consulting216.sharefile.com Open in urlscan Pro
52.22.72.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://consulting216.sharefile.com/d-s10dda8f90cc4a17a
Submission: On June 23 via manual (June 23rd 2020, 7:27:09 pm UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 52.22.72.157, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is consulting216.sharefile.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 25th 2020. Valid for: a year.

This is the only time consulting216.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	52.22.72.157 52.22.72.157	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
1	143.204.94.37 143.204.94.37	16509 (AMAZON-02) (AMAZON-02)
1	104.225.98.129 104.225.98.129	36236 (NETACTUATE) (NETACTUATE)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
13	6

8 52.22.72.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-72-157.compute-1.amazonaws.com

consulting216.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.57.45 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-37.fra50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.129 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 129.98.225.104.ptr.anycast.net

i2-fquufnebzqqyqzdtxtgbttvxbivrpq.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	sharefile.com consulting216.sharefile.com	574 KB
3	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	19 KB
1	cedexis-radar.net i2-fquufnebzqqyqzdtxtgbttvxbivrpq.init.cedexis-radar.net	1 KB
1	pendo.io cdn.pendo.io	109 KB
0	sf-api.com Failed consulting216.sf-api.com Failed
13	5

	Domain	Requested by
8	consulting216.sharefile.com	consulting216.sharefile.com
2	radar.cedexis.com	1 redirects consulting216.sharefile.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-fquufnebzqqyqzdtxtgbttvxbivrpq.init.cedexis-radar.net	radar.cedexis.com
1	cdn.pendo.io	consulting216.sharefile.com
0	consulting216.sf-api.com Failed	consulting216.sharefile.com
13	6

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com DigiCert SHA2 Secure Server CA	`2020-03-25` - `2021-03-30`	a year	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a
Frame ID: 695F91F701CF7BDB151B366AE7DCFB5F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

92 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

704 kB
Transfer

2295 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1571758301/radar.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d-s10dda8f90cc4a17a Show response
consulting216.sharefile.com/ 3 KB
2 KB 19442ms
18888ms Document
text/html 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/d-s10dda8f90cc4a17a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

ea34a957df2368af2412ef4b7617b6bb57c276dba3dc71fa33bd5e1ce62aa8c4

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-t2r1vo5RZxWZYE9ib+mGGg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: consulting216.sharefile.com
:scheme: https
:path: /d-s10dda8f90cc4a17a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=zdlmnxqbaopvuaypf4ejpxkz; path=/; secure; HttpOnly SFWEB_SRVNAME=i-0bb77ced72bbbcf45; path=/
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-t2r1vo5RZxWZYE9ib+mGGg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Tue, 23 Jun 2020 19:26:51 GMT
content-length: 1286
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 spinner.css
consulting216.sharefile.com/css/ 1 KB
789 B 2443ms
2440ms Stylesheet
text/css 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/css/spinner.css

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:26:55 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 10 Jun 2020 20:14:48 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
etag: "0ec28ca633fd61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 ShimSham Show response
consulting216.sharefile.com/javascript/bundles/ 86 KB
26 KB 2443ms
2441ms Script
text/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jun 2020 19:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 19:26:55 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 25784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: Wed, 23 Jun 2021 19:26:55 GMT

GET
H2 200 index.0a6153f8e5ba1ca09d3e.js Show response
consulting216.sharefile.com/bundles/ 2 MB
526 KB 2443ms
2441ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/bundles/index.0a6153f8e5ba1ca09d3e.js

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

1c7ba0c942801f068e16d63132b99c48fdac3b10b82bd2d57e7ed623a01b3031

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:26:55 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 10 Jun 2020 20:17:26 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
status: 200
etag: "0cf5528643fd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
x-content-type-options: nosniff

GET
H2 200 spinner.svg
consulting216.sharefile.com/css/ 1 KB
1 KB 2045ms
2045ms Image
image/svg+xml 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consulting216.sharefile.com/css/spinner.svg

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/d-s10dda8f90cc4a17a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:26:56 GMT
referrer-policy: same-origin
last-modified: Wed, 10 Jun 2020 20:14:48 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
etag: "0ec28ca633fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: image/svg+xml
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

GET
H2

200

radar.js Show response
radar.cedexis.com/1571758301/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1571758301/radar.js

44 KB
18 KB

73ms
73ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1571758301/radar.js
Requested by: Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/share/view/s10dda8f90cc4a17a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.57.45 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d4bc9e5c7c94b708122d7e9a538acad6687b959875981d60dac16c4af93a337

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:27:00 GMT
content-encoding: gzip
last-modified: Tue, 22 Oct 2019 15:40:21 GMT
server: nginx
etag: W/"5daf22e5-aed4"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1209600, public
alt-svc: clear
via: 1.1 google
expires: Tue, 07 Jul 2020 19:27:00 GMT

Redirect headers

date: Tue, 23 Jun 2020 19:27:00 GMT
via: 1.1 google
server: nginx
status: 302
vary: User-Agent,DNT
content-type: text/html
location: /1571758301/radar.js
cache-control: max-age=600
alt-svc: clear
content-length: 154
expires: Tue, 23 Jun 2020 19:37:00 GMT

GET
H2 200 e9504c752521022cfb33.js Show response
consulting216.sharefile.com/bundles/ 29 KB
10 KB 1436ms
1435ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/bundles/e9504c752521022cfb33.js

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/bundles/index.0a6153f8e5ba1ca09d3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

789190df3cf0e1a109c3c10250486efba4c6482a2d051d88a05913cad92fca98

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/share/view/s10dda8f90cc4a17a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 9683
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 10 Jun 2020 20:17:26 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
etag: "0cf5528643fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 2ad109a6ba685c7bc852.js Show response
consulting216.sharefile.com/bundles/ 2 KB
1 KB 1436ms
1436ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/bundles/2ad109a6ba685c7bc852.js

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/bundles/index.0a6153f8e5ba1ca09d3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

51e63707ba72d518cba780692bac8caf70c37512440dbca578e9ddf085280754

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/share/view/s10dda8f90cc4a17a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 869
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 10 Jun 2020 20:17:26 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
etag: "0cf5528643fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 a7c1e29c38cb4bad4750.js Show response
consulting216.sharefile.com/bundles/ 17 KB
7 KB 1437ms
1436ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting216.sharefile.com/bundles/a7c1e29c38cb4bad4750.js

Requested by

Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/bundles/index.0a6153f8e5ba1ca09d3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

e8a816450fe1c2f3fa265393fe819e29cda6b6b65dd1df5f4575ce06acd22c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting216.sharefile.com/share/view/s10dda8f90cc4a17a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 19:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 6551
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 10 Jun 2020 20:17:26 GMT
x-sf-server: web_ssl/i-0bb77ced72bbbcf45_us-east-1b
etag: "0cf5528643fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 343 KB
109 KB 208ms
55ms Script
application/javascript 143.204.94.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: consulting216.sharefile.com
URL: https://consulting216.sharefile.com/share/view/s10dda8f90cc4a17a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-37.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 4898ffefa942caced6faf9fdfcde71ca26795021ecfcb9e1e2266ccc3026c2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 19:25:37 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 469
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 16 Jun 2020 19:08:08 GMT
Server: UploadServer
ETag: "5d23f9b0310880249c4d08b198fe2c0b"
Vary: Accept-Encoding
x-goog-hash: crc32c=lZzAag==, md5=XSP5sDEIgCScTQixmP4sCw==
x-goog-generation: 1592334488185674
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 110794
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUlklLufC1NBPl6F6jN1280hIpVO3XjK3FeUxfJRMitHx7O-tMoLEYArbpKmHMHPTxjaXre8fXEO22nL6n0WIg
X-Amz-Cf-Id: T3Cft9iBydpz2wRiUBBi2R43UiyDKvS0FgU4qD_NnfddXHlhdz9twA==
Expires: Tue, 23 Jun 2020 19:26:41 GMT

GET
H/1.1 200
Ok providers.json Show response
i2-fquufnebzqqyqzdtxtgbttvxbivrpq.init.cedexis-radar.net/i2/1/55156/j1/20/119/1592940420/0/0/ 3 KB
1 KB 207ms
56ms XHR
application/json 104.225.98.129
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-fquufnebzqqyqzdtxtgbttvxbivrpq.init.cedexis-radar.net/i2/1/55156/j1/20/119/1592940420/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.129 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 129.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: c38b094b0fb881a23acf97924a2ab51b011f726b53d0ca26ffd3f7df84f197fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 19:27:00 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET Branding
consulting216.sf-api.com/sf/v3/Accounts/ 0
0

GET
H/1.1 200
Ok 1592940415924 Show response
rpt.cedexis.com/n1/0/1592940394025/0/0/0/0/1592940394025/1592940394026/1592940394049/1592940394049/1592940394579/1592940394077/1592940394579/1592940413467/1592940413468/1592940413472/1592940420321/... 16 B
283 B 51ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1592940394025/0/0/0/0/1592940394025/1592940394026/1592940394049/1592940394049/1592940394579/1592940394077/1592940394579/1592940413467/1592940413468/1592940413472/1592940420321/1592940420321/1592940420321/1592940421773/1592940421773/1592940421774/_CgJqMRAUGHciBggBEPSuAyjL9JrSDTCEr8n3BTiEr8n3BUDYjK8UShAIAxA1GOzCASAAKO6DgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEAgDEKsBGLFGIAAo-I2AoASIAcLHpZsGkAEAmAEA/0/1592940415924
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Jun 2020 19:27:01 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consulting216.sf-api.com
URL: https://consulting216.sf-api.com/sf/v3/Accounts/Branding

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			consulting216.sharefile.com/	1969-12-31 23:59:59	Name: SFWEB_SRVNAME Value: i-0bb77ced72bbbcf45
			consulting216.sharefile.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zdlmnxqbaopvuaypf4ejpxkz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-t2r1vo5RZxWZYE9ib+mGGg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
consulting216.sf-api.com
consulting216.sharefile.com
i2-fquufnebzqqyqzdtxtgbttvxbivrpq.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
consulting216.sf-api.com
104.225.98.129
143.204.94.37
2607:f740:e619::1
35.241.57.45
52.22.72.157
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1c7ba0c942801f068e16d63132b99c48fdac3b10b82bd2d57e7ed623a01b3031
2d4bc9e5c7c94b708122d7e9a538acad6687b959875981d60dac16c4af93a337
4898ffefa942caced6faf9fdfcde71ca26795021ecfcb9e1e2266ccc3026c2e3
51e63707ba72d518cba780692bac8caf70c37512440dbca578e9ddf085280754
789190df3cf0e1a109c3c10250486efba4c6482a2d051d88a05913cad92fca98
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
c38b094b0fb881a23acf97924a2ab51b011f726b53d0ca26ffd3f7df84f197fc
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
e8a816450fe1c2f3fa265393fe819e29cda6b6b65dd1df5f4575ce06acd22c33
ea34a957df2368af2412ef4b7617b6bb57c276dba3dc71fa33bd5e1ce62aa8c4

consulting216.sharefile.com Open in urlscan Pro 52.22.72.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

92 %HTTPS

20 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

704 kBTransfer

2295 kBSize

2 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

consulting216.sharefile.com Open in urlscan Pro
52.22.72.157 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

704 kB
Transfer

2295 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions