Submitted URL: https://sharefile.com.admin-mcas.ms/
Effective URL: https://www.sharefile.com/
Submission Tags: @phishunt_io
Submission: On April 01 via api from DE — Scanned from GB

Summary

This website contacted 38 IPs in 6 countries across 34 domains to perform 194 HTTP transactions. The main IP is 2a02:26f0:3500:88d::2aec, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.sharefile.com. The Cisco Umbrella rank of the primary domain is 158226.
TLS certificate: Issued by GeoTrust RSA CA 2018 on October 16th 2021. Valid for: a year.
This is the only time www.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.137.137.121 8075 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 1 162.221.156.156 62795 (CITRIXSYS...)
36 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
1 151.101.192.114 54113 (FASTLY)
7 108.157.4.116 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
64 143.204.98.47 16509 (AMAZON-02)
2 23.205.237.4 16625 (AKAMAI-AS)
2 18.66.248.116 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
6 52.86.119.60 14618 (AMAZON-AES)
1 142.250.185.66 15169 (GOOGLE)
2 5 142.250.185.230 15169 (GOOGLE)
1 143.204.215.63 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 2 185.33.220.244 29990 (ASN-APPNEX)
1 2600:9000:224... ()
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 99.86.7.84 16509 (AMAZON-02)
1 99.86.7.127 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 52.215.3.215 16509 (AMAZON-02)
1 2 143.204.215.97 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
4 130.211.22.189 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 ()
2 2a00:1450:400... 15169 (GOOGLE)
1 99.81.19.154 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
194 38
Apex Domain
Subdomains
Transfer
64 driftt.com
js.driftt.com — Cisco Umbrella Rank: 5606
753 KB
27 sharefile.com
sharefile.com — Cisco Umbrella Rank: 12927
www.sharefile.com — Cisco Umbrella Rank: 158226
924 KB
15 citrix.com
www.citrix.com — Cisco Umbrella Rank: 6307
cdn-web.citrix.com — Cisco Umbrella Rank: 408428 Failed
titan.citrix.com — Cisco Umbrella Rank: 119312
273 KB
9 doubleclick.net
3845646.fls.doubleclick.net — Cisco Umbrella Rank: 566479
12166079.fls.doubleclick.net — Cisco Umbrella Rank: 128798
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
6 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
21 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1981
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3596
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3580
tracking.crazyegg.com — Cisco Umbrella Rank: 3578
31 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3073
95 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 76
3 KB
6 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3192
adservice.google.co.uk — Cisco Umbrella Rank: 5023
2 KB
6 evergage.com
citrix.evergage.com — Cisco Umbrella Rank: 127250
6 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
www.linkedin.com — Cisco Umbrella Rank: 595
px4.ads.linkedin.com
3 KB
4 company-target.com
api.company-target.com — Cisco Umbrella Rank: 3384
segments.company-target.com — Cisco Umbrella Rank: 1326
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
189 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 57671
44 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
426 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 489
1019 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
114 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 436
2 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3543
6 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
51 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 599
66 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 938
3 KB
1 ml-api.io
attr.ml-api.io
241 B
1 ml-attr.com
s.ml-attr.com — Cisco Umbrella Rank: 17399
278 B
1 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 5835
254 B
1 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 6209
291 B
1 demandbase.com
scripts.demandbase.com — Cisco Umbrella Rank: 6338
19 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
15 KB
1 gstatic.com
www.gstatic.com
142 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 5582
135 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 503
21 KB
1 admin-mcas.ms
sharefile.com.admin-mcas.ms
888 B
0 drift.com Failed
metrics.api.drift.com Failed
bootstrap.api.drift.com Failed
0 domdex.com Failed
magnetic.t.domdex.com Failed
194 34
Domain Requested by
64 js.driftt.com sharefile.com.admin-mcas.ms
www.sharefile.com
js.driftt.com
26 www.sharefile.com www.sharefile.com
10 www.citrix.com www.sharefile.com
www.citrix.com
8 www.google-analytics.com www.sharefile.com
www.google-analytics.com
7 consent.trustarc.com assets.adobedtm.com
www.sharefile.com
6 citrix.evergage.com www.sharefile.com
5 www.google.com www.sharefile.com
4 www.google.co.uk www.sharefile.com
4 titan.citrix.com www.sharefile.com
4 script.crazyegg.com sharefile.com.admin-mcas.ms
script.crazyegg.com
3 3845646.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 www.googletagmanager.com www.sharefile.com
www.googletagmanager.com
3 mcasproxy.azureedge.net sharefile.com.admin-mcas.ms
mcasproxy.azureedge.net
2 adservice.google.co.uk 1 redirects adservice.google.com
2 www.facebook.com www.sharefile.com
2 adservice.google.com 12166079.fls.doubleclick.net
3845646.fls.doubleclick.net
2 px.ads.linkedin.com 2 redirects
2 segments.company-target.com 1 redirects www.sharefile.com
2 match.prod.bidr.io 2 redirects
2 googleads.g.doubleclick.net www.sharefile.com
2 connect.facebook.net sharefile.com.admin-mcas.ms
connect.facebook.net
2 stats.g.doubleclick.net www.sharefile.com
2 secure.adnxs.com 2 redirects
2 12166079.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 api.company-target.com www.sharefile.com
2 munchkin.marketo.net www.sharefile.com
munchkin.marketo.net
2 www.youtube.com www.sharefile.com
www.youtube.com
1 tracking.crazyegg.com script.crazyegg.com
1 px4.ads.linkedin.com www.sharefile.com
1 www.linkedin.com 1 redirects
1 id.rlcdn.com www.sharefile.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 snap.licdn.com www.googletagmanager.com
1 attr.ml-api.io www.sharefile.com
1 s.ml-attr.com 1 redirects
1 action.media6degrees.com www.sharefile.com
1 action.dstillery.com 1 redirects
1 scripts.demandbase.com sharefile.com.admin-mcas.ms
1 www.googleadservices.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 cdn-web.citrix.com www.sharefile.com
1 cdn.evgnet.com assets.adobedtm.com
1 assets.adobedtm.com www.sharefile.com
1 sharefile.com 1 redirects
1 sharefile.com.admin-mcas.ms
0 bootstrap.api.drift.com Failed js.driftt.com
0 metrics.api.drift.com Failed js.driftt.com
0 magnetic.t.domdex.com Failed 3845646.fls.doubleclick.net
194 49
Subject Issuer Validity Valid
*.mcas.ms
Microsoft Azure TLS Issuing CA 02
2022-01-17 -
2023-01-12
a year crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01
2021-10-28 -
2022-10-28
a year crt.sh
www.citrix.com
GeoTrust RSA CA 2018
2021-10-16 -
2022-10-18
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-10 -
2022-09-10
a year crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
cdn.evergage.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-28 -
2022-04-27
2 years crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2020-05-21 -
2022-07-17
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-05-09 -
2022-05-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
drift.com
Amazon
2021-09-08 -
2022-10-07
a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2022-02-06 -
2023-02-07
a year crt.sh
api.demandbase.com
Go Daddy Secure Certificate Authority - G2
2021-10-20 -
2022-09-26
a year crt.sh
citrix.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-01 -
2022-06-06
a year crt.sh
*.evergage.com
Amazon
2022-01-06 -
2023-02-04
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2
2021-10-18 -
2022-10-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-08 -
2022-04-08
3 months crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA
2020-07-26 -
2022-07-23
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
titan.citrix.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-18 -
2022-06-23
a year crt.sh
www.google.co.uk
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh

This page contains 13 frames:

Primary Page: https://www.sharefile.com/
Frame ID: 4283FDC25D0FE1C3E79214944665F17C
Requests: 109 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.13.37/html/session-context-restore.html
Frame ID: 2E57D4902913607221CA93E6145D39A6
Requests: 2 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0020/1111.json?t=1
Frame ID: 0E3FB1E246E8FA5D46E8DA494DB63CBB
Requests: 5 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=sharefile.com
Frame ID: 64E4A3A9E9138142670DF5376219BEEA
Requests: 1 HTTP requests in this frame

Frame: https://3845646.fls.doubleclick.net/activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Frame ID: A54C0D54F58C9DE291D53AB7B83FAE2D
Requests: 1 HTTP requests in this frame

Frame: https://12166079.fls.doubleclick.net/activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Frame ID: A17B368AA92EC1518C19C5E0E524C8DD
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Frame ID: 8DE18CD79A2DAA414C4641DE10B53335
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Frame ID: CF231C20B78BE150314BB534FD9326E0
Requests: 1 HTTP requests in this frame

Frame: https://3845646.fls.doubleclick.net/ddm/fls/r/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Frame ID: E652674C0FE56946EAB5617EA5981100
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.co.uk/ddm/fls/i/dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Frame ID: 8034094E132E2C5710C83EE4286393D8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 69B15CB7D32A184831A9927108B4AD9A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Frame ID: 6983C0113F94E6D92CCC77DED4BA1EDC
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Frame ID: 218B9E12E064E768516503F4BD2331F0
Requests: 33 HTTP requests in this frame

Screenshot

Page Title

Citrix ShareFile: Securely Sync, Store and Share Files

Page URL History Show full URLs

  1. https://sharefile.com.admin-mcas.ms/ Page URL
  2. https://sharefile.com/ HTTP 301
    https://www.sharefile.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

194
Requests

91 %
HTTPS

50 %
IPv6

34
Domains

49
Subdomains

38
IPs

6
Countries

2856 kB
Transfer

8308 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sharefile.com.admin-mcas.ms/ Page URL
  2. https://sharefile.com/ HTTP 301
    https://www.sharefile.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://3845646.fls.doubleclick.net/activityi;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F HTTP 302
  • https://3845646.fls.doubleclick.net/activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Request Chain 70
  • https://12166079.fls.doubleclick.net/activityi;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F HTTP 302
  • https://12166079.fls.doubleclick.net/activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Request Chain 73
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1007252&ns=2447&nc=LP&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1007252&ns=2447&nc=LP&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Request Chain 74
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dsharefile.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=sharefile.com&pId=7177339485997280603
Request Chain 91
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AABqvE7EjRcAADbRzcxWug HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABqvE7EjRcAADbRzcxWug&verifyHash=df4df6adecc5b63f94f92340daea81eb92aafaba
Request Chain 102
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D77403%26time%3D1648790428513%26url%3Dhttps%253A%252F%252Fwww.sharefile.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F&liSync=true&e_ipv6=AQLbhZ7wcmCuUQAAAX_jkV2nX1aVQ_AVFq-yDuKrBH4N_8YlskjWT0UD1gKOiuM_Fpk
Request Chain 118
  • https://adservice.google.co.uk/ddm/fls/i/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F HTTP 302
  • https://3845646.fls.doubleclick.net/ddm/fls/r/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F

194 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
sharefile.com.admin-mcas.ms/
1 KB
888 B
Document
General
Full URL
https://sharefile.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
58e4c2d1ccd3dd14fc005d29344190a33d3f60351e105c65b37d49cfd95dcdc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 05:20:25 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
2
x-mcas-request-id
48850cfadde9c1d3e1bbe4b7ba29b693
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.13.37/js/
5 KB
6 KB
Script
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.13.37/js/session-context-store-helper.min.js
Requested by
Host: sharefile.com.admin-mcas.ms
URL: https://sharefile.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1962764bb41622610d2ce5df3a43109cecce08405bfadcecb488537cd7ca30b6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://sharefile.com.admin-mcas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 05:20:25 GMT
last-modified
Sun, 27 Mar 2022 11:59:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
igqUI8yi22aHcmZIu+UAZQ==
etag
0x8DA0FE937F4FF18
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e9d24055-201e-0039-21e7-418f8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31137122
x-ms-version
2009-09-19
content-length
5330
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.13.37/html/ Frame 2E57
281 B
730 B
Document
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.13.37/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.13.37/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://sharefile.com.admin-mcas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31137123
content-length
281
content-md5
vDuuGHIdcY/gQtnraxH9qw==
content-type
text/html
date
Fri, 01 Apr 2022 05:20:25 GMT
etag
0x8DA0FE969CC543E
last-modified
Sun, 27 Mar 2022 12:00:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
5e9623e2-e01e-0060-4de7-418a09000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.13.37/js/ Frame 2E57
37 KB
38 KB
Script
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.13.37/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.13.37/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3b770c191f2f886a5195f7cbe06c79c54564e77f5713ad9fd4189c6d3c36246b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.13.37/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 01 Apr 2022 05:20:25 GMT
last-modified
Sun, 27 Mar 2022 11:59:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
rolUawNGJf89R6pIlNHR6Q==
etag
0x8DA0FE937E8F227
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
35e2635f-b01e-001e-0dde-4115c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31133241
x-ms-version
2009-09-19
content-length
38339
Primary Request /
www.sharefile.com/
Redirect Chain
  • https://sharefile.com/?
  • https://www.sharefile.com/?
79 KB
12 KB
Document
General
Full URL
https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e0e2aef977783f74cd134e3a6c49c48252f084dd7c571e14ecd3bd6abc9854e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://sharefile.com.admin-mcas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
11976
content-security-policy
frame-ancestors 'self'
content-type
text/html;charset=utf-8
date
Fri, 01 Apr 2022 05:20:26 GMT
expires
Fri, 01 Apr 2022 05:20:26 GMT
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31449600
vary
Accept-Encoding
web-mar-node
redtshf01
web-mar-region
red
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.sharefile.com/?
ctx.cq.jquery.min.3.1.9.js
www.sharefile.com/etc/designs/citrix-core/clientlibs/
124 KB
43 KB
Script
General
Full URL
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
847179b71cfd908ed00ae6c2b723e4959172348c7eed696f2521591355e68d78
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
42959
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:48 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942331
x-frame-options
SAMEORIGIN
etag
W/"1f102-5daf9b098b642-gzip"
web-mar-node
grntshf01
strict-transport-security
max-age=31449600
content-type
text/javascript
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:52:37 GMT
core.min.3.1.9.css
www.sharefile.com/etc/designs/citrix-core/clientlibs/
433 KB
40 KB
Stylesheet
General
Full URL
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.css
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f20c9190995190125803fd02becfc4268a0b0b0096d9641c90ea5d82fa0de694
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
40400
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:58 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942388
x-frame-options
SAMEORIGIN
etag
"6c4d2-5daf9b13715c1-gzip"
web-mar-node
grntshf02
strict-transport-security
max-age=31449600
content-type
text/css
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:53:34 GMT
font.css
www.citrix.com/c-lib/assets/lib/public-sans/
14 KB
1 KB
Stylesheet
General
Full URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d744fadf79e753d7d55e1e4af0b52220f72b99d009aa63f23822c9c1eb71f39
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
content-length
760
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jun 2020 20:37:40 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:27 GMT
strict-transport-security
max-age=31449600
content-type
text/css
etag
"9708fc730c08e1c977992226bd470d89"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
UNIZdrYuwCDsbKWl8454ppIse0tcgQepIbRW5YdunxQmKTFOCLAJ1w==
style.min.css
www.citrix.com/c-lib/assets/lib/icon-library/latest/
30 KB
5 KB
Stylesheet
General
Full URL
https://www.citrix.com/c-lib/assets/lib/icon-library/latest/style.min.css
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b50462f32366d272b9926f3fc0a2c69c0772f0263d96d34e4d3d6a72bc5966f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
zGaaM77jWCMQnEDBBGjJ2ApkzvyNy6F2
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
4370
x-xss-protection
1; mode=block
last-modified
Mon, 31 Jan 2022 21:03:12 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:27 GMT
strict-transport-security
max-age=31449600
content-type
text/css
etag
"bf3c67590d4ca97b923b8527b3615292"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
8fWK34ipVpiKssnb3rRVk_QCKxa8u4D6IOCriOyHo9x1RmLJyha90A==
main.min.3.1.9.css
www.sharefile.com/etc/designs/sharefile/clientlibs/
127 KB
18 KB
Stylesheet
General
Full URL
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7e43e93b94e8187026124f24dead00bfc4e62dca5ab23bb69c00d6738c0bcf4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
18273
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:52:36 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942387
x-frame-options
SAMEORIGIN
etag
"1fa90-5daf9ac5a25b8-gzip"
web-mar-node
grntshf02
strict-transport-security
max-age=31449600
content-type
text/css
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:53:33 GMT
launch-74b65801000f.min.js
assets.adobedtm.com/3af873facf65/9a2ab87fbea5/
67 KB
21 KB
Script
General
Full URL
https://assets.adobedtm.com/3af873facf65/9a2ab87fbea5/launch-74b65801000f.min.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5af::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
297ca8436baf9bb87390453f12259bdd444ea3dc014b2f7003221143cce933c1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 19:50:16 GMT
server
AkamaiNetStorage
etag
"b1413d323739f6853ae44e01f8168f2c:1646164216.44528"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.sharefile.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
20695
expires
Fri, 01 Apr 2022 06:20:27 GMT
api.js
www.google.com/recaptcha/
916 B
994 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfd38c3fab32a93b864371c8abc33b0b5f611b816279280d69fee9acac50f3b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
581
x-xss-protection
1; mode=block
expires
Fri, 01 Apr 2022 05:20:27 GMT
style.css
www.sharefile.com/c-lib/pylon-vue/1.0.27/dist/
96 KB
17 KB
Stylesheet
General
Full URL
https://www.sharefile.com/c-lib/pylon-vue/1.0.27/dist/style.css
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
210932d2489122355bf465597db944b680055e5e7de325792a571bbc00eeff14
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ORD53-C2
vary
Accept-Encoding
content-length
17028
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Jul 2018 15:28:21 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:27 GMT
strict-transport-security
max-age=31449600
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"c8998f580ba483ef94d9ff1331e614e3"
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
x-amz-cf-id
IcpHEKoTikix_5SWHQTUCWgtl54SrWghKrhfiVwBmmzQ35NsvDFVWg==
expires
Fri, 01 Apr 2022 05:20:27 GMT
manifest.js.gz
www.sharefile.com/c-lib/sharefiletrybuy/prod/static/js/
836 B
1 KB
Script
General
Full URL
https://www.sharefile.com/c-lib/sharefiletrybuy/prod/static/js/manifest.js.gz
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a339111827baaee847a3071c91f84fa518a1363f851d6485acdfe5b32f79d70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
r9gQCp9dvJeP2xqs9GpSUP5E2M5BbLyb
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ORD53-C2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
491
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jan 2022 06:40:53 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:27 GMT
strict-transport-security
max-age=31449600
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
etag
"36fa75ab367e81f235c00f28e9c0a6cf"
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
x-amz-cf-id
UqyWiVKmI_BaPaTr-55Fafen16RvhsBeRpk_PLJXyRhw-QIFQGsCoA==
expires
Fri, 01 Apr 2022 05:20:27 GMT
vendor.js.gz
www.sharefile.com/c-lib/sharefiletrybuy/prod/static/js/
1 MB
380 KB
Script
General
Full URL
https://www.sharefile.com/c-lib/sharefiletrybuy/prod/static/js/vendor.js.gz
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36e55162781cd6256cc423416647b7759b5982b277317b744ad86ec3b56ac0fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
I7VSib672hm1FJ3LJvqRRkWZNVwwhmBk
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ORD53-C2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
387978
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jan 2022 06:40:53 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:27 GMT
strict-transport-security
max-age=31449600
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
etag
"70cd6bb98ddb8b26194abe5c3315a46b"
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
x-amz-cf-id
6SPuCgCwyJ7AkdJuZu80tWqk6Mf2p5bdLgbDZ3Wof2Z_suRwMGyt0A==
expires
Fri, 01 Apr 2022 05:20:27 GMT
app.js.gz
www.sharefile.com/c-lib/sharefiletrybuy/prod/static/js/
259 KB
44 KB
Script
General
Full URL
https://www.sharefile.com/c-lib/sharefiletrybuy/prod/static/js/app.js.gz
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
142a106c3179d3025eee5c085f79c5001b5bcd3a6a17380b912438d481a42812
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
cGUZrHUUP9Ita0xwzQJ1O0Tpv9Uxd5r2
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
ORD50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
44491
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jan 2022 06:40:53 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:26 GMT
strict-transport-security
max-age=31449600
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
etag
"fcec887ba7c0051f3e8d1a9a2314db2b"
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
x-amz-cf-id
n_wzOMTI1-WSW_-7nEwEuFY2yvuFHa_qZAKJx36mvel552vF5WdaRg==
expires
Fri, 01 Apr 2022 05:20:26 GMT
green-circle.png
www.sharefile.com/content/dam/sf/images/graphics/
10 KB
10 KB
Image
General
Full URL
https://www.sharefile.com/content/dam/sf/images/graphics/green-circle.png
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c7e8b194f2d18d9b41f35135755ac5a77423ed097e384b282c9ba0205f511366
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
9965
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:54:02 GMT
server
Apache
cache-control
public, must-revalidate, max-age=604800000
etag
W/"26ed-5daf9b17854ed"
web-mar-node
grntshf02
x-frame-options
SAMEORIGIN
content-type
image/png
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Fri, 31 May 2041 05:20:27 GMT
core.min.3.1.9.js
www.sharefile.com/etc/designs/citrix-core/clientlibs/
192 KB
58 KB
Script
General
Full URL
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f7c9d37580dcd33213807982f02ca87461b15f84702cb736e54a13868ed25499
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
58471
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:36 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942453
x-frame-options
SAMEORIGIN
etag
"301ee-5daf9afeb0923-gzip"
web-mar-node
grntshf01
strict-transport-security
max-age=31449600
content-type
text/javascript
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:54:40 GMT
main.min.3.1.9.js
www.sharefile.com/etc/designs/sharefile/clientlibs/
196 KB
48 KB
Script
General
Full URL
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
406279c57848af2e0beea346c0422ca33364e8f515ac9d67dee0f0b630b9c3eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
48778
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:58 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942328
x-frame-options
SAMEORIGIN
etag
W/"31194-5daf9b13738e9-gzip"
web-mar-node
grntshf02
strict-transport-security
max-age=31449600
content-type
text/javascript
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:52:35 GMT
token.json
www.sharefile.com/libs/granite/csrf/
2 B
424 B
XHR
General
Full URL
https://www.sharefile.com/libs/granite/csrf/token.json
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
2
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
cache-control
max-age=0, no-cache, no-store
web-mar-node
grntshf02
x-frame-options
SAMEORIGIN
content-type
application/json;charset=iso-8859-1
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
expires
Fri, 01 Apr 2022 05:20:27 GMT
evergage.min.js
cdn.evgnet.com/beacon/citrix/production/scripts/
531 KB
135 KB
Script
General
Full URL
https://cdn.evgnet.com/beacon/citrix/production/scripts/evergage.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3af873facf65/9a2ab87fbea5/launch-74b65801000f.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ddadeec9cd4248ecd60864abd3badd3fe21fd0811d63eca9da7c102bce9b6b0

Request headers

Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id
A2QrR65UTZ1Wq_KIh4FSYikCoosNOENd
content-encoding
gzip
etag
"5442410d02d6602095bc81733ae55d9e"
timing-allow-origin
*
age
24
x-cache
HIT, HIT
x-amz-replication-status
PENDING
content-length
137812
x-amz-id-2
EFO0cjYh+GLIBA7+0FqWZcDYSxKgR6QyIGVA0UxRx01YO5rHdMUNpcfNKoXSiwSm5uBYHYGw/Ao=
x-served-by
cache-iad-kjyo7100169-IAD, cache-lcy19255-LCY
x-amz-meta-evergage-sum
d863bb8cc8e1b50167337cfc1017ea77c631c14b
last-modified
Tue, 29 Mar 2022 19:13:18 GMT
server
AmazonS3
x-timer
S1648790427.334695,VS0,VE78
date
Fri, 01 Apr 2022 05:20:27 GMT
vary
Accept-Encoding
x-amz-request-id
6JHMPR615ZPY0P1Z
via
1.1 varnish, 1.1 varnish
cache-control
max-age=120
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver
14
x-cache-hits
1, 1
notice
consent.trustarc.com/
12 KB
5 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=sharefile.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1&fade=30000&language=en
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/3af873facf65/9a2ab87fbea5/launch-74b65801000f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
3a859233b46a9aca1f131ae9f1a3fe6c671d01d48b0be52cf5432b924fa95ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
cloudfront-viewer-country
GB
vary
Accept-Encoding, Origin
content-length
4618
x-xss-protection
1; mode=block
timing-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control
max-age=3600
cloudfront-viewer-country-region
ENG
x-amz-cf-id
0zE32tSdw3YdZhQaJOHBz-IZhp8DaKD2z7Vf2aB8dhOXk8xOE_dRYQ==
expires
Fri, 01 Apr 2022 06:20:27 GMT
1111.js
script.crazyegg.com/pages/scripts/0020/
5 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0020/1111.js?457997
Requested by
Host: sharefile.com.admin-mcas.ms
URL: https://sharefile.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae39d9e42ba091a03f4d57780b0502b3a92bc2f973bd690538c1e3d4e2b97754

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
79440
cf-polished
origSize=5359
cf-ray
6f4ee02c9deb23af-ZRH
ce-version
11.1.403
last-modified
Thu, 31 Mar 2022 07:16:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
gtm.js
www.googletagmanager.com/
204 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-XCGM
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13d59ce99bc9d62b4572a4b689e2b94bbb7b69b9e602ff07026b175fe2060cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69398
x-xss-protection
0
expires
Fri, 01 Apr 2022 05:20:27 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6337
date
Fri, 01 Apr 2022 03:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 01 Apr 2022 05:34:50 GMT
gtm.js
www.googletagmanager.com/
204 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-XCGM&l=dataLayer
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13d59ce99bc9d62b4572a4b689e2b94bbb7b69b9e602ff07026b175fe2060cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69398
x-xss-protection
0
expires
Fri, 01 Apr 2022 05:20:27 GMT
countries
www.sharefile.com/wea/sftrybuy/api/
63 KB
20 KB
XHR
General
Full URL
https://www.sharefile.com/wea/sftrybuy/api/countries
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
203c827a686b4128c8dbbe9e34fdf5a2d72bb8268190daa85930a9345e6a59e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
vary
Accept-Encoding
x-dns-prefetch-control
off
date
Fri, 01 Apr 2022 05:20:27 GMT
strict-transport-security
max-age=31449600
content-length
20086
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
etag
W/"fad1-zbiYZDd7c9AmzIR7abletDFZvgo"
x-download-options
noopen
x-ratelimit-remaining
199
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-ratelimit-reset
1648789280
x-ratelimit-limit
200
x-content-type-options
nosniff
expires
Fri, 01 Apr 2022 05:20:27 GMT
mask-large.png
www.sharefile.com/etc/designs/sharefile/clientlibs/main/assets/homepage-hero/
5 KB
5 KB
Image
General
Full URL
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main/assets/homepage-hero/mask-large.png
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8fbf2fa76dffe0fde9514c859217c43ab0e3022fcbd65a1d07df82fdc72fd068
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
5134
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:59 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942455
etag
"140e-5daf9b1420e5b"
web-mar-node
grntshf02
x-frame-options
SAMEORIGIN
content-type
image/png
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:54:42 GMT
dropdown-arrow.svg
www.citrix.com/c-lib/pylon-vue/0.0.1/
342 B
790 B
Image
General
Full URL
https://www.citrix.com/c-lib/pylon-vue/0.0.1/dropdown-arrow.svg
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/c-lib/pylon-vue/1.0.27/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f0ad370969f488034d69b8f21d6ed0174063d731526fc6fd705ccce6c4fb056
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/c-lib/pylon-vue/1.0.27/dist/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 19:54:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"776bed20a0b738acc721e8d74b0ea09d"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
date
Fri, 01 Apr 2022 05:20:27 GMT
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
strict-transport-security
max-age=31449600
accept-ranges
bytes
content-length
342
x-xss-protection
1; mode=block
x-amz-cf-id
dTOOwVIgT6sD1ODo0185-DHWaeUyxbzS0_1GSFNoUfy-JLPYDXOBSg==
wrike-background.jpg
www.sharefile.com/content/dam/sf/images/banners/
34 KB
34 KB
Image
General
Full URL
https://www.sharefile.com/content/dam/sf/images/banners/wrike-background.jpg
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
752bb97cae91e90bbe33446d2bc098da8a1ca11af0ef6a680e70b19982d3905d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
34446
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 22:31:23 GMT
server
Apache
cache-control
public, must-revalidate, max-age=604800000
etag
"868e-5dafe67eb1f8f"
web-mar-node
redtshf02
x-frame-options
SAMEORIGIN
content-type
image/jpeg
web-mar-region
red
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Fri, 31 May 2041 05:20:27 GMT
public-sans-v3-latin-ext_latin-300.woff2
www.citrix.com/c-lib/assets/lib/public-sans/font/
16 KB
17 KB
Font
General
Full URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-300.woff2
Requested by
Host: www.citrix.com
URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b3108e0010ed639f3091ef3a47aee5077ca9f6586ed1b23217e594d6e238cd3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
access-control-max-age
3000
content-length
16864
x-xss-protection
1; mode=block
last-modified
Fri, 19 Feb 2021 19:19:27 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
etag
"9ec14e2a2a4b2cdfdffb5f1f8169003c"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
-jFdgxUrL5-THoAUei9BFIIPqyGAAOsBUcEzLzYtKjpiqJ_Jb0pHQQ==
public-sans-v3-latin-ext_latin-regular.woff2
www.citrix.com/c-lib/assets/lib/public-sans/font/
0
0

public-sans-v3-latin-ext_latin-italic.woff2
www.citrix.com/c-lib/assets/lib/public-sans/font/
0
0

citrix-icons.ttf
cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-icons/
0
0

icons.woff
www.sharefile.com/etc/designs/sharefile/clientlibs/font-icons/font/
14 KB
14 KB
Font
General
Full URL
https://www.sharefile.com/etc/designs/sharefile/clientlibs/font-icons/font/icons.woff
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
752f46c537b728feb2017a1e6d4a2b6fa432d6f3a8009d8f6d4da0c8339ba2e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
14344
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:59 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942464
etag
"3808-5daf9b143008b"
web-mar-node
grntshf02
x-frame-options
SAMEORIGIN
content-type
application/font-woff
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:54:51 GMT
CitrixNewSans-Regular.woff
www.sharefile.com/etc/designs/citrix-core/clientlibs/fonts/citrix-newsans/font/
40 KB
40 KB
Font
General
Full URL
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/fonts/citrix-newsans/font/CitrixNewSans-Regular.woff
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ac13e157e522107014c5e470edc251317226ead9be6bdda2e9a937b023d479c2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
40676
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:39 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942428
etag
"9ee4-5daf9b01180d5"
web-mar-node
grntshf01
x-frame-options
SAMEORIGIN
content-type
application/font-woff
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:54:15 GMT
CitrixNewSans-Bold.woff
www.sharefile.com/etc/designs/citrix-core/clientlibs/fonts/citrix-newsans/font/
39 KB
40 KB
Font
General
Full URL
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/fonts/citrix-newsans/font/CitrixNewSans-Bold.woff
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
2a488dcb11cd3a43195429f3d2fb337e8ddffde56018c91af2eaba63cc52788e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
40076
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:59 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942482
etag
"9c8c-5daf9b1443523"
web-mar-node
grntshf02
x-frame-options
SAMEORIGIN
content-type
application/font-woff
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:55:09 GMT
Citrix-Icon-Lib.ttf
www.citrix.com/c-lib/assets/lib/icon-library/latest/fonts/
118 KB
119 KB
Font
General
Full URL
https://www.citrix.com/c-lib/assets/lib/icon-library/latest/fonts/Citrix-Icon-Lib.ttf?90px4t
Requested by
Host: www.citrix.com
URL: https://www.citrix.com/c-lib/assets/lib/icon-library/latest/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9acaaf9b2a0dfd85a6d7f4a9a2f593edd54bb23f7895a886d953c62f32a6e6e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citrix.com/c-lib/assets/lib/icon-library/latest/style.min.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
hnOHcTylVYeRFyrmVbxp1MkTbeMz7Y_o
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
access-control-max-age
3000
content-length
120628
x-xss-protection
1; mode=block
last-modified
Mon, 31 Jan 2022 21:03:12 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
access-control-allow-methods
GET
content-type
application/font-sfnt
access-control-allow-origin
*
etag
"aad6de160722e4043167366ef756ab45"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
hoxUmwzE3BasKEIVF8Xx8Pv47sw1p2YBOhuPb9CIbMaimG_TFxfcGg==
public-sans-v3-latin-ext_latin-700.woff2
www.citrix.com/c-lib/assets/lib/public-sans/font/
0
0

public-sans-v3-latin-ext_latin-500.woff2
www.citrix.com/c-lib/assets/lib/public-sans/font/
16 KB
17 KB
Font
General
Full URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-500.woff2
Requested by
Host: www.citrix.com
URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6fc5c6a46a78578e8d23167f7d0e9f0d03fe775434bde1a6f40d19e25592df7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
access-control-max-age
3000
content-length
16892
x-xss-protection
1; mode=block
last-modified
Fri, 19 Feb 2021 19:19:27 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
etag
"507f30e372a91c26e982dbfbfeb85735"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
CP2BiR_GkCg0J3dxCn0QwF18pRi2GTlU6Mi7kS8GR93jKnmTXDOylw==
public-sans-v3-latin-ext_latin-600.woff2
www.citrix.com/c-lib/assets/lib/public-sans/font/
0
0

recaptcha__en.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/
359 KB
142 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sharefile.com/?
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 16:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144576
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 16:08:01 GMT
green-top-arch.png
www.sharefile.com/content/dam/sf/images/graphics/backgrounds/
2 KB
3 KB
Image
General
Full URL
https://www.sharefile.com/content/dam/sf/images/graphics/backgrounds/green-top-arch.png
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c1e0a8e42bbb3a9eb853efb2e041423f86b6776a557aacf7a2ed8370849e530b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
2246
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:59 GMT
server
Apache
cache-control
public, must-revalidate, max-age=604800000
etag
"8c6-5daf9b1442583"
web-mar-node
grntshf02
x-frame-options
SAMEORIGIN
content-type
image/png
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Fri, 31 May 2041 05:20:27 GMT
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/core.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7052d0df9611084837de96895e60f8d25412cef2d0ad29be0e1a8987365f582c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 01 Apr 2022 05:20:27 GMT
insights-min.js
www.citrix.com/c-lib/insights/v2/
11 KB
12 KB
Script
General
Full URL
https://www.citrix.com/c-lib/insights/v2/insights-min.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e362042c21cd3b62237416645f647b070d008bcb2523bb2861cc811f2d420261
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
e1tmz6_Z641I4DcB9g1PZTsQ0x0DJIZ6
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
11531
x-xss-protection
1; mode=block
last-modified
Wed, 08 Dec 2021 09:52:53 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
content-type
text/javascript
etag
"776a2b00f860ef386655cf05134dab61"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
3GvGR4V8bkX45uU4w7fq_sZXrS7c6P_rOUKD-NORvm4FQjahcl15kA==
tz5kufnkte45.js
js.driftt.com/include/1648790700000/
230 KB
66 KB
Script
General
Full URL
https://js.driftt.com/include/1648790700000/tz5kufnkte45.js
Requested by
Host: sharefile.com.admin-mcas.ms
URL: https://sharefile.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
145bdf175afec031ab9f64072a737ce3804b44385423e64af08485fb0ffae410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
IzSYK4DlChg_xzhxO2BSQiKlHDXJEPWR
content-encoding
gzip
etag
W/"61f205ebdff2b4e6e83c507ed0916199"
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 15:46:35 GMT
server
nginx
date
Fri, 01 Apr 2022 05:20:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QnuXI5Vy303i032GCQDpsNqZhU_TkfUa_6RyTeUMHcqfRG_kuvOZJg==
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-237-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 05:20:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 01:24:07 GMT
Server
AkamaiNetStorage
ETag
"461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
1111.json
script.crazyegg.com/pages/data-scripts/0020/ Frame 0E3F
11 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0020/1111.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0020/1111.js?457997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3db655949c75912452d1cd9481978be8920e2fba1a5c54c3f60eeb505ca4a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
79453
ce-version
11.1.403
content-length
1789
timing-allow-origin
*
last-modified
Thu, 31 Mar 2022 07:16:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6f4ee02e2e7201f8-ZRH
geo
www.sharefile.com/bin/citrix/personalization/
200 B
619 B
XHR
General
Full URL
https://www.sharefile.com/bin/citrix/personalization/geo
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
21d60f7420a70e2176ebfe096f1197208a86984f9a66e729f6595bb0e6cc118e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
cache-control
max-age=0, no-cache, no-store
web-mar-node
redtshf02
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
web-mar-region
red
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
expires
Fri, 01 Apr 2022 05:20:27 GMT
dict.en-us.json
www.sharefile.com/libs/cq/i18n/
9 KB
3 KB
XHR
General
Full URL
https://www.sharefile.com/libs/cq/i18n/dict.en-us.json
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b8b7450be03352e049807b56d51797836f83d3e11684c0cf9f76750546bcab12
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-length
2522
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Aug 2021 23:29:06 GMT
server
Apache
cache-control
max-age=0, no-cache, no-store
x-frame-options
SAMEORIGIN
etag
"25f1-5ca567ff6c583"
web-mar-node
blutshf01
strict-transport-security
max-age=31449600
content-type
application/json
web-mar-region
blu
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Fri, 01 Apr 2022 05:20:27 GMT
ip.json
api.company-target.com/api/v2/
485 B
738 B
Script
General
Full URL
https://api.company-target.com/api/v2/ip.json?key=2e20d13c99d694bce9b270b930b24fa41f05e6de&callback=jQuery112402580891443434403_1648790426998&_=1648790426999
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
c5aa93f07667e0a7c35b01305acfafaf55caade22b2e6a5cfe19745d068fd503

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
identification-source
CENTRAL
server
nginx
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, max-age=0, must-revalidate
api-version
v2
request-id
bc973595-c9e4-4c9b-8828-336321721671
content-encoding
gzip
x-amz-cf-id
onPpuTXNoTT7NPAUuckbLR3XJkkCSY5yJ_mfRsadGSBDljAn2O62Eg==
expires
Thu, 31 Mar 2022 05:20:28 GMT
geo
www.sharefile.com/bin/citrix/personalization/
200 B
619 B
XHR
General
Full URL
https://www.sharefile.com/bin/citrix/personalization/geo
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
21d60f7420a70e2176ebfe096f1197208a86984f9a66e729f6595bb0e6cc118e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sharefile.com/?
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
cache-control
max-age=0, no-cache, no-store
web-mar-node
redtshf01
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
web-mar-region
red
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
expires
Fri, 01 Apr 2022 05:20:28 GMT
WW.png
www.sharefile.com/etc/designs/sharefile/clientlibs/main/assets/
297 B
749 B
Image
General
Full URL
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main/assets/WW.png
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
3ffcaf3aff85ea471e55572727adf69be1625f77285886ddda7105ed3177a063
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/etc/designs/sharefile/clientlibs/main.min.3.1.9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
297
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:55:34 GMT
server
Apache
cache-control
public, must-revalidate, max-age=1942555
etag
W/"129-5daf9b6f48b88"
web-mar-node
redtshf01
x-frame-options
SAMEORIGIN
content-type
image/png
web-mar-region
red
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Sat, 23 Apr 2022 16:56:23 GMT
get
consent.trustarc.com/ Frame 64E4
7 KB
2 KB
Document
General
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=sharefile.com
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
832
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 01 Apr 2022 05:06:36 GMT
expires
Sun, 01 May 2022 05:06:36 GMT
pragma
public
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding Origin
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-id
kUAwsXH5XcRu-ft3hHErSqL5puA7kz8xnWfR5pEK4g999bu4qaov6g==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
v1.7-458
consent.trustarc.com/asset/notice.js/v/
75 KB
24 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-458
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sharefile.com/?
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 04:57:20 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1388
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Mon, 21 Feb 2022 05:49:07 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
50UyLGSQM9Knq7lQV43fNogbKdrFsKPXOPWzsN-y89-QwXYeJIaDhQ==
expires
Sun, 01 May 2022 04:57:20 GMT
log
consent.trustarc.com/
43 B
439 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=sharefile.com&country=gb&state=&behavior=implied&c=5c04
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
content-length
43
x-amz-cf-id
4Gb6Dq7GiWmP07y2i1ce1SvZsnIfgBJ7eXsj4yAmLJjsIz5KGxGk4g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
11.1.403.js
script.crazyegg.com/pages/versioned/common-scripts/
80 KB
26 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0020/1111.js?457997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1684874c8bae229c40a136c7ebe1df660961e0722f79076a17ce49294b6e6db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 15:34:49 GMT
server
cloudflare
age
79463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6f4ee02fe9c823af-ZRH
content-length
26410
citrix-icons.woff
cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-icons/
36 KB
36 KB
Font
General
Full URL
https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-icons/citrix-icons.woff?1lams
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/c-lib/pylon-vue/1.0.27/dist/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ea00:a:16e2:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbb3edea4eec4d403d47965fff241ed0858b82c27e07793afc6ac11bd49fb801

Request headers

Referer
https://www.sharefile.com/c-lib/pylon-vue/1.0.27/dist/style.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:49:05 GMT
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2017 03:10:03 GMT
server
AmazonS3
age
84684
etag
"3371462befb1b3c8dd2fae985f3dc749"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
36840
x-amz-cf-id
y3EO7TxrEZRftMgPo-btb8tgM742NEdTTM4v3KOHDm_fDSACaY4spA==
public-sans-v3-latin-ext_latin-700.woff
www.citrix.com/c-lib/assets/lib/public-sans/font/
0
0

public-sans-v3-latin-ext_latin-600.woff
www.citrix.com/c-lib/assets/lib/public-sans/font/
21 KB
22 KB
Font
General
Full URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-600.woff
Requested by
Host: www.citrix.com
URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04b9a1981e66845f7ebe29d82dc4374dc98ea486e067fa5315acd8ab34cc057a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
access-control-max-age
3000
content-length
21476
x-xss-protection
1; mode=block
last-modified
Fri, 19 Feb 2021 19:19:28 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
etag
"f736237792652d310d6fe9c2651e919d"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
r2Ok2HUXMIetoeAVucteJvoUMG0Qe6AUmq1oiU5USE1kceZGeIHKFA==
sf_landing_hero_bg.jpg
www.sharefile.com/content/dam/sf/images/banners/
70 KB
70 KB
Image
General
Full URL
https://www.sharefile.com/content/dam/sf/images/banners/sf_landing_hero_bg.jpg
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
20f61d9f3bd8edefee85a5b5cfa8916647104155938e1025d8ea065b5c42002d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
71312
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:53:45 GMT
server
Apache
cache-control
public, must-revalidate, max-age=604800000
etag
"11690-5daf9b070525f"
web-mar-node
grntshf01
x-frame-options
SAMEORIGIN
content-type
image/jpeg
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Fri, 31 May 2041 05:20:28 GMT
business-class-file-sharing.png
www.sharefile.com/content/dam/sf/images/graphics/
19 KB
20 KB
Image
General
Full URL
https://www.sharefile.com/content/dam/sf/images/graphics/business-class-file-sharing.png
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
2e20b45289dde63510cdeab552eb4184d3839de33477faed3b382b959c1d27bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
19613
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Mar 2022 16:56:24 GMT
server
Apache
cache-control
public, must-revalidate, max-age=604800000
etag
"4c9d-5daf9b9eca69c"
web-mar-node
redtshf01
x-frame-options
SAMEORIGIN
content-type
image/png
web-mar-region
red
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
accept-ranges
bytes
expires
Fri, 31 May 2041 05:20:28 GMT
twreceiver
citrix.evergage.com/
8 KB
3 KB
XHR
General
Full URL
https://citrix.evergage.com/twreceiver?_r=610550&_ak=citrix&_ds=production&urlref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&.anonId=6c4e01d8d387024b&_anon=true&.pageLocale=en_US&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&title=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&.dt=2299&.pt=13&.bt=247&.btdns=6&.pv=&.ple=3&.bv=14&.scv=325
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.119.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-119-60.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
78a8d6121f5998b1bfe0f66f543b13713caac500c7e46502bb0c3ce5eec28c07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache-Coyote/1.1
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sharefile.com
timing-allow-origin
*
er
citrix.evergage.com/
43 B
554 B
Image
General
Full URL
https://citrix.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20body%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(3)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(1)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Ba%26gt%3Bdiv%26gt%3Bimg&.es=jQueryObjectSyntaxError&.ef=Function.b.error&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Fcitrix%2Fproduction%2Fscripts%2Fevergage.min.js&.el=2656&.ec=341&.vt=chrome&.vn=100&_ak=citrix&_ds=production&.scv=325&.anonId=6c4e01d8d387024b&_anon=true&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&title=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&.bv=14&_r=929716
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.119.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-119-60.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
cache-control
private, max-age=86400000
x-content-type-options
nosniff
content-type
image/gif
server
Apache-Coyote/1.1
timing-allow-origin
*
expires
Sat, 02 Apr 2022 05:20:28 GMT
er
citrix.evergage.com/
43 B
552 B
Image
General
Full URL
https://citrix.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20body%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(3)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(1)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Ba&.es=jQueryObjectSyntaxError&.ef=Function.b.error&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Fcitrix%2Fproduction%2Fscripts%2Fevergage.min.js&.el=2656&.ec=341&.vt=chrome&.vn=100&_ak=citrix&_ds=production&.scv=325&.anonId=6c4e01d8d387024b&_anon=true&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&title=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&.bv=14&_r=691264
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.119.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-119-60.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
cache-control
private, max-age=86400000
x-content-type-options
nosniff
content-type
image/gif
server
Apache-Coyote/1.1
timing-allow-origin
*
expires
Sat, 02 Apr 2022 05:20:28 GMT
er
citrix.evergage.com/
43 B
553 B
Image
General
Full URL
https://citrix.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20body%26gt%3Bdiv%3Anth-child(1)%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(3)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(5)%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(1)%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%26gt%3Bdiv%3Anth-child(2)%26gt%3Bdiv%26gt%3Ba&.es=jQueryObjectSyntaxError&.ef=Function.b.error&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Fcitrix%2Fproduction%2Fscripts%2Fevergage.min.js&.el=2656&.ec=341&.vt=chrome&.vn=100&_ak=citrix&_ds=production&.scv=325&.anonId=6c4e01d8d387024b&_anon=true&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&title=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&.bv=14&_r=295715
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.119.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-119-60.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
cache-control
private, max-age=86400000
x-content-type-options
nosniff
content-type
image/gif
server
Apache-Coyote/1.1
timing-allow-origin
*
expires
Sat, 02 Apr 2022 05:20:28 GMT
www-widgetapi.js
www.youtube.com/s/player/449ea0a5/www-widgetapi.vflset/
151 KB
49 KB
Script
General
Full URL
https://www.youtube.com/s/player/449ea0a5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7ea863753bf75a16561a726cfb38f5868ea30b4e2f837e7fa30f5cf4f2e1065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50140
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 00:20:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Apr 2023 05:08:30 GMT
munchkin.js
munchkin.marketo.net/161/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/161/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-237-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 05:20:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 00:38:21 GMT
Server
AkamaiNetStorage
ETag
"0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4681
Expires
Sun, 10 Jul 2022 05:20:28 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 04:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Apr 2022 05:43:16 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XCGM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14883
x-xss-protection
0
server
cafe
etag
14534967036905587165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Apr 2022 05:20:28 GMT
activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
3845646.fls.doubleclick.net/ Frame A54C
Redirect Chain
  • https://3845646.fls.doubleclick.net/activityi;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
  • https://3845646.fls.doubleclick.net/activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fw...
488 B
413 B
Document
General
Full URL
https://3845646.fls.doubleclick.net/activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XCGM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
f8218d17d50b63f63ce5b2ce7e7f89a1fb6bcc894391b68ae6f2409db5fa4b2a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
388
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://3845646.fls.doubleclick.net/activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
12166079.fls.doubleclick.net/ Frame A17B
Redirect Chain
  • https://12166079.fls.doubleclick.net/activityi;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
  • https://12166079.fls.doubleclick.net/activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2F...
488 B
408 B
Document
General
Full URL
https://12166079.fls.doubleclick.net/activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XCGM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
3d9dcdcfac982fa59f91260fdb403651e21f7b8702d48c629ea8e8c874e1aaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
384
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12166079.fls.doubleclick.net/activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/
145 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGKTZFH&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XCGM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1a5aefb6b4a5f49c33133dbeb0660f3c487141fd3073215c34bad4a0457ade7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54083
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Apr 2022 05:20:28 GMT
5wDCfOAs.min.js
scripts.demandbase.com/
68 KB
19 KB
Script
General
Full URL
https://scripts.demandbase.com/5wDCfOAs.min.js
Requested by
Host: sharefile.com.admin-mcas.ms
URL: https://sharefile.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-63.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5eeda805dd0a4adf47fbe56bec07316c1f2bb4ad15a52e8188acb1105b98382
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
nyfamnSWPo2S_woENPE8H._ginqCypGa
content-encoding
gzip
etag
W/"6166b55d4ea0069fd9b59856f32e223f"
age
668
x-cache
Hit from cloudfront
vary
Accept-Encoding
last-modified
Thu, 03 Mar 2022 15:08:51 GMT
server
AmazonS3
date
Fri, 01 Apr 2022 05:09:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
REW5PmWXH6N3gMI4Ov_4bFi56OrzNLQahOZBdBYjQqnX7Ga1wKH-Uw==
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1007252&ns=2447&nc=LP&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1007252&ns=2447&nc=LP&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
5 B
254 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1007252&ns=2447&nc=LP&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Server
2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f4ee034fbe401eb-ZRH
content-language
en-GB
p3p
CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html;charset=ISO-8859-1

Redirect headers

date
Fri, 01 Apr 2022 05:20:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1007252&ns=2447&nc=LP&ncv=35&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
*
cf-ray
6f4ee031984401eb-ZRH
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dsharefile.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dsharefile.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=sharefile.com&pId=7177339485997280603
0
241 B
Image
General
Full URL
https://attr.ml-api.io/?domain=sharefile.com&pId=7177339485997280603
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Server
2600:9000:224a:1800:12:3734:2a40:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:29 GMT
via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
apigw-requestid
P4rAmgtaIAMEJMg=
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
content-type
application/json
content-length
0
x-amz-cf-id
2lc9cJhBeB74_FjyrHw7QvOQpJtN1OOvbzoDFejJFSeb9gmm_r3h1A==

Redirect headers

Pragma
no-cache
Date
Fri, 01 Apr 2022 05:20:28 GMT
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a885b12e-d805-41e5-b240-caab5947af8f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://attr.ml-api.io/?domain=sharefile.com&pId=7177339485997280603
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
public-sans-v3-latin-ext_latin-italic.woff
www.citrix.com/c-lib/assets/lib/public-sans/font/
21 KB
22 KB
Font
General
Full URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-italic.woff
Requested by
Host: www.citrix.com
URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8554e476d3159f4a0e67ef034b52538f8149b37b0f8269fee08d6fcf01557c44
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
access-control-max-age
3000
content-length
21764
x-xss-protection
1; mode=block
last-modified
Fri, 19 Feb 2021 19:19:29 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
etag
"4e47293ecbf7bfe130abe3ac9f4f333a"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
WUqiwuodQxSLc7mSM7XGW1jACe-cGOrCYFZJ7u9mjG7VWqnx-4eWYA==
1111.json
script.crazyegg.com/pages/sampling-data-scripts/0020/ Frame 0E3F
46 B
158 B
XHR
General
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0020/1111.json?t=457997
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc9e3531f279fde534eb2f47fe25f3dfa5e480986b511f84fda04cdab16a620

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
79454
ce-version
11.1.403
content-length
65
timing-allow-origin
*
last-modified
Thu, 31 Mar 2022 07:16:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
6f4ee0314a2601f8-ZRH
collect
stats.g.doubleclick.net/j/
7 B
446 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142592-2&cid=644370859.1648790428&jid=89517193&uid=16502391317565Yw07aA&gjid=799122678&_gid=479219828.1648790428&_u=aGBAgEAjEAAAAE~&z=661184027
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Apr 2022 05:20:28 GMT
content-type
text/plain
access-control-allow-origin
https://www.sharefile.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=371401050&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sharefile.com%2F&dr=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=max%20scroll&ea=scroll&el=scroll%20interval%3A%2025&_u=aGDAAEAjEAAAAG~&jid=536396048&gjid=1718100877&cid=644370859.1648790428&tid=UA-142592-2&_gid=479219828.1648790428&_r=1&gtm=2wg3u0XCGM&z=1996034277
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sharefile.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=371401050&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sharefile.com%2F&dr=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjE~&jid=89517193&gjid=799122678&cid=644370859.1648790428&uid=16502391317565Yw07aA&tid=UA-142592-2&_gid=479219828.1648790428&z=1527551447
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 17:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43857
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
public-sans-v3-latin-ext_latin-regular.woff
www.citrix.com/c-lib/assets/lib/public-sans/font/
21 KB
21 KB
Font
General
Full URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-regular.woff
Requested by
Host: www.citrix.com
URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a0b278eb41a0af4b6f481848a29c1ea4694f72ecec7ab6b47f43799c56dd081
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.citrix.com/c-lib/assets/lib/public-sans/font.css
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
access-control-max-age
3000
content-length
21300
x-xss-protection
1; mode=block
last-modified
Fri, 19 Feb 2021 19:19:29 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31449600
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
etag
"5720e8ba40c5c97c552d484f10333eec"
content-security-policy
frame-ancestors 'self'; object-src https://*.citrix.com https://capture.navattic.com; plugin-types application/x-shockwave-flash application/pdf
accept-ranges
bytes
x-amz-cf-id
GdLVrR6ke4DtgK3mK8Hk86A01ZEtuvcZGmQOVCqbs7p4BjbENnnxgw==
notice
consent.trustarc.com/
15 KB
5 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=sharefile.com&country=gb&js=nj2&c=teconsent&noticeType=bb&text=true&gtm=1&fade=30000&language=en
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
db644e9276944dd7bdca398449aba2be827673f3bf2cee8bfce745af80dfb911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sharefile.com/?
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
cloudfront-viewer-country
GB
vary
Accept-Encoding
content-length
5012
x-xss-protection
1; mode=block
timing-allow-origin
*
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
access-control-expose-headers
*
cache-control
max-age=3600
cloudfront-viewer-country-region
ENG
x-amz-cf-id
fgyU33_RwjUtza9uKJOY-rbnUqmgmG6njjlQq4AzGZp-CQYtFCwc8A==
expires
Fri, 01 Apr 2022 06:20:28 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGKTZFH&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 05:20:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2022 23:45:34 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=32150
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3104
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sharefile.com.admin-mcas.ms
URL: https://sharefile.com.admin-mcas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26313
x-xss-protection
0
pragma
public
x-fb-debug
7n4UyYeXh94QIdCy9Stz2iGCqIlratJvbLSGa1DyeJRd6xSBnEq+uD16PYPTrY+7TTcMQwwpNmvT3gpNzqidkQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
public-sans-v3-latin-ext_latin-700.ttf
www.citrix.com/c-lib/assets/lib/public-sans/font/
0
0

healthcheck
pagestates-tracking.crazyegg.com/ Frame 0E3F
19 B
420 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-84.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:52:43 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
8695666
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
WgpsU6gXEgteYM4XCUjBA3T1r_wzS9Y-l8FzZOw0AbgSL8DC_7Yxmw==
healthcheck
assets-tracking.crazyegg.com/ Frame 0E3F
19 B
419 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-127.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 13:24:28 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
8697361
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
HQrAQFqI2Z8aeND1ot32oQlhFLjOouOBaqkUszIII22QGGg58GPRmA==
collect
stats.g.doubleclick.net/j/
7 B
73 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-142592-2&cid=644370859.1648790428&jid=536396048&gjid=1718100877&_gid=479219828.1648790428&_u=aGDAAEAjEAAAAG~&z=2102513417
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Apr 2022 05:20:28 GMT
content-type
text/plain
access-control-allow-origin
https://www.sharefile.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
672b12ef-c43b-4ba1-b987-201170118876
https://www.sharefile.com/
53 B
0
Other
General
Full URL
blob:https://www.sharefile.com/672b12ef-c43b-4ba1-b987-201170118876
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1068539930/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1068539930/?random=1648790428440&cv=9&fst=1648790428440&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&ref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&tiba=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae527678a5cb8c7aa7eabf72e8ca53eaf98eb0bed6ac105850809dd391567a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/977766426/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977766426/?random=1648790428442&cv=9&fst=1648790428442&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&ref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&tiba=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8e4504620500828239f5163147675ffa2b0b6f4f29b80d17e82d58d59eceed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AABqvE7EjRcAADbRzcxWug
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABqvE7EjRcAADbRzcxWug&verifyHash=df4df6adecc5b63f94f92340daea81eb92aafaba
26 B
409 B
Image
General
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABqvE7EjRcAADbRzcxWug&verifyHash=df4df6adecc5b63f94f92340daea81eb92aafaba
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
HTTP/1.1
Server
143.204.215.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-97.fra53.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 05:20:29 GMT
Via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
trace-id
0613ffed1d76265e
X-Amz-Cf-Id
KAmDSK5e6iNLz9BoIx3rq-V6YEhhKQZ1WtakzxdVP7Y-Cd7MvlprqQ==

Redirect headers

Date
Fri, 01 Apr 2022 05:20:28 GMT
Via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AABqvE7EjRcAADbRzcxWug&verifyHash=df4df6adecc5b63f94f92340daea81eb92aafaba
Connection
keep-alive
trace-id
07f7f42c17acf565
Content-Length
0
X-Amz-Cf-Id
uJ35ejKvXLnZzoXrQNgO626m0DNkVK6GzQ61sPZ61CBQxc9gxzPAcw==
464526.gif
id.rlcdn.com/
0
66 B
Image
General
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
via
1.1 google
alt-svc
clear
content-length
0
sendInsights
titan.citrix.com/api/v2/
38 B
485 B
XHR
General
Full URL
https://titan.citrix.com/api/v2/sendInsights?1648790428451
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.22.189 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.22.211.130.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4b99468f12b21b72f6dbe5fc910326e357a55eec772149c703dfd8a93673f6b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors self
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Insights-Csrf
3785561659
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
clear
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
etag
W/"26-ZC0yWgTrXkuUT0DszyU1TgafbQE"
strict-transport-security
max-age=604800
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sharefile.com
x-cloud-trace-context
80f0effe19b0dd708733e5381bfa472a
cache-control
private
access-control-allow-credentials
true
function-execution-id
xv8ss21sljpd
content-security-policy
frame-ancestors self
sendInsights
titan.citrix.com/api/v2/ Frame
0
0
Preflight
General
Full URL
https://titan.citrix.com/api/v2/sendInsights?1648790428451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.22.189 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.22.211.130.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors self
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
insights-csrf
Access-Control-Request-Method
POST
Origin
https://www.sharefile.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers,Insights-csrf,Access-Control-Allow-Origin, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Referrer-Policy
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.sharefile.com
alt-svc
clear
content-security-policy
frame-ancestors self
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 05:20:28 GMT
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id
0hmej7vwwrpk
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=604800
via
1.1 google
x-cloud-trace-context
152e6281dbc41a0d477169a0c58905f0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ip.json
api.company-target.com/api/v2/
444 B
942 B
XHR
General
Full URL
https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&page=https%3A%2F%2Fwww.sharefile.com%2F%3F&page_title=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&src=tag&auth=Qup41ckfLHGp7DQ6kv52DiyeWVOMdKV2hn11qCtC
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
2ee556f14b60c480c86b6d8eeb509f5b9c5560e94e645325fe09e89c6e122cb8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
identification-source
CENTRAL
vary
Accept-Encoding, Origin
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
request-id
ed51b896-8aac-4f03-bc79-03cd6e6134d5
content-encoding
gzip
pragma
no-cache
access-control-allow-origin
https://www.sharefile.com
server
nginx
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
api-version
v2
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
BuYOEcQUUFOEXO8hAriZAN_hWLAAxAI0ptoeDSYZv3mzPCqLWuIpng==
expires
Thu, 31 Mar 2022 05:20:28 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142592-2&cid=644370859.1648790428&jid=89517193&_u=aGBAgEAjEAAAAE~&z=1063685487
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
107 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142592-2&cid=644370859.1648790428&jid=89517193&_u=aGBAgEAjEAAAAE~&z=1063685487
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
consent.trustarc.com/
57 KB
57 KB
Font
General
Full URL
https://consent.trustarc.com/get?name=PublicSans-Regular.otf
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
1f176f6ad10575e5e39896c57377abdd10a7d8e74cc05297d58b0fe4ceefc421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sharefile.com/
Origin
https://www.sharefile.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:03:44 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
age
1004
x-cache
Hit from cloudfront
content-length
58284
pragma
public
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P2
timing-allow-origin
*
x-amz-cf-id
PLcYqNNOCpurpkPXav5WEvV0qDsjxOA9iCmMUdMq0dkU4n--WrytYg==
expires
Sun, 01 May 2022 05:03:44 GMT
bannermsg
consent.trustarc.com/
43 B
468 B
Image
General
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=sharefile.com&behavior=implied&country=gb&language=en&rand=0.8588651349418437
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
zOg7YN4o-zIRm2XktHxKGXpCpzDST9k2cADCgzka3I7SCxGw1uswpg==
expires
Fri, 01 Apr 2022 05:20:27 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142592-2&cid=644370859.1648790428&jid=536396048&_u=aGDAAEAjEAAAAG~&z=1862080491
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-142592-2&cid=644370859.1648790428&jid=536396048&_u=aGDAAEAjEAAAAG~&z=1862080491
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D77403%26time%3D1648790428513%26url%3Dhttps%253A%252F%252Fwww.sharefile.com%252F%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F&liSync=true&e_ipv6=AQLbhZ7wcmCuUQAAAX_jkV2nX1aVQ_AVFq-yDuKrBH4N_8YlskjWT0UD1gKOiu...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F&liSync=true&e_ipv6=AQLbhZ7wcmCuUQAAAX_jkV2nX1aVQ_AVFq-yDuKrBH4N_8YlskjWT0UD1gKOiuM_Fpk
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:29 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 46E3716EA88F4B8C9D51FA82A95E85D1 Ref B: MAN30EDGE0415 Ref C: 2022-04-01T05:20:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbkO/Ze4Tq0cH2gXfAAg==
x-li-fabric
prod-lor1

Redirect headers

date
Fri, 01 Apr 2022 05:20:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C6E5EB7CDEE842DEA14357846B791CD3 Ref B: LTSEDGE0921 Ref C: 2022-04-01T05:20:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77403&time=1648790428513&url=https%3A%2F%2Fwww.sharefile.com%2F&liSync=true&e_ipv6=AQLbhZ7wcmCuUQAAAX_jkV2nX1aVQ_AVFq-yDuKrBH4N_8YlskjWT0UD1gKOiuM_Fpk
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbkO/VqGVsobrr53lEoQ==
804548962959136
connect.facebook.net/signals/config/
307 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/804548962959136?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15dab927bb20fe41db03a90d87f8dbcf5f072f3f4f430bf25ec33f3e9a0b2781
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
HlGRwIEwoeJjkQSHI9VCEe0JeXl/DObYa47egs77x1IytrX9LdKSQGFNi9rbjQ9HQJStJZ0uoV86nl1b+rArcA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 01 Apr 2022 05:20:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
shareFileWebHit
www.sharefile.com/bin/citrix/
44 B
459 B
XHR
General
Full URL
https://www.sharefile.com/bin/citrix/shareFileWebHit
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88d::2aec Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
31d01ba36b4d083084f48f111ea78f90a54b12602abc26bdccc078a81ee2457b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31449600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.sharefile.com/?
CSRF-Token
undefined
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 01 Apr 2022 05:20:29 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31449600
content-length
44
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
cache-control
max-age=0, no-cache, no-store
web-mar-node
grntshf01
x-frame-options
SAMEORIGIN
content-type
text/html;charset=utf-8
web-mar-region
grn
permissions-policy
microphone 'none'; camera 'none'; usb 'none'
content-security-policy
frame-ancestors 'self'
expires
Fri, 01 Apr 2022 05:20:29 GMT
layout_tool.html
www.citrix.com/web-production/personalization/global-interstitital/_jcr_content/content-par/
0
0

collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=371401050&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.sharefile.com%2F&dr=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Evergage&ea=Test_impression&el=GEO%20Phone%20Removal%20EMEA%2FAPJ&_u=aHDAgEAjEAAAAG~&jid=&gjid=&cid=644370859.1648790428&uid=16502391317565Yw07aA&tid=UA-142592-2&_gid=479219828.1648790428&z=1106997451
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 17:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43857
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=371401050&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.sharefile.com%2F&dr=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Evergage&ea=Test_impression&el=HP_Global-interstitial_295%20UK&_u=aHDAgEAjEAAAAG~&jid=&gjid=&cid=644370859.1648790428&uid=16502391317565Yw07aA&tid=UA-142592-2&_gid=479219828.1648790428&z=2045355224
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 17:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43857
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=371401050&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.sharefile.com%2F&dr=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHDAgEAjEAAAAG~&jid=&gjid=&cid=644370859.1648790428&uid=16502391317565Yw07aA&tid=UA-142592-2&_gid=479219828.1648790428&cd48=(Non-Company%20Visitor)&cd49=(Non-Company%20Visitor)&cd50=(Non-Company%20Visitor)&cd51=SMB&cd52=(Non-Company%20Visitor)&cd53=(Non-Company%20Visitor)&cd54=(Non-Company%20Visitor)&cd55=(Non-Company%20Visitor)&cd56=(Non-Company%20Visitor)&cd57=(Non-Company%20Visitor)&cd58=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&cd60=ENG&cd61=Manchester&cd62=GB&cd63=(Non-Company%20Visitor)&cd64=(Non-Company%20Visitor)&cd65=(Non-Company%20Visitor)&cd66=(Non-Company%20Visitor)&cd67=(Non-Company%20Visitor)&cd68=(Non-Company%20Visitor)&cd69=(Non-Company%20Visitor)&cd70=(Non-Company%20Visitor)&cd71=(Non-Company%20Visitor)&z=630090393
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 17:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43857
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
adservice.google.com/ddm/fls/i/ Frame 8DE1
490 B
456 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Requested by
Host: 12166079.fls.doubleclick.net
URL: https://12166079.fls.doubleclick.net/activityi;dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59af767d0b1d5dbb41466ae5a39e2d9de577b5d6131eb4d39cac32dce2d5e629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://12166079.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
clock
tracking.crazyegg.com/ Frame 0E3F
29 B
136 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1648790428596
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.403.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.19.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-19-154.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
2b65ca307c872f806e2db726823b8aad0e574c589bb6110bb1819906fb49712a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Apr 2022 05:20:28 GMT
cache-control
no-store
server
awselb/2.0
content-length
29
content-type
text/plain
dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
adservice.google.com/ddm/fls/i/ Frame CF23
490 B
858 B
Document
General
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Requested by
Host: 3845646.fls.doubleclick.net
URL: https://3845646.fls.doubleclick.net/activityi;dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99ec0b52b1de59630136e2f94990b2ed5ce0bd5c92a040f304286557df464141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3845646.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
389
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/1068539930/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1068539930/?random=1648790428440&cv=9&fst=1648789200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&ref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&tiba=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&async=1&fmt=3&is_vtc=1&random=2258607956&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1068539930/
42 B
154 B
Image
General
Full URL
https://www.google.co.uk/pagead/1p-user-list/1068539930/?random=1648790428440&cv=9&fst=1648789200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&ref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&tiba=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&async=1&fmt=3&is_vtc=1&random=2258607956&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/977766426/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/977766426/?random=1648790428442&cv=9&fst=1648789200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&ref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&tiba=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&async=1&fmt=3&is_vtc=1&random=1204030146&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/977766426/
42 B
108 B
Image
General
Full URL
https://www.google.co.uk/pagead/1p-user-list/977766426/?random=1648790428442&cv=9&fst=1648789200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3u0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&ref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&tiba=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&async=1&fmt=3&is_vtc=1&random=1204030146&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
msreceiver
citrix.evergage.com/
0
467 B
XHR
General
Full URL
https://citrix.evergage.com/msreceiver?_r=274992&_ak=citrix&_ds=production&urlref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&.anonId=6c4e01d8d387024b&_anon=true&.pageLocale=en_US&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22aKNfe%22%2C%22stat%22%3A%22i%22%7D%5D%2C%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22wjEYZ%22%2C%22stat%22%3A%22i%22%7D%2C%7B%22type%22%3A%22m%22%2C%22id%22%3A%22Sobks%22%2C%22stat%22%3A%22i%22%2C%22eid%22%3A%22wjEYZ%22%7D%5D%5D&.bv=14&.scv=325
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.119.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-119-60.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://www.sharefile.com
date
Fri, 01 Apr 2022 05:20:28 GMT
x-content-type-options
nosniff
server
Apache-Coyote/1.1
timing-allow-origin
*
/
www.facebook.com/tr/
44 B
409 B
Image
General
Full URL
https://www.facebook.com/tr/?id=804548962959136&ev=PageView&dl=https%3A%2F%2Fwww.sharefile.com%2F%3F&rl=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&if=false&ts=1648790428755&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648790428753.89793493&it=1648790428525&coo=false&exp=p0&rqm=GET
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 01 Apr 2022 05:20:28 GMT
dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
3845646.fls.doubleclick.net/ddm/fls/r/ Frame E652
Redirect Chain
  • https://adservice.google.co.uk/ddm/fls/i/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sh...
  • https://3845646.fls.doubleclick.net/ddm/fls/r/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fw...
478 B
351 B
Document
General
Full URL
https://3845646.fls.doubleclick.net/ddm/fls/r/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
5d7739e67b3f2237373f7b0f808764d185a276ab789f1a283c5b135257997f6b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
326
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Apr 2022 05:20:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://3845646.fls.doubleclick.net/ddm/fls/r/dc_pre=CIjyrf6O8vYCFQZCHQkdSsgCGg;src=3845646;type=landi0;cat=sfhp;ord=1;num=6980739661920;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
adservice.google.co.uk/ddm/fls/i/ Frame 8034
194 B
870 B
Document
General
Full URL
https://adservice.google.co.uk/ddm/fls/i/dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPPXrP6O8vYCFYiBhQodmwQBgQ;src=12166079;type=ctprcoun;cat=rmkcost;ord=2088922903083;gtm=2wg3u0;auiddc=960839420.1648790428;~oref=https%3A%2F%2Fwww.sharefile.com%2F%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:28 GMT
expires
Fri, 01 Apr 2022 05:20:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pix.js
magnetic.t.domdex.com/16637/ Frame E652
0
0

sendInsights
titan.citrix.com/api/v2/ Frame
0
0
Preflight
General
Full URL
https://titan.citrix.com/api/v2/sendInsights?1648790429105
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.22.189 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.22.211.130.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors self
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
insights-csrf
Access-Control-Request-Method
POST
Origin
https://www.sharefile.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers,Insights-csrf,Access-Control-Allow-Origin, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Referrer-Policy
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.sharefile.com
alt-svc
clear
content-security-policy
frame-ancestors self
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 05:20:29 GMT
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id
xv8s6n0u2qo2
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
strict-transport-security
max-age=604800
via
1.1 google
x-cloud-trace-context
4483453dc98c1615f615a797bc5374ec
x-content-type-options
nosniff
x-xss-protection
1; mode=block
twreceiver
citrix.evergage.com/
3 KB
2 KB
XHR
General
Full URL
https://citrix.evergage.com/twreceiver?_r=584500&_ak=citrix&_ds=production&urlref=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&audience_demandbase=SMB&audience_segment_demandbase=&isp_demandbase=true&region_name_demandbase=England&.anonId=6c4e01d8d387024b&_anon=true&.pageLocale=en_US&action=visit&url=https%3A%2F%2Fwww.sharefile.com%2F%3F&title=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&.ple=3&.bv=14&.scv=325
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.119.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-119-60.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
5d35b5e122a1210d87ccf2035dbcb5cf563ef94e38a39fdff82e640a9a2fda84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 05:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache-Coyote/1.1
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sharefile.com
timing-allow-origin
*
sendInsights
titan.citrix.com/api/v2/
38 B
193 B
XHR
General
Full URL
https://titan.citrix.com/api/v2/sendInsights?1648790429105
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.22.189 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.22.211.130.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4b99468f12b21b72f6dbe5fc910326e357a55eec772149c703dfd8a93673f6b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors self
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Insights-Csrf
8758542800
Referer
https://www.sharefile.com/?
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 01 Apr 2022 05:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
clear
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Google Frontend
etag
W/"26-ZC0yWgTrXkuUT0DszyU1TgafbQE"
strict-transport-security
max-age=604800
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sharefile.com
x-cloud-trace-context
ad9f905512f12e8be8aa39478e3d450d
cache-control
private
access-control-allow-credentials
true
function-execution-id
5mljwkgg8pwl
content-security-policy
frame-ancestors self
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=371401050&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.sharefile.com%2F&dr=https%3A%2F%2Fsharefile.com.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Citrix%20ShareFile%3A%20Securely%20Sync%2C%20Store%20and%20Share%20Files&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Evergage&ea=pageAction&el=visit&_u=aHDAgEAjEAAAAG~&jid=&gjid=&cid=644370859.1648790428&uid=16502391317565Yw07aA&tid=UA-142592-2&_gid=479219828.1648790428&cd48=(Non-Company%20Visitor)&cd49=(Non-Company%20Visitor)&cd50=(Non-Company%20Visitor)&cd51=SMB&cd52=(Non-Company%20Visitor)&cd53=(Non-Company%20Visitor)&cd54=(Non-Company%20Visitor)&cd55=(Non-Company%20Visitor)&cd56=(Non-Company%20Visitor)&cd57=(Non-Company%20Visitor)&cd58=(Non-Company%20Visitor)&cd59=(Non-Company%20Visitor)&cd60=ENG&cd61=Manchester&cd62=GB&cd63=(Non-Company%20Visitor)&cd64=(Non-Company%20Visitor)&cd65=(Non-Company%20Visitor)&cd66=(Non-Company%20Visitor)&cd67=(Non-Company%20Visitor)&cd68=(Non-Company%20Visitor)&cd69=(Non-Company%20Visitor)&cd70=(Non-Company%20Visitor)&cd71=(Non-Company%20Visitor)&z=1535192904
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 17:09:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43858
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 69B1
0
17 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://www.sharefile.com
Referer
https://www.sharefile.com/?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.sharefile.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 01 Apr 2022 05:20:29 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
core
js.driftt.com/ Frame 6983
2 KB
1 KB
Document
General
Full URL
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Requested by
Host: www.sharefile.com
URL: https://www.sharefile.com/etc/designs/citrix-core/clientlibs/ctx.cq.jquery.min.3.1.9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f124f1e0926cdb686cb73fa9ffdd58ce725e0fb21207d9ca3dba03a1a354c97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 05:20:29 GMT
etag
W/"f0987eb17902e112271e241d98f0f4e2"
last-modified
Thu, 31 Mar 2022 15:45:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-id
WSYWW7Y_ccS377-qah5GC8FF-J-AatRkMV7mqh8DA2SiNlw3kMVoCQ==
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
VV977XzNoInKwYkSi3kpyvdR2LeTKkvH
x-cache
RefreshHit from cloudfront
chat
js.driftt.com/core/ Frame 218B
2 KB
1 KB
Document
General
Full URL
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1648790700000/tz5kufnkte45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f124f1e0926cdb686cb73fa9ffdd58ce725e0fb21207d9ca3dba03a1a354c97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.sharefile.com/?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 05:20:29 GMT
etag
W/"f0987eb17902e112271e241d98f0f4e2"
last-modified
Thu, 31 Mar 2022 15:45:55 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
x-amz-cf-id
Vec3YKiIKh77J1RvV6iR4rC9XXPUi2g4JQ96K06rbX1pBM8jjEjO5A==
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
VV977XzNoInKwYkSi3kpyvdR2LeTKkvH
x-cache
RefreshHit from cloudfront
runtime~main.da2ff9d4.js
js.driftt.com/core/assets/js/ Frame 218B
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2e3c631a95f07f36a25f07e2b7df8dfe86918b1bf8e11f581d8e319e21796ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Origin
https://js.driftt.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 15:45:54 GMT
content-encoding
gzip
age
48875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 14:50:33 GMT
server
nginx
etag
W/"1085ece1ec6f8a6b1d29b205a879c6a1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
yxrj_iOkFaYUs0UNbaZidd1xQIugw_ao
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-_PVJqY0kjdhPF_oDYhzvtODC1QQcJDBTDAdLdJ97c-2EIHK5Nk_AA==
5.b4ccdd57.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
58 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Origin
https://js.driftt.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 00:15:05 GMT
content-encoding
gzip
age
6152724
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 19:52:34 GMT
server
nginx
etag
W/"bf2b7dc96b40587d388df8918a276f1d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
FFh5E66DOs-d7H5MCNo1ssjozok8DctIEQiLfhJfxhqmuQr_1p16xw==
main~493df0b3.590f1a1c.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
Origin
https://js.driftt.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:08:21 GMT
content-encoding
gzip
age
1523528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 13:49:24 GMT
server
nginx
etag
W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
.VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
P2OETRNzKBjzdDoqJASTQ2SU54NxcJdc9QRt4ZnWfYT1lM2hFsycUQ==
runtime~main.da2ff9d4.js
js.driftt.com/core/assets/js/ Frame 6983
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2e3c631a95f07f36a25f07e2b7df8dfe86918b1bf8e11f581d8e319e21796ba9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Origin
https://js.driftt.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 15:45:54 GMT
content-encoding
gzip
age
48875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 14:50:33 GMT
server
nginx
etag
W/"1085ece1ec6f8a6b1d29b205a879c6a1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
yxrj_iOkFaYUs0UNbaZidd1xQIugw_ao
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
LBZw9O_8bySLPmMcl1d4oPNL2XScLcfJkECy96PcpuyLaZqNSkBpLg==
5.b4ccdd57.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
58 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/5.b4ccdd57.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Origin
https://js.driftt.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 00:15:05 GMT
content-encoding
gzip
age
6152724
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 19:52:34 GMT
server
nginx
etag
W/"bf2b7dc96b40587d388df8918a276f1d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
P_j_K9jDbxJyM90WDdS2X.rONeS2gHZN
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
L1U4PaxoJJ85mwSQrTd5jz3vQQPVTu3nDJjf9VBsshCMblMvIqGKuw==
main~493df0b3.590f1a1c.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.590f1a1c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
Origin
https://js.driftt.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:08:21 GMT
content-encoding
gzip
age
1523528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 13:49:24 GMT
server
nginx
etag
W/"56b1fdbf9f4fceaf79dbb7f1e085c35f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
.VbPHImM8_ns5xOgvCbvXJ2d13mU5n0l
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ZGtzX2cDBnDI-0GZLj3vWM1EkJ4EyNsc9ovjQONtmwwWfOPFJnH5lQ==
44.36014458.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
47 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/44.36014458.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:08:21 GMT
content-encoding
gzip
age
1523528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 13:49:23 GMT
server
nginx
etag
W/"f3141bda9ba639e2d01218d7e7cd8311"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
WIuUr0mA64zfBEv5OwTE2DT-rSyJykBCL8jPa6a1W6NW-S-UY0JSgw==
18.8ef42267.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
44 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ZUa_DWGiFCX5eENKHgv4x9Sn67vjqCE0cNHZzTFiptFbSjm1KsjwpQ==
37.dc112dfd.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
25 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Feb 2022 02:02:27 GMT
content-encoding
gzip
age
2949482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 25 Feb 2022 21:11:14 GMT
server
nginx
etag
W/"5b39d5e49e5ec5cdb576054612a441ef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Jkm8Dc3zYP9zoYcPnVlVKYEMbcPK0qdn
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
TcdTB8EMNXeLd5IdzqERKS8Qj05X-rwqm_w6MIxutxqmvE0OqjCyKQ==
16.10d76686.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
16 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/16.10d76686.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
mzB2ul0u_48ftIGEd6phwcoTfextzATL
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
UqNppmN7a5kkW7BaVl2MGB5irDTMseWWcNX3GdNAK9eRC9zPQWvmCg==
21.8ac5d777.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
72 KB
22 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:43 GMT
content-encoding
gzip
age
7478806
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dQ1B8jVq5sKmaiGmcR4fmVIOTFk0NPW2kkWpxstDZI4zeNv_mvh3Ng==
34.801d3c89.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
16 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"fa218b0849860dbc5ceda153316c9c38"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
x5LId75eoTMcel0BS7bX9dM_ogUKCO6Z_4sEiGJjbh5p0lMWb4lK2A==
23.a53d721f.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
59 KB
19 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 01:13:03 GMT
content-encoding
gzip
age
8136446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 23 Dec 2021 18:12:25 GMT
server
nginx
etag
W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-ea3rvHtHWAWvWfjsqkpIa-kNxlOCR1tLteqzy4W8zXr2r62BuAZsA==
11.8d62d6c4.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
91 KB
28 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 08:08:57 GMT
content-encoding
gzip
age
2754692
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 25 Feb 2022 21:11:13 GMT
server
nginx
etag
W/"14d96efdca3b51f9c3a4133e8b3ca95b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
QYmbWCyCTWOrHsXnXZ6BKA83mluh3jwU
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
U5uo7Q_YYcvWBAi_XG8PvIIUenb7MWQsM4-GriB-vqkqyd14ysBW8g==
10.937b0755.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
24 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/10.937b0755.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:15:27 GMT
content-encoding
gzip
age
6235501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 19:52:33 GMT
server
nginx
etag
W/"e9243456e8ca8af97d77d525d5367d6b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Rg9C9EgHFMiiGvI9slgiyu0n5e93UBR5phueOOYuNOH4FF9JlDO_7g==
14.2a01ddd6.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
62 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"6f457384188c98017d8d27281f3df6ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
GIF6JtD0A-7kzN6T5e8Bw-OksWl1psrWP9yiXZEEi-05p2Cz2VOUGg==
42.85bf5aa5.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
105 KB
34 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:08:21 GMT
content-encoding
gzip
age
1523528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 13:49:23 GMT
server
nginx
etag
W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_4bcP-cJTmU8gxADFXPcBP-EIRn4VH7qwHTrZ6YcTGT-N4kutZ5Hjw==
35.0810b4b3.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
12 KB
4 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:15:27 GMT
content-encoding
gzip
age
6235501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 19:52:34 GMT
server
nginx
etag
W/"4a61646db5420cc31cb60b9287d9f544"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
XPFX2d6qR0GEzdqj3ONREQrDXnCDA1biYLy8FGXtwhXPZFZgTWURoA==
26.d9eb886e.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
12 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
MUQRU-A_HExgBDR7Fh6DsVW8hAGL0KRjRA_RcdI-jqt0rJHz_YNguw==
17.6c3c965c.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
17 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
92Hl2XvMvzJ7A0z4do1lvZjj4mJyB8f7oRpfEJYaoMS5EQzn-eK3eQ==
8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 218B
11 KB
3 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
W/"a123c5b36f16fe6d3a3129e24df81443"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
XdaQvKvFDPBjgC7lunRy2lyBGQFFmUTLJOS1EobuSDIdPgaaxzNRXA==
8.ac0502ea.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
70 KB
22 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/8.ac0502ea.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3b8a8c3e723f1d31ce9512ddee97fbf779c311e8c22ce773e38091ae040ed277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 14:31:59 GMT
content-encoding
gzip
age
658110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 14:12:59 GMT
server
nginx
etag
W/"904842dbfd6586150100664098bdcb25"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
gZMB6d7FHGHhO7RpYzTF6mRgffdK.0AG
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
AMCzYg25C6FDFXOsLLPbrlBFDzgC1PzFggWLJUPLWkwHcUWYP0sqOg==
15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 218B
24 B
667 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
"0c5dad92482d9a7c7c253510f5082465"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
JTEaQbg8DyrhvWCHk4x6QjY2c5_9rh9XZDWiSMFPhXEj-6ZaQJRi3w==
15.623081cd.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
75 KB
19 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/15.623081cd.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
31ff8f9902bf160e0082150a0234d73cb841e348c937d38f095d1eb65034c89d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 14:31:59 GMT
content-encoding
gzip
age
658110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 14:12:57 GMT
server
nginx
etag
W/"b2ed0732b209e6425d55fc711aa51ac7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Sy_S8r6k4RxiTme8aThmkbLhdFR__yqj
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
30RtByPmpUOBl67Bpxoym4inRSFtR7kYlgGPsiR0za_xPiusnE65hw==
22.f9842666.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
47 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/22.f9842666.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:35:21 GMT
content-encoding
gzip
age
1424708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:29:25 GMT
server
nginx
etag
W/"84aab2b92fbe097cc233d28cfcd07e34"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
qu.tZP1dAb8G86QkRQ86fcMrVoZpSglm
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
z227OuJXwyeY_3gA7onVJPujdhyAQiFDOmO4Szcmbwl_v7BkMgELyA==
13.65f28948.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
41 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/13.65f28948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7d8b850b0c1876d3fe8c778d01bc5b8d75078e494e1d4afda48f7ed101d1be74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 15:45:54 GMT
content-encoding
gzip
age
48874
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 14:50:30 GMT
server
nginx
etag
W/"afe68f39068b71393fa65df461a05237"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UmEUfT0XscS3NMoUUTFlj.Ap6MQh2YI0
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_je7fp_aP8o_aR9B7SweX_sfwNrQspl7B2dDaaHPCYAaw3Mf9sOj2w==
44.36014458.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
47 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/44.36014458.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:08:21 GMT
content-encoding
gzip
age
1523528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 13:49:23 GMT
server
nginx
etag
W/"f3141bda9ba639e2d01218d7e7cd8311"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
zBmoh2tQAT_vfEDC2Fd97hmCr0r_AZnb
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
seNz-gGvleXfJifzmd5kzfjbl83lHJD5n3B3EBcFAJd-d7h6JR4K0g==
18.8ef42267.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
44 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/18.8ef42267.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"0c6f51f22b2a4bddd966a92b56c18e29"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Zug6jTznDFRyogFlBOnxjireRPUkSHKT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
HYjMTOU96kDd6A-VTUADR4OYJpX2_XLX_sWAQ22oR8HdgYTYjMzDkQ==
37.dc112dfd.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
25 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/37.dc112dfd.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Feb 2022 02:02:27 GMT
content-encoding
gzip
age
2949482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 25 Feb 2022 21:11:14 GMT
server
nginx
etag
W/"5b39d5e49e5ec5cdb576054612a441ef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Jkm8Dc3zYP9zoYcPnVlVKYEMbcPK0qdn
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
I5iJTWV57ntQvzPLH6FYgw23sTc4AAGA6LTBjHMQ-b-hQTe_PhwN0w==
16.10d76686.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
16 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/16.10d76686.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
mzB2ul0u_48ftIGEd6phwcoTfextzATL
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1EdgJPr5_BbPkDj5KiSGQgWGiwIAj77QBlVJTayhvWekkoc4bX03EA==
21.8ac5d777.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
72 KB
22 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/21.8ac5d777.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:43 GMT
content-encoding
gzip
age
7478806
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"c39414a669b98ba4a25856ccdc1c1c1b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
PmO9yEa8J.DEQa9FEB2tMN_1Ccd5vo_f
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
pdxOk93QsHn_JppXrFsoG0OuD7cgQeEIAzKIy_1ZmP0GPYBOXLR4Lw==
34.801d3c89.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
16 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/34.801d3c89.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"fa218b0849860dbc5ceda153316c9c38"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
VLd3KMbDPd6s2pCiJkiLNxZPlKywvnnH
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
AU9WUpkpWcmlK5XnzDvcWpPpwObz-PYCiBlciIFrmK1IxgrK-104vQ==
23.a53d721f.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
59 KB
19 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 01:13:03 GMT
content-encoding
gzip
age
8136446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 23 Dec 2021 18:12:25 GMT
server
nginx
etag
W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
a7WvmR.vwHMPBFEqQ8riDzB0H8J4vers
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QsRjOOuQUYvoHfbMXrPt7VKneBhEcpncOmt-d-mUWz4084mkw0uc1g==
11.8d62d6c4.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
91 KB
28 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 08:08:57 GMT
content-encoding
gzip
age
2754692
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 25 Feb 2022 21:11:13 GMT
server
nginx
etag
W/"14d96efdca3b51f9c3a4133e8b3ca95b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
QYmbWCyCTWOrHsXnXZ6BKA83mluh3jwU
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
YwuJCtmTUyVaA0dBfGEatBtEibCghq5H4mWti09iScjdbDhEokUl4A==
10.937b0755.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
24 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/10.937b0755.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:15:27 GMT
content-encoding
gzip
age
6235501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 19:52:33 GMT
server
nginx
etag
W/"e9243456e8ca8af97d77d525d5367d6b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
qO3a.NcOI1oBDRBABVLWfFTMfjEE__CA
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
515bbQT0_D0lIqXvBmXZr9v5Cyp8oa-9XYG4QteiZlydstLNNbg0uA==
14.2a01ddd6.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
62 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"6f457384188c98017d8d27281f3df6ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
l4jdOaEppxstioSUPN-cHtHR3Wh13oMbMuNHzPEzLDVy8fOL5H7XYA==
42.85bf5aa5.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
105 KB
34 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/42.85bf5aa5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:08:21 GMT
content-encoding
gzip
age
1523528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 13:49:23 GMT
server
nginx
etag
W/"8c7c0bf11a78a30db0b2b7f63660c3d1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
x3rSxj7JZVbdd2BnNrxQR_ngKfchLMH4
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
vApy8g9_mw0bz7ehAfNrYQQGnOfp6ckhwdBt3gbtlpbmVojfuVOIlQ==
35.0810b4b3.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
12 KB
4 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/35.0810b4b3.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:15:27 GMT
content-encoding
gzip
age
6235501
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 19:52:34 GMT
server
nginx
etag
W/"4a61646db5420cc31cb60b9287d9f544"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
123ec01tvkGnjrPsnvwWzlXkBB9QJfPb
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9n3U9dQ3gLXyqUhb-j5wFuXLpaU3NeTQc2c1zwLZifrzQgmbFThdxQ==
26.d9eb886e.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
12 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/26.d9eb886e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"44c7301d8127e805fcdfcc1b00ddf2ea"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
EjkJtX0HE9ajSK4icA5a46UNajNAQcku
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
x5W8SVG50V4Odux_TWGG9E5dhN93NZtDHovNblc-XALCrh-vRGLWyw==
17.6c3c965c.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
17 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
HHiN6wsTfDikx0BfRvhzq1f1VEBLDIa4
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iisPb2qGYzC_9RXJ4Fec0bYZlLdX8Ytjeql-L35pTZgoLW5QC6ShLA==
8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 6983
11 KB
3 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
W/"a123c5b36f16fe6d3a3129e24df81443"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
_wlNEHOawmowSdlpT1GApwIIwlk.3B3i
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
PEBWxdDEyGMY8cotaH4POTYH1JFVYKGGggi7VRHynXy6eqwmXFFQcQ==
8.ac0502ea.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
70 KB
22 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/8.ac0502ea.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3b8a8c3e723f1d31ce9512ddee97fbf779c311e8c22ce773e38091ae040ed277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 14:31:59 GMT
content-encoding
gzip
age
658110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 14:12:59 GMT
server
nginx
etag
W/"904842dbfd6586150100664098bdcb25"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
gZMB6d7FHGHhO7RpYzTF6mRgffdK.0AG
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
sm-1IqlbpWvjUCkRGmS-EV_M_fvX1y3I7ffLNDzv2kd0KIa2wiXMBg==
15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 6983
24 B
666 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:41 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
"0c5dad92482d9a7c7c253510f5082465"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rPy2C80HifSoJvDZv3g27f2yn_xY4DM4ByhbL5aZLQDDx0E_cddUiw==
15.623081cd.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
75 KB
19 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/15.623081cd.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
31ff8f9902bf160e0082150a0234d73cb841e348c937d38f095d1eb65034c89d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 14:31:59 GMT
content-encoding
gzip
age
658110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 14:12:57 GMT
server
nginx
etag
W/"b2ed0732b209e6425d55fc711aa51ac7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Sy_S8r6k4RxiTme8aThmkbLhdFR__yqj
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
8DXCtnniOQtNNL03A-Tj7hF0ub41wBkI74pIAM4NLaUw-bECeti7cA==
22.f9842666.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
47 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/22.f9842666.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:35:21 GMT
content-encoding
gzip
age
1424708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:29:25 GMT
server
nginx
etag
W/"84aab2b92fbe097cc233d28cfcd07e34"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
qu.tZP1dAb8G86QkRQ86fcMrVoZpSglm
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
aLIFEqwLD2fvNoCaaVbgqrsSE-VSdD8PNLOJLmRZ7jcIcOSuG6AgRQ==
13.65f28948.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
41 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/13.65f28948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7d8b850b0c1876d3fe8c778d01bc5b8d75078e494e1d4afda48f7ed101d1be74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 15:45:54 GMT
content-encoding
gzip
age
48874
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 14:50:30 GMT
server
nginx
etag
W/"afe68f39068b71393fa65df461a05237"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
UmEUfT0XscS3NMoUUTFlj.Ap6MQh2YI0
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ayCrweCN7UBBa4vHQFHkYInr99iKmcyb5F5CeTD2xPSTMSiV4wWbvw==
32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 218B
3 KB
1 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
W/"87532c4db85f1429fa6d759bc3332f36"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
u5jls1rsjTMRW03RSXYJxMQTbD86EmFF
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
UgovevSimJJ1JNNnOQ03ft7xTvy0dKLIxjpyoPLE0gGtWB4x00sJRA==
32.28be7b35.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
3 KB
2 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:05:36 GMT
content-encoding
gzip
age
6081294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 20 Jan 2022 18:53:54 GMT
server
nginx
etag
W/"853d736e05b299b857e10b6ab17f3c36"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
9pIhc0wyy2uFZp3UiIdf1ZYNnPQh9D45
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
EqJha1leP2AwNZ_oTD9eiEXcRqysTPmVW_3ONZi7rPQkk-GBKCOhqg==
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
9 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:16 GMT
server
nginx
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
I82TVBet6lAKpoFxrAHSe6YffterxKeu7-SR_0Ee31zajdgn77Dtyg==
24.81d46fe7.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
33 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"4f751bc7b45f18c1d343a3081fe2509f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
LcjepTSdTIP3TYamt9S6TQ4IzFvRquuU
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
5_CJQ0CHBXZmkTEV2YKYB50kcOwYVFaRNs48jfi_98yHZORAciRXeg==
25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 6983
8 KB
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/25.c667535c.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 20:12:42 GMT
content-encoding
gzip
age
2452068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 19:35:45 GMT
server
nginx
etag
W/"5d56f3a89744b768e05433ac1e2f7935"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
nIQWP_TNHXf6VKMh1KLKq0CMzjnrVBjf
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
etl-BxYHw8C_aJTeOBbPk2t3TsAz1oaMOFOKPzXQsOfYlSwPyzwJWg==
25.13d11617.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
12 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/25.13d11617.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:35:22 GMT
content-encoding
gzip
age
1424708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:29:25 GMT
server
nginx
etag
W/"7cedab80631abf72e0de1939789e9982"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
o7tckVqeYvUaD8_hBcoukPgLK9HumXku
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9owWYgo_lvx02EK8uYZSE_owVvxm1EZNa6rrS5aXzLPSom65Z2nZCg==
19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 6983
365 B
1006 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/19.c695453b.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
365
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
"06b2963b029c0824382815165bfea73e"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
eDSgTpssczGDn2812OLuvvF.eUpzKWka
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0JM2Gg_jX2nizo2bEBtFViTHbaq_GEyLOE-u-2frmxsgw2SSykrdMw==
19.cbd00f6b.chunk.js
js.driftt.com/core/assets/js/ Frame 6983
85 KB
24 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/19.cbd00f6b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core?embedId=tz5kufnkte45&region=US&forceShow=false&skipCampaigns=false&sessionId=e3e10b06-7704-458a-a750-1814eebb091a&sessionStarted=1648790429.594&campaignRefreshToken=daa7cfc6-3800-4be8-9c64-6fbd54dc30e4&hideController=false&pageLoadStartTime=1648790426886&mode=CHAT&driftEnableLog=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:35:22 GMT
content-encoding
gzip
age
1424708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:29:25 GMT
server
nginx
etag
W/"e5d01e169fc99a46f4cbb5ef34e481c4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
WWKq4EyTp5AxwFncXlaQBYSiy4CobYNg
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9fv6-fQUk1WPvhGiTgT77wjto1rBhcTqhZkbCSZqz1D1HINLZmKwhQ==
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
9 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:16 GMT
server
nginx
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
DgvAfZ7BPwPZGfOrE621PjhvvHFr1DU0
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
P9IbnEuGYjErNECbTNIarndrieyrHe1jXjqoY9CjGkbNsqwi0I3ysw==
2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 218B
7 KB
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:15 GMT
server
nginx
etag
W/"189aeffd571884559dababa22c66d75a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
Y5MQMpfNZ9bYDeQmDMLbw0xNzGrQukfM
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
idaQYqn0KHqy9qIwYTVDovKzDS4RdPg2HzQgVgmpU6AVCGIAwiZKHg==
2.90bfb041.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
54 KB
16 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 15:53:42 GMT
content-encoding
gzip
age
7478808
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 04 Jan 2022 15:08:17 GMT
server
nginx
etag
W/"dc43e7dd478d83a9091a7335b8beb11d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
dNyr.b_J6AuxSb56NRWJ3LKsWJ9BzeOS
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
DOQmAmOdH0m0DlzkyupWPsHLVL9Xcr5I4CXP5vpkPK0etnBGha2mLA==
1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame 218B
43 KB
7 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 13:51:52 GMT
content-encoding
gzip
age
1265318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 13:34:19 GMT
server
nginx
etag
W/"2c40725f3e291f40133c5dd42e2d2809"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
PxBjSXKv2D9iu62R72tGZ7okhSAARqe8
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6J68k8JpG0DS2PylauzxowGtd0Sze0xOnKKCBBY2DtqCzmULF2nKVg==
1.5c65827e.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
73 KB
25 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/1.5c65827e.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 20:24:49 GMT
content-encoding
gzip
age
896141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 21 Mar 2022 19:53:38 GMT
server
nginx
etag
W/"b708aa91b64a5b7c6b6ddb197e81010f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
yaCLLa6iXOqbINeb80uzVs05G8nP7Fv7
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fgrdPqH8cmHPYPgWo6EE4Mqi_SIBxppA8ahqwWRUt2uCvymZe5PWvw==
30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 218B
12 KB
3 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 16:15:00 GMT
content-encoding
gzip
age
4799130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Fri, 04 Feb 2022 14:40:27 GMT
server
nginx
etag
W/"b63021470083bdc161ef4dda2e4912c3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
e.sL0vOF62s4pyHwBuhbHf.Miph1ZlJo
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
text/css
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
OkC8HJRZV5msOCcRPfW6usiWqJJHZfUilBsM9Si2RVtYIDx4R5ZsjA==
30.304d4bf2.chunk.js
js.driftt.com/core/assets/js/ Frame 218B
11 KB
5 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/30.304d4bf2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.da2ff9d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-47.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1648790426886
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 17:35:22 GMT
content-encoding
gzip
age
1424708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Tue, 15 Mar 2022 14:29:25 GMT
server
nginx
etag
W/"38d96c6ccd18212a914f55851e7dea75"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
NMIjSc_O1m0oYNrwPiID10ULv1PB3Qyi
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control
max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9pzIRMiU-ORCnnRdk9oLtAcFXtUAbxtzU4t_UA1PCTvjAl2T9GQ3og==
v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame
0
0

v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 6983
0
0

ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 6983
0
0

ping
bootstrap.api.drift.com/widget_bootstrap/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.citrix.com
URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-regular.woff2
Domain
www.citrix.com
URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-italic.woff2
Domain
cdn-web.citrix.com
URL
https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-icons/citrix-icons.ttf?1lams
Domain
www.citrix.com
URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.woff2
Domain
www.citrix.com
URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-600.woff2
Domain
www.citrix.com
URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.woff
Domain
www.citrix.com
URL
https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.ttf
Domain
www.citrix.com
URL
https://www.citrix.com/web-production/personalization/global-interstitital/_jcr_content/content-par/layout_tool.html?46419
Domain
magnetic.t.domdex.com
URL
https://magnetic.t.domdex.com/16637/pix.js?t=r&for=Sharefile
Domain
metrics.api.drift.com
URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v2
Domain
metrics.api.drift.com
URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v2
Domain
bootstrap.api.drift.com
URL
https://bootstrap.api.drift.com/widget_bootstrap/ping
Domain
bootstrap.api.drift.com
URL
https://bootstrap.api.drift.com/widget_bootstrap/ping

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| matched object| browser object| Granite object| _g function| $CQ object| digitalData object| _satellite boolean| __satelliteLoaded object| evergageLog function| ajq object| _aaq object| Evergage function| evergageBeforeSiteConfigExecution object| evergageSiteConfig string| evergageSiteWideStyles number| evergageBeaconParseTimeStart number| evergageReshowPersonalizedSectionsTimeout number| evergageBeaconParseTimeEnd object| dataLayer function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| flatpickr function| vueRecaptchaApiLoaded object| $cookies object| jQuery112402580891443434403 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client boolean| isSFWebHitEnabled object| ctx object| CTX_Layout_Tool function| CTX_Dynamic_Nav function| CTX_Dynamic_Nav_Key_Controls function| lazyLoad function| CTX_Tabs function| CTX_Tabs_Key_Controls object| ctxTabs object| CTX_CAROUSEL function| videoPlaylist function| handleLightbox function| playlistSizing function| chineseRedirect function| CardLayout function| dynamicImage function| rwdImageMap function| ariaOpenInNewWindow function| enterKey object| schemaDB undefined| videoSchema undefined| schemaType undefined| script undefined| mergedObj undefined| key function| Cookies object| CTX function| picturefill function| onYouTubeIframeAPIReady object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| formUrlParam object| optin boolean| mCustomScrollbar object| sf function| recaptchaCallback function| insightsFn object| ctxLoadAsync function| drift undefined| driftt boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL object| truste function| shouldRepop function| shouldResolveConsent string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-142592-2 object| gaGlobal object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin string| path_name string| GoogleAnalyticsObject object| optimizely number| pageHeight number| viewportHeight number| initialPercent undefined| scrollPercent number| max_scroll number| interval object| sent_arr number| interval_level object| interval_arr function| sendEvents number| interval_index object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_16__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked object| recaptcha object| CE2BH function| CE_URL_FINGERPRINT function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| _UA-142592-2_sendHitTask object| MunchkinTracker object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| _linkedin_data_partner_id function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Demandbase object| Insights function| lintrk boolean| _already_called_lintrk

35 Cookies

Domain/Path Name / Value
.www.sharefile.com/ Name: SFLocale
Value: en_International
www.sharefile.com/ Name: JSESSIONID
Value: node01en9xp5qa1k54cs2753zzjir1591733.node0
.sharefile.com/ Name: _evga_3ce1
Value: 6c4e01d8d387024b.
www.sharefile.com/ Name: uuid
Value: 16502391317565Yw07aA
www.sharefile.com/ Name: sessionId
Value: 8279760f-8b2b-4607-b244-3f8700640a35
www.sharefile.com/ Name: allSources
Value: sharefilecomadmin-mcasms
.youtube.com/ Name: YSC
Value: z882ROrDPOM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QI6Owv496oI
.sharefile.com/ Name: notice_behavior
Value: implied,eu
.sharefile.com/ Name: _ga
Value: GA1.2.644370859.1648790428
.sharefile.com/ Name: _gid
Value: GA1.2.479219828.1648790428
.sharefile.com/ Name: _gcl_au
Value: 1.1.960839420.1648790428
.sharefile.com/ Name: _gat
Value: 1
.sharefile.com/ Name: _gat_UA-142592-2
Value: 1
.sharefile.com/ Name: cebs
Value: 1
.sharefile.com/ Name: _ce.s
Value: v~a3defc769233764103dfe7e6fc4161d3c7a58a9a~vpv~0
.sharefile.com/ Name: insight_session
Value: cd36368f-f07b-4b2e-a025-e9973daa0e0e
.sharefile.com/ Name: insight_selfsvc_session
Value: 1648790428452
citrix.evergage.com/ Name: AWSALBCORS
Value: 2iNYwiCnyN+Jth5lUPQWrLmw7RDGGcdmMm1hcEN7fkacm2CkTjeBTKO0ThFhHwZy4CRi6Yxu15HntT6OSo+36FZ1OSV+BGzb9EeLwtF0KgdskEhlE6HNH3kQDlBE
.bidr.io/ Name: bito
Value: AABqvE7EjRcAADbRzcxWug
.bidr.io/ Name: bitoIsSecure
Value: ok
.sharefile.com/ Name: _fbp
Value: fb.1.1648790428753.89793493
.adnxs.com/ Name: uuid2
Value: 7177339485997280603
.linkedin.com/ Name: UserMatchHistory
Value: AQLSfFBQGOSoZAAAAX_jkVwTy72SFrRT0aja-fJdfvc0IHWgPLCYO8uevUBid-pKK0NE0iaYqsuX9g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJzm2TeYPrkdAAAAX_jkVwTx9MQzFzgrjnI2PpwMvuFAjuo05MqP13QLR3Pn_djzMjXX4d1pr3Q_6UXF5TbNw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&6aa0d38b-4bc6-4fd9-8d0a-cb44d21ca3f1"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2691:u=1:x=1:i=1648790428:t=1648876828:v=2:sig=AQHSVIrVLO0iVWHa2gjGv6cl2-uUWUY3"
.facebook.com/ Name: fr
Value: 0q43EObJyxA9nemOt..BiRouc...1.0.BiRouc.
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022040105202856adddec-2e63-4586-8bfc-2af50d92f946AQGl_guo0HF_XImTfYgk3Hf6jbCwkDpF"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDg3OTA0Mjg7MjswMjGmTwSJuKknVM+dqlI7jgEqnP+ou21CYfnYzo5RNSdtRw==
.company-target.com/ Name: tuuid
Value: 3a97f119-ac76-4a43-884a-4ce6eae34f09
.company-target.com/ Name: tuuid_lu
Value: 1648790428
.doubleclick.net/ Name: IDE
Value: AHWqTUlnsZ_PQjc1D7ei-S0n_f-cNgGkxS9LcG_UIvG810gYqLPC5b49hRQI7Uim2Kw

21 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
javascript warning URL: https://assets.adobedtm.com/3af873facf65/9a2ab87fbea5/launch-74b65801000f.min.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.evgnet.com/beacon/citrix/production/scripts/evergage.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://assets.adobedtm.com/3af873facf65/9a2ab87fbea5/launch-74b65801000f.min.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.evgnet.com/beacon/citrix/production/scripts/evergage.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-icons/citrix-icons.ttf?1lams' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn-web.citrix.com/can.cdn/marketing/assets/fonts/citrix-icons/citrix-icons.ttf?1lams
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.woff2' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-600.woff2' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-italic.woff2' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-italic.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-regular.woff2' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.woff' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.sharefile.com/?
Message:
Access to font at 'https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.ttf' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/c-lib/assets/lib/public-sans/font/public-sans-v3-latin-ext_latin-700.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.sharefile.com/?
Message:
Access to XMLHttpRequest at 'https://www.citrix.com/web-production/personalization/global-interstitital/_jcr_content/content-par/layout_tool.html?46419' from origin 'https://www.sharefile.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.citrix.com/web-production/personalization/global-interstitital/_jcr_content/content-par/layout_tool.html?46419
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://magnetic.t.domdex.com/16637/pix.js?t=r&for=Sharefile
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12166079.fls.doubleclick.net
3845646.fls.doubleclick.net
action.dstillery.com
action.media6degrees.com
adservice.google.co.uk
adservice.google.com
api.company-target.com
assets-tracking.crazyegg.com
assets.adobedtm.com
attr.ml-api.io
bootstrap.api.drift.com
cdn-web.citrix.com
cdn.evgnet.com
citrix.evergage.com
connect.facebook.net
consent.trustarc.com
googleads.g.doubleclick.net
id.rlcdn.com
js.driftt.com
magnetic.t.domdex.com
match.prod.bidr.io
mcasproxy.azureedge.net
metrics.api.drift.com
munchkin.marketo.net
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.ml-attr.com
script.crazyegg.com
scripts.demandbase.com
secure.adnxs.com
segments.company-target.com
sharefile.com
sharefile.com.admin-mcas.ms
snap.licdn.com
stats.g.doubleclick.net
titan.citrix.com
tracking.crazyegg.com
www.citrix.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.sharefile.com
www.youtube.com
bootstrap.api.drift.com
cdn-web.citrix.com
magnetic.t.domdex.com
metrics.api.drift.com
www.citrix.com
108.157.4.116
13.107.42.14
130.211.22.189
142.250.185.230
142.250.185.66
143.204.215.63
143.204.215.97
143.204.98.47
151.101.192.114
162.221.156.156
18.66.248.116
185.33.220.244
23.205.237.4
2600:9000:224a:1800:12:3734:2a40:93a1
2600:9000:224a:ea00:a:16e2:9240:93a1
2606:4700::6812:a4f
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:810::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9c
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:3500:7::17d8:4dca
2a02:26f0:3500:88d::2aec
2a02:26f0:fb:5af::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.244.174.68
51.137.137.121
52.215.3.215
52.86.119.60
68.67.153.60
99.81.19.154
99.86.7.127
99.86.7.84
04b9a1981e66845f7ebe29d82dc4374dc98ea486e067fa5315acd8ab34cc057a
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05c1b18ed199fea9af5168c7769dff2cd69f02706fa2568ab2e305be8dfb9c52
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13d59ce99bc9d62b4572a4b689e2b94bbb7b69b9e602ff07026b175fe2060cb3
142a106c3179d3025eee5c085f79c5001b5bcd3a6a17380b912438d481a42812
145bdf175afec031ab9f64072a737ce3804b44385423e64af08485fb0ffae410
15dab927bb20fe41db03a90d87f8dbcf5f072f3f4f430bf25ec33f3e9a0b2781
1962764bb41622610d2ce5df3a43109cecce08405bfadcecb488537cd7ca30b6
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1f176f6ad10575e5e39896c57377abdd10a7d8e74cc05297d58b0fe4ceefc421
203c827a686b4128c8dbbe9e34fdf5a2d72bb8268190daa85930a9345e6a59e3
20f61d9f3bd8edefee85a5b5cfa8916647104155938e1025d8ea065b5c42002d
210932d2489122355bf465597db944b680055e5e7de325792a571bbc00eeff14
21d60f7420a70e2176ebfe096f1197208a86984f9a66e729f6595bb0e6cc118e
297ca8436baf9bb87390453f12259bdd444ea3dc014b2f7003221143cce933c1
2a488dcb11cd3a43195429f3d2fb337e8ddffde56018c91af2eaba63cc52788e
2b65ca307c872f806e2db726823b8aad0e574c589bb6110bb1819906fb49712a
2e20b45289dde63510cdeab552eb4184d3839de33477faed3b382b959c1d27bc
2e3c631a95f07f36a25f07e2b7df8dfe86918b1bf8e11f581d8e319e21796ba9
2ee556f14b60c480c86b6d8eeb509f5b9c5560e94e645325fe09e89c6e122cb8
31d01ba36b4d083084f48f111ea78f90a54b12602abc26bdccc078a81ee2457b
31ff8f9902bf160e0082150a0234d73cb841e348c937d38f095d1eb65034c89d
36e55162781cd6256cc423416647b7759b5982b277317b744ad86ec3b56ac0fd
3a859233b46a9aca1f131ae9f1a3fe6c671d01d48b0be52cf5432b924fa95ea3
3b3108e0010ed639f3091ef3a47aee5077ca9f6586ed1b23217e594d6e238cd3
3b3db655949c75912452d1cd9481978be8920e2fba1a5c54c3f60eeb505ca4a3
3b770c191f2f886a5195f7cbe06c79c54564e77f5713ad9fd4189c6d3c36246b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b8a8c3e723f1d31ce9512ddee97fbf779c311e8c22ce773e38091ae040ed277
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d9dcdcfac982fa59f91260fdb403651e21f7b8702d48c629ea8e8c874e1aaf4
3ffcaf3aff85ea471e55572727adf69be1625f77285886ddda7105ed3177a063
4038a666dfd5af607a0374ad6e934cf1007e78da69329dbc341eaf757bb38beb
406279c57848af2e0beea346c0422ca33364e8f515ac9d67dee0f0b630b9c3eb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49c6f7925a020059af53cab3baa5d2ea485e6807744ba07f1b2e90ee47266a44
4b99468f12b21b72f6dbe5fc910326e357a55eec772149c703dfd8a93673f6b7
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4d744fadf79e753d7d55e1e4af0b52220f72b99d009aa63f23822c9c1eb71f39
4f0ad370969f488034d69b8f21d6ed0174063d731526fc6fd705ccce6c4fb056
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
58e4c2d1ccd3dd14fc005d29344190a33d3f60351e105c65b37d49cfd95dcdc3
59af767d0b1d5dbb41466ae5a39e2d9de577b5d6131eb4d39cac32dce2d5e629
5a0b278eb41a0af4b6f481848a29c1ea4694f72ecec7ab6b47f43799c56dd081
5d35b5e122a1210d87ccf2035dbcb5cf563ef94e38a39fdff82e640a9a2fda84
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
5d7739e67b3f2237373f7b0f808764d185a276ab789f1a283c5b135257997f6b
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
7052d0df9611084837de96895e60f8d25412cef2d0ad29be0e1a8987365f582c
709030cab6e33ca60c369554f31becd83dbfe4c17dc37e17aefd3aba8d862d1c
73aefc68f91234a52983d4c0a8037888d05af3f62d6e9b97993ebc4cb5791cbb
752bb97cae91e90bbe33446d2bc098da8a1ca11af0ef6a680e70b19982d3905d
752f46c537b728feb2017a1e6d4a2b6fa432d6f3a8009d8f6d4da0c8339ba2e2
78a8d6121f5998b1bfe0f66f543b13713caac500c7e46502bb0c3ce5eec28c07
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d8b850b0c1876d3fe8c778d01bc5b8d75078e494e1d4afda48f7ed101d1be74
7ddadeec9cd4248ecd60864abd3badd3fe21fd0811d63eca9da7c102bce9b6b0
7e43e93b94e8187026124f24dead00bfc4e62dca5ab23bb69c00d6738c0bcf4e
7fe7d9054d31a9874fb36aba6a3736c02799bdaab5fed3e007ff334bc4580732
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847179b71cfd908ed00ae6c2b723e4959172348c7eed696f2521591355e68d78
8554e476d3159f4a0e67ef034b52538f8149b37b0f8269fee08d6fcf01557c44
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8a339111827baaee847a3071c91f84fa518a1363f851d6485acdfe5b32f79d70
8a8c0fa1249037db5fc3c80ae9925bb0b1187ac5ad0416a2f984d576f64cb917
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8fbf2fa76dffe0fde9514c859217c43ab0e3022fcbd65a1d07df82fdc72fd068
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99ec0b52b1de59630136e2f94990b2ed5ce0bd5c92a040f304286557df464141
9acaaf9b2a0dfd85a6d7f4a9a2f593edd54bb23f7895a886d953c62f32a6e6e0
9d8f8c89a5f7c90adc5196d1c10fe3e8c46d16cb8d24de13ade83de53183027d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1684874c8bae229c40a136c7ebe1df660961e0722f79076a17ce49294b6e6db
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a5eeda805dd0a4adf47fbe56bec07316c1f2bb4ad15a52e8188acb1105b98382
ac13e157e522107014c5e470edc251317226ead9be6bdda2e9a937b023d479c2
ae39d9e42ba091a03f4d57780b0502b3a92bc2f973bd690538c1e3d4e2b97754
ae527678a5cb8c7aa7eabf72e8ca53eaf98eb0bed6ac105850809dd391567a7c
b50462f32366d272b9926f3fc0a2c69c0772f0263d96d34e4d3d6a72bc5966f1
b62c80a53749bed7d1e8d6a4798f744e4701e66c8383e301621ad8839b24b09c
b70c36674f1298febe27d175904d872013535e9b0e20136b5dd86bb51c2729e0
b82be24736519b8e5beb6d622bed3d7f481da9bacf8374352065d1cf252dc244
b8b7450be03352e049807b56d51797836f83d3e11684c0cf9f76750546bcab12
b9ddcbc73a2a42b603661b51028d38aba3374f67385f3307e1cfcebdee2f4838
c1e0a8e42bbb3a9eb853efb2e041423f86b6776a557aacf7a2ed8370849e530b
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c5aa93f07667e0a7c35b01305acfafaf55caade22b2e6a5cfe19745d068fd503
c7e8b194f2d18d9b41f35135755ac5a77423ed097e384b282c9ba0205f511366
c7ea863753bf75a16561a726cfb38f5868ea30b4e2f837e7fa30f5cf4f2e1065
c8d70946c3b971f61a3a24a011463ea1fd30a1490a34eed4a58b8685441172f4
d1a5aefb6b4a5f49c33133dbeb0660f3c487141fd3073215c34bad4a0457ade7
d36d8a76a8b7d7fe8655db34eb54e4a4b6d422cdd1a67810d3dd5c014edb14e4
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d8e4504620500828239f5163147675ffa2b0b6f4f29b80d17e82d58d59eceed5
db644e9276944dd7bdca398449aba2be827673f3bf2cee8bfce745af80dfb911
dbb3edea4eec4d403d47965fff241ed0858b82c27e07793afc6ac11bd49fb801
ddc9e3531f279fde534eb2f47fe25f3dfa5e480986b511f84fda04cdab16a620
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd38c3fab32a93b864371c8abc33b0b5f611b816279280d69fee9acac50f3b6
e0e2aef977783f74cd134e3a6c49c48252f084dd7c571e14ecd3bd6abc9854e9
e362042c21cd3b62237416645f647b070d008bcb2523bb2861cc811f2d420261
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e41e2b5c9df3073d6f7da0080ad2f3eca4994ab372d2f65fa76b14f8868663ec
e868d39bbb74d42dffcee0cb1a50ecd105e1a1737d9080246dbdd54a8206d8f0
ed84d9abf30b626f827d00e91ba265c59a8d644bc6994c75181e36857d286f1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
f124f1e0926cdb686cb73fa9ffdd58ce725e0fb21207d9ca3dba03a1a354c97f
f20c9190995190125803fd02becfc4268a0b0b0096d9641c90ea5d82fa0de694
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
f6fc5c6a46a78578e8d23167f7d0e9f0d03fe775434bde1a6f40d19e25592df7
f7c9d37580dcd33213807982f02ca87461b15f84702cb736e54a13868ed25499
f8218d17d50b63f63ce5b2ce7e7f89a1fb6bcc894391b68ae6f2409db5fa4b2a