urlscan.io logo urlscan.io
SecurityTrails logo

berkeley-group.sharefile.eu Open in urlscan Pro
13.248.181.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Effective URL: https://berkeley-group.sharefile.eu/Authentication/Login
Submission: On August 03 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 13.248.181.201, located in and belongs to . The main domain is berkeley-group.sharefile.eu.
TLS certificate: Issued by Amazon on November 16th 2021. Valid for: a year.
This is the only time berkeley-group.sharefile.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    3.14.53.112 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-53-112.us-east-2.compute.amazonaws.com
citrixworkflows.sharefile.com
7    2600:9000:211a:ba00:c:771f:ad80:21 (United States)

ASN16509 (AMAZON-02, US)
d17f4e1i5rb5bq.cloudfront.net
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:206e:b200:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    76.223.1.166 (United States)

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com
berkeley-group.sharefile.com
1    13.248.181.201 (None, )

ASN- ()
berkeley-group.sharefile.eu
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d17f4e1i5rb5bq.cloudfront.net
5 MB
3 sharefile.com
citrixworkflows.sharefile.com — Cisco Umbrella Rank: 444360
berkeley-group.sharefile.com
6 KB
1 sharefile.eu
berkeley-group.sharefile.eu
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 888
149 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
868 B
16 5
Domain Requested by
7 d17f4e1i5rb5bq.cloudfront.net citrixworkflows.sharefile.com
d17f4e1i5rb5bq.cloudfront.net
2 citrixworkflows.sharefile.com d17f4e1i5rb5bq.cloudfront.net
1 berkeley-group.sharefile.eu d17f4e1i5rb5bq.cloudfront.net
berkeley-group.sharefile.eu
1 berkeley-group.sharefile.com 1 redirects
1 cdn.pendo.io citrixworkflows.sharefile.com
1 fonts.googleapis.com citrixworkflows.sharefile.com
16 6

This site contains no links.

Subject Issuer Validity Valid
citrixworkflows.sharefile.com
Amazon		 2021-10-10 -
2022-11-08		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
cdn.pendo.io
Amazon		 2022-07-30 -
2023-08-28		 a year crt.sh
*.sharefile.eu
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://berkeley-group.sharefile.eu/Authentication/Login
Frame ID: CCE595AF02DF7B3FA81078045611589C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8 Page URL
  2. https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=http... HTTP 301
    https://berkeley-group.sharefile.eu/Authentication/Login Page URL

Detected technologies

Overall confidence: 75%
Detected patterns

Page Statistics

16
Requests

75 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

5187 kB
Transfer

5516 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8 Page URL
  2. https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&state=1d4ecf0b-29b9-4b18-bb8a-655db3425e22&subdomain=Berkeley-Group HTTP 301
    https://berkeley-group.sharefile.eu/Authentication/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0054c1f3-7af3-4743-b82e-181653a103b8
citrixworkflows.sharefile.com/feedback-workflow/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.53.112 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-53-112.us-east-2.compute.amazonaws.com
Software
nginx/1.20.1 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10
Resource Hash
422a5505a49c9b7410e222651ca56e44cfd7767dc07af834094aae3d439a9252
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 11:12:57 GMT
etag
W/"422a5505a49c9b7410e222651ca56e44"
server
nginx/1.20.1 + Phusion Passenger(R) 6.0.10
status
200 OK
strict-transport-security
max-age=631138519
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.10
x-request-id
bc0fe3c7-7d9b-4b27-80c3-102ce73675a1
x-xss-protection
1; mode=block
vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
d17f4e1i5rb5bq.cloudfront.net/assets/ 		104 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
Requested by
Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4944b5a5e746fd2a29fe6218f565cb35e1a508e8217b06f0bc9dbc7312444a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://citrixworkflows.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:33:26 GMT
via
1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 14:15:07 GMT
server
AmazonS3
age
20373
etag
"a1641098e53c453003aa46b937c8a8f7"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
106313
x-amz-cf-id
d1J2nkYwK4w-bR-4fKAZ_GTBkUb8Y_iyQFP11ChNKHxuQ2v99T4F0w==
ember-workflows-25392a8e139a33e0533d55874da2e97c.css
d17f4e1i5rb5bq.cloudfront.net/assets/ 		454 KB
455 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-25392a8e139a33e0533d55874da2e97c.css
Requested by
Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f61d6ffdb4a70832ac05fe90b43681b0ec4501fd834a33abd29bbab0c5a36dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://citrixworkflows.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:22:20 GMT
via
1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 14:14:55 GMT
server
AmazonS3
age
21039
etag
"b151bdfd366198d3529f1136f6753806"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
465009
x-amz-cf-id
AyAXJlznV2W3GlZSvVGPOtAXFNCa8dPZ0vuCVkMU6VQSmkr7EuXlFA==
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://citrixworkflows.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 11:12:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 03 Aug 2022 11:12:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Aug 2022 11:12:57 GMT
vendor-eb420ed2f95222ccdc016abddc2efa7d.js
d17f4e1i5rb5bq.cloudfront.net/assets/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Requested by
Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07c5fc0eed34853db70f1d1b4460415cfe1a9002d0de4cf3dd439312a97da250

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://citrixworkflows.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:33:26 GMT
via
1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 09:12:55 GMT
server
AmazonS3
age
20373
etag
"079a819c9caacaf3ab98c1e8657177bd"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
3587732
x-amz-cf-id
LWGBSu5CZZvH6piW2BXqAQwhYuKlH-2FJWXPkwNETY0XAxZcyICTYg==
ember-workflows-67cad97779aac0a69d67320cf887de29.js
d17f4e1i5rb5bq.cloudfront.net/assets/ 		901 KB
902 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-67cad97779aac0a69d67320cf887de29.js
Requested by
Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb7728e682e84283f055ec8f56df0a174ab2b4b95dae551b61fa9cb0538c7edd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://citrixworkflows.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:22:20 GMT
via
1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 10:18:45 GMT
server
AmazonS3
age
21039
etag
"dd81e347116cb6eba04e79f1adc0921e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-length
922504
x-amz-cf-id
mvUN71Ks0waXo1JEpiB9psLkG_kwKhz0FrizoACPel5TuBokODMlpg==
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 		482 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:b200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b132249cb31a9d1d4b6eb84974575902a11ca46ce01148c35a05a0b484b9cfda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://citrixworkflows.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 11:11:28 GMT
Content-Encoding
gzip
Age
90
X-GUploader-UploadID
ADPycdu32lGOb4AJrry784TolPj-37yXA3WXnJlOKZtLTuacjKgnO4nZpEF45E1q8ITLg9VYvvGti1qqlC9TQOpnyscdUEZWjvc8
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
151688
Access-Control-Allow-Origin
*
Last-Modified
Fri, 29 Jul 2022 18:12:18 GMT
Server
UploadServer
ETag
"f44531c0f75c9d402963f4407792ed5f"
Vary
Accept-Encoding
x-goog-hash
crc32c=hkhw1Q==, md5=9EUxwPdcnUApY/RAd5LtXw==
x-goog-generation
1659118338281903
Via
1.1 d13056936a303c282faeee607951588a.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
151688
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
NgeEtuLqwLRpmlcOdvyjnG__x4hKQTMbM1uE0Cp7aUznGs61QtFGYw==
Expires
Wed, 03 Aug 2022 11:18:58 GMT
CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
d17f4e1i5rb5bq.cloudfront.net/assets/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/fonts/CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
Requested by
Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-25392a8e139a33e0533d55874da2e97c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd4d5f23336beb3b603af3bcaedb1944361755757ad50616d83d9147ba4cf56d

Request headers

Referer
https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-25392a8e139a33e0533d55874da2e97c.css
Origin
https://citrixworkflows.sharefile.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:04:24 GMT
via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
22116
x-cache
Hit from cloudfront
content-length
26249
last-modified
Thu, 09 Sep 2021 14:14:57 GMT
server
AmazonS3
etag
"58238858892db48030c012a757eb17d2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
x-amz-cf-id
8b5Dx0EtU1e8xsqKnYxzF2Z2Gi60gDn3UHk8zpMDnii1V-L4lL_EEg==
assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
d17f4e1i5rb5bq.cloudfront.net/assets/ 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
Requested by
Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a7d0cf6e839554dc4cccb4eeddb84cddeff56ed16174f3d67204a74ebd1c9d0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citrixworkflows.sharefile.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:11:13 GMT
via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
21707
x-cache
Hit from cloudfront
content-length
18457
last-modified
Thu, 09 Sep 2021 14:14:54 GMT
server
AmazonS3
etag
"6f678643d06379c45bcc2a4d78d4e7e1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
x-amz-cf-id
btWShxbQrVe_Nd2ZnwGZ9zmGnm_DcAck16-6ATA8UaKMzJAHdrgHaQ==
assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
d17f4e1i5rb5bq.cloudfront.net/assets/ 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d17f4e1i5rb5bq.cloudfront.net/assets/assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
Requested by
Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:ba00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a7d0cf6e839554dc4cccb4eeddb84cddeff56ed16174f3d67204a74ebd1c9d0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citrixworkflows.sharefile.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:11:13 GMT
via
1.1 95c9d51ed7176777d7ac8ca8cb233696.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
21707
x-cache
Hit from cloudfront
content-length
18457
last-modified
Thu, 09 Sep 2021 14:14:54 GMT
server
AmazonS3
etag
"6f678643d06379c45bcc2a4d78d4e7e1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
x-amz-cf-id
Tty5XRUS5X6wJBrL9qOB_iMuovz7DUIx41f3zBK8JC13Q-VlA1_v4A==
authorize_url
citrixworkflows.sharefile.com/api/ 		300 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citrixworkflows.sharefile.com/api/authorize_url?workflow_id=0054c1f3-7af3-4743-b82e-181653a103b8
Requested by
Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.53.112 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-53-112.us-east-2.compute.amazonaws.com
Software
nginx/1.20.1 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://citrixworkflows.sharefile.com/
X-CSRF-Token
ZfC29u9pZ1dLmqRoseQZshXm97j/DJ98iPdFlXIw3AL0HdbH9T3MODiAHL0NZ5pR4LdT1ZyaId7mpnD/TL2Zwg==
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 03 Aug 2022 11:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.10
status
200 OK
vary
Origin
x-xss-protection
1; mode=block
x-request-id
34125a8e-3388-4936-ad3e-5d32041ac431
server
nginx/1.20.1 + Phusion Passenger(R) 6.0.10
x-frame-options
sameorigin
etag
W/"a1592d60fdf6fb7c438e20a9d4c839fd"
x-download-options
noopen
strict-transport-security
max-age=631138519
content-type
application/json
cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Primary Request Login
berkeley-group.sharefile.eu/Authentication/
Redirect Chain
  • https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&stat...
  • https://berkeley-group.sharefile.eu/Authentication/Login
7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://berkeley-group.sharefile.eu/Authentication/Login
Requested by
Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-67cad97779aac0a69d67320cf887de29.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.181.201 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-YMWJSps1AmBOJdE5+4zdXw==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, no-store, must-revalidate
citrix-transactionid
decd0a30-814c-44a3-b282-05f97b8d4425
content-encoding
gzip
content-length
2613
content-security-policy
style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-YMWJSps1AmBOJdE5+4zdXw==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 11:13:06 GMT
expires
0
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private,no-cache, no-store, must-revalidate
citrix-transactionid
25bffa5f-fda4-4d23-9451-09d334f107f0
content-length
173
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 11:13:02 GMT
expires
0
location
https://berkeley-group.sharefile.eu/Authentication/Login
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
x-xss-protection
1; mode=block
custom.css
berkeley-group.sharefile.eu/cache/sha/_Auth/Styles/custom/ 		0
0
errorhandler.js
berkeley-group.sharefile.eu/_Auth/ 		0
0
webpop
berkeley-group.sharefile.eu/cache/sha/javascript/bundles/ 		0
0
webpoprequireconfig
berkeley-group.sharefile.eu/cache/sha/bundles/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
berkeley-group.sharefile.eu
URL
https://berkeley-group.sharefile.eu/cache/sha/_Auth/Styles/custom/custom.css?v=gfaOxywlHsgEyPXDhXp0dHEhIC9jQyePv5zS6ssdcKo1
Domain
berkeley-group.sharefile.eu
URL
https://berkeley-group.sharefile.eu/_Auth/errorhandler.js
Domain
berkeley-group.sharefile.eu
URL
https://berkeley-group.sharefile.eu/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Domain
berkeley-group.sharefile.eu
URL
https://berkeley-group.sharefile.eu/cache/sha/bundles/webpoprequireconfig?v=jWlLbyFw0-Fc1ZuEBA9OsqzolkRNAODk4V9Z5w3TqQc1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

8 Cookies

Domain/Path Name / Value
citrixworkflows.sharefile.com/ Name: _session_id
Value: 0a353f2ff625b34185f48842b2a6f32b
citrixworkflows.sharefile.com/ Name: ember_simple_auth-session
Value: %7B%22attempted_transition_url%22%3A%22https%3A%2F%2Fcitrixworkflows.sharefile.com%2Ffeedback-workflow%2F0054c1f3-7af3-4743-b82e-181653a103b8%22%2C%22authenticated%22%3A%7B%7D%7D
.sharefile.com/ Name: state
Value: 1d4ecf0b-29b9-4b18-bb8a-655db3425e22
berkeley-group.sharefile.com/ Name: AWSALBTG
Value: AMTcLxzxUjdTa6Lt9z9Bc2Xl6HJ8YedjAxwOiu7o7hSp0NLhjjqjhXsxkrkCVU46uGoUxZjxb+H7OnN8/lbMieBbXHcgjsU6qp58sbOzxqbCmR/NpexeJK6SLlgu2OCLcVXjgObnyYAgmiRPN8iFXZ01XDOAGN8hWhX40PxcjuCX
berkeley-group.sharefile.com/ Name: AWSALBTGCORS
Value: AMTcLxzxUjdTa6Lt9z9Bc2Xl6HJ8YedjAxwOiu7o7hSp0NLhjjqjhXsxkrkCVU46uGoUxZjxb+H7OnN8/lbMieBbXHcgjsU6qp58sbOzxqbCmR/NpexeJK6SLlgu2OCLcVXjgObnyYAgmiRPN8iFXZ01XDOAGN8hWhX40PxcjuCX
berkeley-group.sharefile.com/ Name: AWSALB
Value: e8MwFdtMlWX244nuCxWFUk6gAHp30kCuOaXafiqv20X4cIUzqK2WEO6kBSAkLEVxMl3sU9S42dDpjHD0yoYlSJWqFOIiMEsjFR4CijplesMGJxTej6YhVbbrxHbU
berkeley-group.sharefile.com/ Name: AWSALBCORS
Value: e8MwFdtMlWX244nuCxWFUk6gAHp30kCuOaXafiqv20X4cIUzqK2WEO6kBSAkLEVxMl3sU9S42dDpjHD0yoYlSJWqFOIiMEsjFR4CijplesMGJxTej6YhVbbrxHbU
berkeley-group.sharefile.com/ Name: ASP.NET_SessionId
Value: 313eiqpcdywqc045xzi3lvww

1 Console Messages

Source Level URL
Text
security error URL: https://citrixworkflows.sharefile.com/feedback-workflow/0054c1f3-7af3-4743-b82e-181653a103b8
Message:
The Content-Security-Policy directive 'plugin-types' has been removed from the specification. If you want to block plugins, consider specifying "object-src 'none'" instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block