citrixworkflows.sharefile.com Open in urlscan Pro
3.18.251.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78
Submission: On May 20 via manual (May 20th 2022, 1:39:21 pm UTC) from GB — Scanned from GB

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 3.18.251.20, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is citrixworkflows.sharefile.com. The Cisco Umbrella rank of the primary domain is 612538.
TLS certificate: Issued by Amazon on October 10th 2021. Valid for: a year.

This is the only time citrixworkflows.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	3.18.251.20 3.18.251.20	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:224... 2600:9000:224a:4e00:c:771f:ad80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:3200:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	76.223.1.166 76.223.1.166	() ()
1	13.248.181.201 13.248.181.201	() ()
12	5

2 3.18.251.20 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-251-20.us-east-2.compute.amazonaws.com

citrixworkflows.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:224a:4e00:c:771f:ad80:21 (United States)

ASN16509 (AMAZON-02, US)

d17f4e1i5rb5bq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3200:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.1.166 (None, ) 1 redirects

ASN- ()

berkeley-group.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.181.201 (None, )

ASN- ()

berkeley-group.sharefile.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net d17f4e1i5rb5bq.cloudfront.net	5 MB
3	sharefile.com 1 redirects citrixworkflows.sharefile.com — Cisco Umbrella Rank: 612538 berkeley-group.sharefile.com	6 KB
1	sharefile.eu berkeley-group.sharefile.eu
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1145	142 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	869 B
12	5

	Domain	Requested by
7	d17f4e1i5rb5bq.cloudfront.net	citrixworkflows.sharefile.com d17f4e1i5rb5bq.cloudfront.net
2	citrixworkflows.sharefile.com	d17f4e1i5rb5bq.cloudfront.net
1	berkeley-group.sharefile.eu	d17f4e1i5rb5bq.cloudfront.net
1	berkeley-group.sharefile.com	1 redirects
1	cdn.pendo.io	citrixworkflows.sharefile.com
1	fonts.googleapis.com	citrixworkflows.sharefile.com
12	6

This site contains no links.

Subject Issuer	Validity	Valid
citrixworkflows.sharefile.com Amazon	`2021-10-10` - `2022-11-08`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
*.sharefile.eu Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh

This page contains 1 frames:

Frame: https://berkeley-group.sharefile.eu/Authentication/Login
Frame ID: 52EBE20D23EA8D8FD12F62AF1CD49F66
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

5180 kB
Transfer

5485 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&state=248c78dc-02bf-4275-9ced-d08e83f5bf9f&subdomain=Berkeley-Group HTTP 301
https://berkeley-group.sharefile.eu/Authentication/Login

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request c3cf2df3-aaa8-4711-a30e-d71eaf96cb78 Show response
citrixworkflows.sharefile.com/feedback-workflow/ 3 KB
3 KB 370ms
130ms Document
text/html 3.18.251.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.251.20 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-251-20.us-east-2.compute.amazonaws.com

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10

Resource Hash

ccfbf8550fa672de9672a9fd19cccfd8c30bf47461d5f1a9a62a81e822313029

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; child-src 'self'; connect-src ; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; media-src 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' .pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 13:39:13 GMT
etag: W/"ccfbf8550fa672de9672a9fd19cccfd8"
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.10
status: 200 OK
strict-transport-security: max-age=631138519
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) 6.0.10
x-request-id: 5ea75a8c-4f9b-40c9-be3b-a954420b8f46
x-xss-protection: 1; mode=block

GET
H2 200 vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
d17f4e1i5rb5bq.cloudfront.net/assets/ 104 KB
104 KB 165ms
55ms Stylesheet
text/css 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4944b5a5e746fd2a29fe6218f565cb35e1a508e8217b06f0bc9dbc7312444a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 04:40:03 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Thu, 09 Sep 2021 14:15:07 GMT
server: AmazonS3
age: 32351
etag: "a1641098e53c453003aa46b937c8a8f7"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 106313
x-amz-cf-id: kXmSBaBNxMyGT2KSn_WyAck02n4vi2f8KsVfrtManXyZ5pTHm0dgVQ==

GET
H2 200 ember-workflows-25392a8e139a33e0533d55874da2e97c.css
d17f4e1i5rb5bq.cloudfront.net/assets/ 454 KB
455 KB 165ms
55ms Stylesheet
text/css 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-25392a8e139a33e0533d55874da2e97c.css
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f61d6ffdb4a70832ac05fe90b43681b0ec4501fd834a33abd29bbab0c5a36dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 04:40:03 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Thu, 09 Sep 2021 14:14:55 GMT
server: AmazonS3
age: 32351
etag: "b151bdfd366198d3529f1136f6753806"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 465009
x-amz-cf-id: ij8HQM11XKhBG3u6i9_QhXcy1umpLbN8F2Y6AqopPYtTVjqbIfV_4Q==

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 133ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 May 2022 13:39:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 20 May 2022 13:39:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 May 2022 13:39:13 GMT

GET
H2 200 vendor-eb420ed2f95222ccdc016abddc2efa7d.js Show response
d17f4e1i5rb5bq.cloudfront.net/assets/ 3 MB
3 MB 218ms
108ms Script
application/javascript 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07c5fc0eed34853db70f1d1b4460415cfe1a9002d0de4cf3dd439312a97da250

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 04:40:03 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 04 May 2022 09:12:55 GMT
server: AmazonS3
age: 32351
etag: "079a819c9caacaf3ab98c1e8657177bd"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 3587732
x-amz-cf-id: DPXfUYy3y_ciBHPRnAIdbXA0lSGz6vrWhZF0fd0pODP9ebHOeWLtpA==

GET
H2 200 ember-workflows-cf65dc5298bf92d63dabc7bf9d4f33fa.js Show response
d17f4e1i5rb5bq.cloudfront.net/assets/ 900 KB
902 KB 369ms
259ms Script
application/javascript 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-cf65dc5298bf92d63dabc7bf9d4f33fa.js
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c534d4bc78042b84dafc89f64398a1a913e0a7cb3ec2182bf6bd3d546a5f6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 04:40:03 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 11:10:14 GMT
server: AmazonS3
age: 32351
etag: "b903dbafc2b3e8243084089bedbdea45"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 921909
x-amz-cf-id: xb0DI_9Dpm5cBuwqos6b-RrV0fFz9CO169-775tUe90Zm6TBMPnjRQ==

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 458 KB
142 KB 245ms
70ms Script
application/javascript 2600:9000:223f:3200:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 43c45512d466c1253f8227f00bd7490bd7297806d0c817abd19607262cd88b5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 13:39:14 GMT
Content-Encoding: gzip
Age: 311
X-GUploader-UploadID: ADPycdulcq9YkMrxScdFYinnr6hKOkH8iyRJAuuXxn36FlI6qyCPn6MF1eFk7mHPXWJ-CyGL82SawqS9kuidyAw9qRNid0I6WTTY
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 144537
Access-Control-Allow-Origin: *
Last-Modified: Thu, 12 May 2022 19:18:04 GMT
Server: UploadServer
ETag: "bda456a10d4a8388a87eb932fbfb4f12"
Vary: Accept-Encoding
x-goog-hash: crc32c=wYf+Tw==, md5=vaRWoQ1Kg4iofrky+/tPEg==
x-goog-generation: 1652383084332380
Via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 144537
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: aeZi_MlgD0DA699Kb0NEl7idmudggmMFy1ehnHRF76hDF2ImFCaQSw==
Expires: Fri, 20 May 2022 13:41:33 GMT

GET
H2 200 CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
d17f4e1i5rb5bq.cloudfront.net/assets/fonts/ 26 KB
26 KB 138ms
52ms Font
font/woff 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/fonts/CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
Requested by: Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-25392a8e139a33e0533d55874da2e97c.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-25392a8e139a33e0533d55874da2e97c.css
Origin: https://citrixworkflows.sharefile.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 20:11:50 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 62845
x-cache: Hit from cloudfront
content-length: 26249
last-modified: Thu, 09 Sep 2021 14:14:57 GMT
server: AmazonS3
etag: "58238858892db48030c012a757eb17d2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: Mwogn_R5p5Lf46-L0ZvhYcm9CBAqu9BdrsiLS1JcdnpMWr3MeJS-YQ==

GET
H2 200 assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
d17f4e1i5rb5bq.cloudfront.net/assets/ 18 KB
19 KB 138ms
88ms XHR
application/json 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
Requested by: Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citrixworkflows.sharefile.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 20:11:50 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 62845
x-cache: Hit from cloudfront
content-length: 18457
last-modified: Thu, 09 Sep 2021 14:14:54 GMT
server: AmazonS3
etag: "6f678643d06379c45bcc2a4d78d4e7e1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: OFXh7gRWvtBwTj8PQXPia4jF4h7lpOstJvpveEA1Wl4SPUu_R-Vo1A==

GET
H2 200 assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
d17f4e1i5rb5bq.cloudfront.net/assets/ 18 KB
19 KB 137ms
88ms XHR
application/json 2600:9000:224a:4e00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/assetMap-cfdf8ecb331b0a5612b69c107dc4a71b.json
Requested by: Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citrixworkflows.sharefile.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 20:11:50 GMT
via: 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 62845
x-cache: Hit from cloudfront
content-length: 18457
last-modified: Thu, 09 Sep 2021 14:14:54 GMT
server: AmazonS3
etag: "6f678643d06379c45bcc2a4d78d4e7e1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: ej5eEvbo2YNgclLGcfBwm5gcowDPMHHGlCT-eyiZIM8ukiXZWnDKEA==

GET
H2 200 authorize_url
citrixworkflows.sharefile.com/api/ 300 B
2 KB 135ms
135ms XHR
application/json 3.18.251.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixworkflows.sharefile.com/api/authorize_url?workflow_id=c3cf2df3-aaa8-4711-a30e-d71eaf96cb78

Requested by

Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.251.20 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-251-20.us-east-2.compute.amazonaws.com

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; child-src 'self'; connect-src ; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; media-src 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' .pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citrixworkflows.sharefile.com/
X-CSRF-Token: NPCMq7sAPXaw1Xc+KgQY2sQpCg3XbG3tE6dxO04SA459POhr4rb+VgeWGKes0KjmWNJd/ltbTDi8itMW9LbhRg==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 20 May 2022 13:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) 6.0.10
status: 200 OK
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 67930138-d3a3-4f63-aec9-4bba57f8ed0e
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.10
x-frame-options: sameorigin
etag: W/"00c0801cd60d3b667ea84c32b9a0a9eb"
x-download-options: noopen
strict-transport-security: max-age=631138519
content-type: application/json
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report

GET
H2

200

https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&stat...
https://berkeley-group.sharefile.eu/Authentication/Login

0
0

757ms
650ms

Document
text/html

13.248.181.201

General

Check archive.org

Show headers Download Go to

Full URL

https://berkeley-group.sharefile.eu/Authentication/Login

Requested by

Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-cf65dc5298bf92d63dabc7bf9d4f33fa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.181.201 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-0kvClImoBhc4UqqBw3Q5BA==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: f995dde0-509e-4c76-8425-131a20b50308
content-encoding: gzip
content-length: 2615
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-0kvClImoBhc4UqqBw3Q5BA==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 13:39:21 GMT
expires: 0
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 8a1b8f55-8d7b-4886-8119-71f1d53b8379
content-length: 173
content-type: text/html; charset=utf-8
date: Fri, 20 May 2022 13:39:20 GMT
expires: 0
location: https://berkeley-group.sharefile.eu/Authentication/Login
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citrixworkflows.sharefile.com/	1970-01-20 03:10:57	Name: _session_id Value: 3c600fb76e37b3d703eb904e3d3a14ff
citrixworkflows.sharefile.com/	1969-12-31 23:59:59	Name: ember_simple_auth-session Value: %7B%22attempted_transition_url%22%3A%22https%3A%2F%2Fcitrixworkflows.sharefile.com%2Ffeedback-workflow%2Fc3cf2df3-aaa8-4711-a30e-d71eaf96cb78%22%2C%22authenticated%22%3A%7B%7D%7D
.sharefile.com/	1970-01-20 03:10:54	Name: state Value: 248c78dc-02bf-4275-9ced-d08e83f5bf9f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://citrixworkflows.sharefile.com/feedback-workflow/c3cf2df3-aaa8-4711-a30e-d71eaf96cb78 Message: The Content-Security-Policy directive 'plugin-types' has been removed from the specification. If you want to block plugins, consider specifying "object-src 'none'" instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self'; child-src 'self'; connect-src ; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; media-src 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' .pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berkeley-group.sharefile.com
berkeley-group.sharefile.eu
cdn.pendo.io
citrixworkflows.sharefile.com
d17f4e1i5rb5bq.cloudfront.net
fonts.googleapis.com
13.248.181.201
2600:9000:223f:3200:1f:aa31:7740:93a1
2600:9000:224a:4e00:c:771f:ad80:21
2a00:1450:4001:82b::200a
3.18.251.20
76.223.1.166
07c5fc0eed34853db70f1d1b4460415cfe1a9002d0de4cf3dd439312a97da250
1f61d6ffdb4a70832ac05fe90b43681b0ec4501fd834a33abd29bbab0c5a36dc
43c45512d466c1253f8227f00bd7490bd7297806d0c817abd19607262cd88b5f
786f8e86896c85d5941a05d0519c32b261947a8c229f5581f308595381b7448e
a2c534d4bc78042b84dafc89f64398a1a913e0a7cb3ec2182bf6bd3d546a5f6b
ccfbf8550fa672de9672a9fd19cccfd8c30bf47461d5f1a9a62a81e822313029
d4944b5a5e746fd2a29fe6218f565cb35e1a508e8217b06f0bc9dbc7312444a3

citrixworkflows.sharefile.com Open in urlscan Pro 3.18.251.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

5180 kBTransfer

5485 kBSize

3 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

citrixworkflows.sharefile.com Open in urlscan Pro
3.18.251.20 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

5180 kB
Transfer

5485 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions