m8MgbG+y3fXQ+v6cV9FBzHlEr+zLvwRuxPK1NkUWlH+1wgXRcx+IcuMsvZdhtSV99E7F3ll1+UeR7j6VG2aspR2ScxvzzIqwpL2mKbXmqJMUsuRpSjJXwHBTt2xwvFAQ/3ZvK8i1ZJtrV54woKPHcfkZ8k2OrSWyZx8uva68rXfBlJ9yaXiqdDIcKw0GM1C4XcETr2nI7gmeAM2GCKQtUEtu2L53sDmPoWZGuCQbf7laGI6jM4M9Z65BkU+bRSEgcj4OfZSOvo3oRJR4Cy9TlmWxM3cFTK2DB4oQsHG3460xzf4Cw/UJb6NCjejdXH7NN7D2AF3pP5npiBvSYYoQKYPBDyDMKFt01vbv0wNUfbMc+YhTxqGPCBCbt8BCThKQpEYFoTQl1i83A6OYRGNXUuOV9VF8SD87g3ai0f7MKgpyAMIcZb6sgg3jDTHcQWUOIgGrlbZJ6ce5OL8IDvUQj3+zLV89wAxE46+0pIEDs1Bi+z9QlAHIASVbnCiCsYYdTxROOuGDapNC1Q10VDGRjD0A+IgAk+L4y1bzZGgyKj3YpdospnmHyhWkIgC/X+g8EVNhItRlW0mzuFY7D+mQvRYsI3mXPPHk1x0cx/yadHo1Ca1reJEAIlzHmjX6+oHdJmq91Tm82CwokLt5pszGr5eTrbwB8I8azfYbwnic/Ypaqm/OfMCiZUhKt7DdtcRdvB8ZmoGM93alvDUETVTC+GE/mE3k8ISqPLEM93jMw1LrDmOX8WjlkgAwhRAwxuzI2uO7i8ucnYOF38V4b31AfKOwN33ww8FIP6uAds0uZZJTYx2qWi0oMKSLhg2svl36c+xyiGTfK14+Y2Yb3jv+JzDz4cBIepP6vQhsYAqXb8c6rb4sZGlnZXN0PTEzOTc4MSxzPTYwYWE4NDg3OWU3NTkzOWI3YmIwOGY4YmE1NmFhNThiYTA4NjgwODFhNTg2NmM4NDYwODhhZDY5OTI5NDY5NjJhNjZjOGNhODg3ODQ3Njc0
.gallagherbassett.com/	1970-01-20 11:52:25	Name: _ga Value: GA1.2.1124283294.1621273399
.gallagherbassett.com/	1970-01-19 18:21:13	Name: _gat Value: 1
.gallagherbassett.com/	1970-01-19 18:22:39	Name: _gid Value: GA1.2.1871915827.1621273399
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_391_1944542 Value: u6BgQ0+FvWwubXI0vxxtBTWromAAAAAAMXJ+Vu+E7tdVvfL7i22Bgw==
.gallagherbassett.com/	1970-01-20 03:05:56	Name: visid_incap_1944542 Value: tmYQV5iIS96aRL3NoMIcoTSromAAAAAAQUIPAAAAAACZhdeRqIV6g7LxYS+Uz63G
www.gallagherbassett.com/	1970-01-27 01:40:25	Name: mKey Value: 456d2310-f165-459e-b111-1c63e91033aa

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://www.gallagherbassett.com/sso/bundles/logonjs2056(Line 5) Message: UserManager.getUser: user not found in storage
console-api	info	URL: https://www.gallagherbassett.com/sso/bundles/logonjs2056(Line 5) Message: UserManager.getUser: user not found in storage
console-api	log	URL: https://www.gallagherbassett.com/sso/App/Logon(Line 72) Message: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-R+WA7vGX1LhaqTjcyq3wKA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.pendo.io
events.launchdarkly.com
gbtpa.sf-api.com
gbtpa.sharefile.com
i2-muzqopwrnedranraivkauuxaqwswmo.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
gbtpa.sharefile.com
104.225.98.129
13.224.95.83
13.248.193.251
151.101.14.217
151.147.160.186
2607:f740:e619::1
2a00:1450:4001:828::200e
34.197.25.35
35.241.57.45
45.60.123.80
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
18bb515a611b1aa19cc5520f9016f6ca2bde7005e190cefab802b1b30610ace5
18e62c7d1c4f38e018ee26adf73eac302ea2935ae1cd6889dc6d1b92d043b9b0
1967b6660bdf14b62a299456f325fb7582feba5aaf7bc4754aae2dfa5e350e1c
1e5a662f5ad0fbcb44b4fc1b7a8558ecded0f4e5976d6abf96d26b7e3577fb80
4b8dbac9a041a30e767b8bc5321c920edcbd59efe00ef317b856b06efb8e50e5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292
57ed0dbf2bab2a584824131cf8f2669cbf1f463c4938972f53c63aed6ddae2f1
6794cb4a2ad45c17fe6006479b8a185642f59ce95b5f5b456eead626405ae81c
69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
793a7bdbca22b99d5482d76687cce9fe033aad560fe7471a9cef65a046e4b8b7
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
7abb827a0bf979a7bfe47f2147e3b2076224db866c72f95cf3f38273bd8380c9
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe
8dc2d4e78fa4e1f268d5b767cdc47f64f26d9283c66e6ce6bdbe49c503243561
9d09919ec7b0fe6bf1e1e1fe1d1769ddf4eb8063bec6c28cb2733f6b5fc61651
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d0a697acc9af810e15c01514fc6970ffe57d7e005a2a1418f1ee850a35fde7
eaaeed609327c4ba82db5346f9a5985bd76b33c28e91d1767c36171fe369d961
efd4d7eb61b87967f6a2bba872988aeca627db9572494172c095142c9ada7f0a
fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73
ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98

www.gallagherbassett.com Open in urlscan Pro 45.60.123.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

53 Requests

98 %HTTPS

20 %IPv6

8 Domains

11 Subdomains

11 IPs

3 Countries

1616 kBTransfer

5644 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

20 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

1616 kB
Transfer

5644 kB
Size

7
Cookies

53 HTTP transactions
0 data transactions