URL: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Submission: On May 13 via manual from US

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 77 HTTP transactions. The main IP is 76.223.1.166, located in United States and belongs to AMAZON-02, US. The main domain is dciconsult.sharefile.com.
TLS certificate: Issued by Amazon on November 18th 2020. Valid for: a year.
This is the only time dciconsult.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 76.223.1.166 16509 (AMAZON-02)
6 151.101.14.217 54113 (FASTLY)
1 2 35.241.57.45 15169 (GOOGLE)
1 13.224.95.84 16509 (AMAZON-02)
1 104.225.98.131 36236 (NETACTUATE)
1 2607:f740:e61... 63911 (NETACTUAT...)
2 2001:4860:480... 15169 (GOOGLE)
2 34.198.115.132 14618 (AMAZON-AES)
4 34.107.168.21 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.248.193.251 16509 (AMAZON-02)
7 2620:1ec:a92:... 8068 (MICROSOFT...)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
77 14
Domain Requested by
20 dciconsult.sharefile.com dciconsult.sharefile.com
16 dciconsult.sf-api.com dciconsult.sharefile.com
10 c1-word-view-15.cdn.office.net word-view.officeapps.live.com
c1-word-view-15.cdn.office.net
7 word-view.officeapps.live.com word-view.officeapps.live.com
c1-word-view-15.cdn.office.net
6 app.launchdarkly.com dciconsult.sharefile.com
4 citrix-sharefile-content.customer.pendo.io cdn.pendo.io
2 sf-cv.sharefile.com dciconsult.sharefile.com
2 events.launchdarkly.com dciconsult.sharefile.com
2 citrix-sharefile-data.customer.pendo.io cdn.pendo.io
2 radar.cedexis.com 1 redirects dciconsult.sharefile.com
1 pendo-static-5352587489443840.storage.googleapis.com
1 rpt.cedexis.com radar.cedexis.com
1 i2-mnjpjjwtngcnhejjldcrcnsgdxgzpx.init.cedexis-radar.net radar.cedexis.com
1 cdn.pendo.io dciconsult.sharefile.com
77 14

This site contains links to these domains. Also see Links.

Domain
community.sharefilesupport.com
Subject Issuer Validity Valid
*.sharefile.com
Amazon
2020-11-18 -
2021-12-19
a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
radar.cedexis.com
Go Daddy Secure Certificate Authority - G2
2019-06-26 -
2021-08-25
2 years crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA
2019-06-04 -
2021-09-02
2 years crt.sh
*.sf-api.com
Amazon
2020-11-17 -
2021-12-17
a year crt.sh
*.init.cedexis-radar.net
Go Daddy Secure Certificate Authority - G2
2019-11-14 -
2022-01-13
2 years crt.sh
citrix-sharefile-data.customer.pendo.io
GTS CA 1D4
2021-04-18 -
2021-07-17
3 months crt.sh
events.launchdarkly.com
Amazon
2020-10-19 -
2021-11-17
a year crt.sh
citrix-sharefile-content.customer.pendo.io
GTS CA 1D4
2021-05-01 -
2021-07-30
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
officeapps.live.com
DigiCert Cloud Services CA-1
2021-04-30 -
2022-04-29
a year crt.sh
*.cdn.office.net
Microsoft RSA TLS CA 01
2021-01-26 -
2022-01-26
a year crt.sh

This page contains 2 frames:

Primary Page: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Frame ID: 3289129FE321015278FDC586710AC0AC
Requests: 44 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Frame ID: 7A074B1E8C7BDC2BA267C14B0DA68BB6
Requests: 20 HTTP requests in this frame

Screenshot


Page Statistics

77
Requests

96 %
HTTPS

38 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

1642 kB
Transfer

6400 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://radar.cedexis.com/1/55156/radar.js HTTP 302
  • https://radar.cedexis.com/1593429750/radar.js

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request d-sfc72eb10a8144921905dbd61011fd2ee
dciconsult.sharefile.com/
3 KB
3 KB
Document
General
Full URL
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash
462f94877de43e7825105a2661ea64de287e77d84ff0818ee36464ea1475cdb8
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-Yul0Ip5rkNNokM02L3/SCA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dciconsult.sharefile.com
:scheme
https
:path
/d-sfc72eb10a8144921905dbd61011fd2ee
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:20 GMT
content-type
text/html; charset=utf-8
content-length
1321
set-cookie
AWSALBTG=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBTGCORS=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure AWSALB=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBCORS=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i; path=/; secure; HttpOnly; SameSite=None
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
708e82af-2f92-4e77-a99a-86c3600e7426
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-Yul0Ip5rkNNokM02L3/SCA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
spinner.css
dciconsult.sharefile.com/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://dciconsult.sharefile.com/css/spinner.css
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/spinner.css
pragma
no-cache
cookie
AWSALBTG=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; AWSALBTGCORS=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; AWSALB=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; AWSALBCORS=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:20 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 15:58:42 GMT
server
Microsoft-IIS/10.0
etag
"0651bae4747d71:0"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=hZgVhp0xfb3ptHu1DH4URp13/xpZ3tsLChPrhkmQpaJv3ecy5G7z7IhU+TfI5y8XG+1qzDC6OuBzibMkxbOWARMuF6WiqPXc3U2BqbDUnOw7GJyEoSQRict0Rbc6ivrRFTa33Zp71dzqSvFbhJQ4QkNtbg/kU9EdKaMEoJvOSVTJ; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBTGCORS=hZgVhp0xfb3ptHu1DH4URp13/xpZ3tsLChPrhkmQpaJv3ecy5G7z7IhU+TfI5y8XG+1qzDC6OuBzibMkxbOWARMuF6WiqPXc3U2BqbDUnOw7GJyEoSQRict0Rbc6ivrRFTa33Zp71dzqSvFbhJQ4QkNtbg/kU9EdKaMEoJvOSVTJ; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure AWSALB=nU7F7Jj+Vv1XS9Hoo+8f9fgtTBTzpR2jXnJmU4/HvTw4Zt1x438vhUWapPhKVWBR59SrExct+9KH1zaLTCB4aqBytJxb54ol5/rcvUM0Laa+R7Oy1dgIGevFnpMY; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBCORS=nU7F7Jj+Vv1XS9Hoo+8f9fgtTBTzpR2jXnJmU4/HvTw4Zt1x438vhUWapPhKVWBR59SrExct+9KH1zaLTCB4aqBytJxb54ol5/rcvUM0Laa+R7Oy1dgIGevFnpMY; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
425
x-content-type-options
nosniff
ShimSham
dciconsult.sharefile.com/javascript/bundles/
86 KB
26 KB
Script
General
Full URL
https://dciconsult.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
pragma
no-cache
cookie
AWSALBTG=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; AWSALBTGCORS=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; AWSALB=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; AWSALBCORS=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid
ee393bd9-a977-4560-8bcc-af3d3fec0b34
date
Thu, 13 May 2021 18:25:20 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Thu, 13 May 2021 18:25:20 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
set-cookie
AWSALBTG=yCRP1+KZhrxulaA3FajI3tmju1I5YQYjy5VwQdLUkDB5Nrf5DjJiEQbQyE49BMTueiNSFEpb7CJRWJWavlhAoUKZ8UDlwdIyLgF4octinVz35Iep7sPJpKHYIlhuuMPFLYiPLatehr6AhKZjy/I3ErUlof7F0rGGJ7TVHsv2F1j0; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBTGCORS=yCRP1+KZhrxulaA3FajI3tmju1I5YQYjy5VwQdLUkDB5Nrf5DjJiEQbQyE49BMTueiNSFEpb7CJRWJWavlhAoUKZ8UDlwdIyLgF4octinVz35Iep7sPJpKHYIlhuuMPFLYiPLatehr6AhKZjy/I3ErUlof7F0rGGJ7TVHsv2F1j0; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure AWSALB=w8n4htLt9nuUMW3vsWqUVMCfTeocHp+yiDauVez1jONw2hXi54tkS6pZ7d6Vz345MYHJsa0vl0Yn01Q58SY2o6zjlENqIJHqz7Sg/BpQYAOeOHpoNQR9C/zNif0h; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBCORS=w8n4htLt9nuUMW3vsWqUVMCfTeocHp+yiDauVez1jONw2hXi54tkS6pZ7d6Vz345MYHJsa0vl0Yn01Q58SY2o6zjlENqIJHqz7Sg/BpQYAOeOHpoNQR9C/zNif0h; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
25784
x-content-type-options
nosniff
expires
Fri, 13 May 2022 18:25:20 GMT
index.bdf435ee10b95f848a86.js
dciconsult.sharefile.com/bundles/
2 MB
564 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
eaaeed609327c4ba82db5346f9a5985bd76b33c28e91d1767c36171fe369d961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/index.bdf435ee10b95f848a86.js
pragma
no-cache
cookie
AWSALBTG=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; AWSALBTGCORS=YXSZjIYw7loKl9dPQRHbveKWQp5rh3c9NGuWo61la6+bnPjQcvfA0VAV1Wkr743iPmaBXEPn7kCPnkLTmZGLC4t5IuW1Sd5KVnRo3kMfncuaYkdhgrhviQAhxwxAsrDRbsshL7VjBOJmCbuSIyqmdneNh7TRPPac677mPQgPTww3; AWSALB=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; AWSALBCORS=L8aZxifcVIXkGJ8hLYqApqxnPSPx6Nbfk66GkW8asOirxUcLWC/qYr5DDKRpxItAypJ7b2fa6eAfVVESxdbGmJExP86RxYLlNHWvVn1t1+VHeNEnKDXNZ6nLxGtY; ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:20 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=r3pmkzD64gSUtDcsoIR0IZjiZoqi0TRiJIUQOmBMxVIBjmtL1BGi7Ombyp8t6oi1UvR8H83Rpm8d6T2VS2pEw9e+iRzxk3vLRmBTsDEiQnAzfePUqsOMe4I7T+xyMbTAimh+ncOurZo3I5yNwau3lMMFL/6aFcv6OTY2VLTWc/yS; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBTGCORS=r3pmkzD64gSUtDcsoIR0IZjiZoqi0TRiJIUQOmBMxVIBjmtL1BGi7Ombyp8t6oi1UvR8H83Rpm8d6T2VS2pEw9e+iRzxk3vLRmBTsDEiQnAzfePUqsOMe4I7T+xyMbTAimh+ncOurZo3I5yNwau3lMMFL/6aFcv6OTY2VLTWc/yS; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure AWSALB=O1OJ1Jnzhwj3v62kEQxOpv7fo7HW9ZLa+EGI/8M6dhs4qifirVawLlpCXzEnqauo+9k4aGlKNZrlML1RQ5bYXIpCKRrfF0ttGH1B3Zd/c9PofajPEBXWBD4fkEKd; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/ AWSALBCORS=O1OJ1Jnzhwj3v62kEQxOpv7fo7HW9ZLa+EGI/8M6dhs4qifirVawLlpCXzEnqauo+9k4aGlKNZrlML1RQ5bYXIpCKRrfF0ttGH1B3Zd/c9PofajPEBXWBD4fkEKd; Expires=Thu, 20 May 2021 18:25:20 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
576210
x-content-type-options
nosniff
spinner.svg
dciconsult.sharefile.com/css/
1 KB
2 KB
Image
General
Full URL
https://dciconsult.sharefile.com/css/spinner.svg
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/css/spinner.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/css/spinner.svg
pragma
no-cache
cookie
ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i; AWSALBTG=hZgVhp0xfb3ptHu1DH4URp13/xpZ3tsLChPrhkmQpaJv3ecy5G7z7IhU+TfI5y8XG+1qzDC6OuBzibMkxbOWARMuF6WiqPXc3U2BqbDUnOw7GJyEoSQRict0Rbc6ivrRFTa33Zp71dzqSvFbhJQ4QkNtbg/kU9EdKaMEoJvOSVTJ; AWSALBTGCORS=hZgVhp0xfb3ptHu1DH4URp13/xpZ3tsLChPrhkmQpaJv3ecy5G7z7IhU+TfI5y8XG+1qzDC6OuBzibMkxbOWARMuF6WiqPXc3U2BqbDUnOw7GJyEoSQRict0Rbc6ivrRFTa33Zp71dzqSvFbhJQ4QkNtbg/kU9EdKaMEoJvOSVTJ; AWSALB=nU7F7Jj+Vv1XS9Hoo+8f9fgtTBTzpR2jXnJmU4/HvTw4Zt1x438vhUWapPhKVWBR59SrExct+9KH1zaLTCB4aqBytJxb54ol5/rcvUM0Laa+R7Oy1dgIGevFnpMY; AWSALBCORS=nU7F7Jj+Vv1XS9Hoo+8f9fgtTBTzpR2jXnJmU4/HvTw4Zt1x438vhUWapPhKVWBR59SrExct+9KH1zaLTCB4aqBytJxb54ol5/rcvUM0Laa+R7Oy1dgIGevFnpMY
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/css/spinner.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/css/spinner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:21 GMT
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 15:58:42 GMT
server
Microsoft-IIS/10.0
etag
"0651bae4747d71:0"
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBTGCORS=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure AWSALB=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBCORS=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
1093
x-content-type-options
nosniff
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
300
allow
GET, OPTIONS, HEAD
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Thu, 13 May 2021 18:25:21 GMT
via
1.1 varnish
x-served-by
cache-fra19123-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1620930322.721910,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
REPORT
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
REPORT, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
allow
REPORT, OPTIONS
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Thu, 13 May 2021 18:25:21 GMT
via
1.1 varnish
x-served-by
cache-fra19123-FRA
x-cache
HIT
x-cache-hits
3
x-timer
S1620930322.795865,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/
2 B
172 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.18.0
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Thu, 13 May 2021 18:25:21 GMT
content-length
26
x-served-by
cache-fra19123-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1620930322.852053,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
1
radar.js
radar.cedexis.com/1593429750/
Redirect Chain
  • https://radar.cedexis.com/1/55156/radar.js
  • https://radar.cedexis.com/1593429750/radar.js
44 KB
18 KB
Script
General
Full URL
https://radar.cedexis.com/1593429750/radar.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.57.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:22 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:30:33 GMT
server
nginx
etag
W/"5ef9d0d9-af5c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=1209600, public
alt-svc
clear
expires
Thu, 27 May 2021 18:25:22 GMT

Redirect headers

date
Thu, 13 May 2021 18:25:22 GMT
via
1.1 google
server
nginx
vary
User-Agent,DNT
content-type
text/html
location
/1593429750/radar.js
cache-control
max-age=600
alt-svc
clear
content-length
154
expires
Thu, 13 May 2021 18:35:22 GMT
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/
2 KB
582 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27b1c336fe632e91087181d1cb2086d23e4257b8874571ac648f4535126c8e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
X-LaunchDarkly-User-Agent
JSClient/2.18.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
age
0
x-cache
MISS
access-control-max-age
300
date
Thu, 13 May 2021 18:25:21 GMT
x-served-by
cache-fra19123-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1620930322.846480,VS0,VE96
etag
"467cb"
vary
Accept-Encoding, Authorization
access-control-allow-methods
REPORT, OPTIONS
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
5ae5f32be73e89c21a64.js
dciconsult.sharefile.com/bundles/
29 KB
10 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/5ae5f32be73e89c21a64.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f25d3521d48404087e17ffa730b3b308ebf3a59cc5bc1f5b7e02286947ce4e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/5ae5f32be73e89c21a64.js
pragma
no-cache
cookie
ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i; AWSALBTG=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; AWSALBTGCORS=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; AWSALB=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU; AWSALBCORS=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:21 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=x8BYnEH0vDB4CiQCPX51JtPfgYN3JNn7ZSB2E+D7DZMCaSz8QLqljgCwbOCAVuQ0IE0vVVEEbloI23auFCS8q2l8qDIXRZWm+trppMCP6ez1q4nI6jcn/olYmG4OXcjkNLdviS86ir6KS/+8sph15XqgqOEFcnyo4lngl2LX56eD; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBTGCORS=x8BYnEH0vDB4CiQCPX51JtPfgYN3JNn7ZSB2E+D7DZMCaSz8QLqljgCwbOCAVuQ0IE0vVVEEbloI23auFCS8q2l8qDIXRZWm+trppMCP6ez1q4nI6jcn/olYmG4OXcjkNLdviS86ir6KS/+8sph15XqgqOEFcnyo4lngl2LX56eD; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure AWSALB=qMGC7vSQnWoNpdZtOZuByWgcU8WSiQqHGzBnzb8GX+zidShBYdxj3po7bNpNzMBpptkp/wucvpsEDzoFn7u9IylggRwI7QZPdWTjt8RnjiDxRDAkj2Vsbe0ctRej; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBCORS=qMGC7vSQnWoNpdZtOZuByWgcU8WSiQqHGzBnzb8GX+zidShBYdxj3po7bNpNzMBpptkp/wucvpsEDzoFn7u9IylggRwI7QZPdWTjt8RnjiDxRDAkj2Vsbe0ctRej; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
9416
x-content-type-options
nosniff
c6e2504b816a8000ae57.js
dciconsult.sharefile.com/bundles/
2 KB
2 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/c6e2504b816a8000ae57.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d2fc51019df30fa168879139f74017a80fb43fff46c54718f68f334c7b40aef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/c6e2504b816a8000ae57.js
pragma
no-cache
cookie
ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i; AWSALBTG=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; AWSALBTGCORS=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; AWSALB=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU; AWSALBCORS=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:21 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:44 GMT
server
Microsoft-IIS/10.0
etag
"0aa593e4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=X3nry6595SVLHc7grSeUKk101iwyY+XzAR+595MKVuFMrVIl5NQ1qsS8ukjLjzapwKfe3jwuRTFh5ftxdEfjFA8PUXU8uQYN8dfT2VBbU7bpCcGgxUAN3ArjdID97ooGRjPjMXCkpfYXEViLZIdrwNdihSZfddG+hjDMkgV4a0a5; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBTGCORS=X3nry6595SVLHc7grSeUKk101iwyY+XzAR+595MKVuFMrVIl5NQ1qsS8ukjLjzapwKfe3jwuRTFh5ftxdEfjFA8PUXU8uQYN8dfT2VBbU7bpCcGgxUAN3ArjdID97ooGRjPjMXCkpfYXEViLZIdrwNdihSZfddG+hjDMkgV4a0a5; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure AWSALB=xwzHl/6JzNZsdmif1x86yzftTMVGjlYGEyeD/6SeInIHJiRJ5VqWm9RaGO1z+UrprCs01g+3R9hEwg+UkTwtXz0wq1ApdQAJWia+IhFkyAt9Rue4czjqJpljonNC; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBCORS=xwzHl/6JzNZsdmif1x86yzftTMVGjlYGEyeD/6SeInIHJiRJ5VqWm9RaGO1z+UrprCs01g+3R9hEwg+UkTwtXz0wq1ApdQAJWia+IhFkyAt9Rue4czjqJpljonNC; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
869
x-content-type-options
nosniff
59b554da6502be68a43c.js
dciconsult.sharefile.com/bundles/
17 KB
8 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/59b554da6502be68a43c.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
8dc2d4e78fa4e1f268d5b767cdc47f64f26d9283c66e6ce6bdbe49c503243561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/59b554da6502be68a43c.js
pragma
no-cache
cookie
ASP.NET_SessionId=kxgfg2so3lqu3abpz5kcv44i; AWSALBTG=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; AWSALBTGCORS=FeiU1e1BnOQWMQyd+axj5byuFYzUHCdWJrQyDSV9mdDXS8XHNUmGaUUd9n7wUmiWFhxdgI/1paRfEFDBJwvWAXZA94MW9IU2ceceVy67ZWSGyflYiY1l0gt5J4eFKbJBglJG2jorjYQrAwe1s+CHHdW48Gf2dlW55DT4HhjRnpeK; AWSALB=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU; AWSALBCORS=NRgdPxU+s9FslUIAOgfHpU/eTRvlVKxF1Ys8Wd/ejzyPdolv8zQVd/e27yyyehyUWp78X6ruGiceGNijbaUYjG91ERv4BPJ+YOeGYMJV0PA/afZgDx3R8q/H2MxU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:21 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:44 GMT
server
Microsoft-IIS/10.0
etag
"0aa593e4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=U0PQ4JrtqUPwYVpfoLKfIi0Ru2SS14JTBSZYH/HuSrZH/65kxESaYI1wP/Aw0uDDREi9YA88s4brR/UmNtkPyjvHxKcmzvUwoeW/woRzLrTOAT5ZEM6K1RW2Qd3Oh2j3R+IwG7dwcE6Wga4M3IHgzHMQ+JFg5sQ9CPk5uvCA1jG0; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBTGCORS=U0PQ4JrtqUPwYVpfoLKfIi0Ru2SS14JTBSZYH/HuSrZH/65kxESaYI1wP/Aw0uDDREi9YA88s4brR/UmNtkPyjvHxKcmzvUwoeW/woRzLrTOAT5ZEM6K1RW2Qd3Oh2j3R+IwG7dwcE6Wga4M3IHgzHMQ+JFg5sQ9CPk5uvCA1jG0; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure AWSALB=DBwQdbldkDwZHtlAZpD5defrP9YOBm+7kZSRkcI9lgV/np/Jm8v+ipcrfRJhNPSsj8MaI24McueoYQfDTEg8QQRg4MaRhP9wA3mMcVM0X3R7NpD+xRF++uBr3obA; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/ AWSALBCORS=DBwQdbldkDwZHtlAZpD5defrP9YOBm+7kZSRkcI9lgV/np/Jm8v+ipcrfRJhNPSsj8MaI24McueoYQfDTEg8QQRg4MaRhP9wA3mMcVM0X3R7NpD+xRF++uBr3obA; Expires=Thu, 20 May 2021 18:25:21 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
6697
x-content-type-options
nosniff
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/
396 KB
124 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-84.zrh50.r.cloudfront.net
Software
UploadServer /
Resource Hash
18bb515a611b1aa19cc5520f9016f6ca2bde7005e190cefab802b1b30610ace5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 18:25:20 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
164
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 06 May 2021 19:09:08 GMT
Server
UploadServer
ETag
"a2dc759886a81bf2c64e1cc0c9e8c710"
Vary
Accept-Encoding
x-goog-hash
crc32c=WQO3Bw==, md5=otx1mIaoG/LGThzAyejHEA==
x-goog-generation
1620328148644613
Via
1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
126265
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
X-GUploader-UploadID
ABg5-UzO-zOAwm4lRPUDHv8a0M8n09SCR0wL3IsdnzzO_1pX3ndQlrjqlFtKRbFJj-BlpcvzCS1YpvsltRMO8XD2Vkno6VQz5Q
X-Amz-Cf-Id
p2JBTUxillBDhNnO3PYDZCh-NW1tIgfjQjM9ZsA29Je9BgW4p_qh5w==
Expires
Thu, 13 May 2021 18:30:08 GMT
Branding
dciconsult.sf-api.com/sf/v3/Accounts/
3 KB
2 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Accounts/Branding
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
856af3e1b2e72568276213ca230dc282db705102c7925c18c508c02c130ba3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
D0IAu89Z1-VlRDCFUtW0aw
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
34ec187f-4388-4ad1-afbb-1cbbcd29a7ae
date
Thu, 13 May 2021 18:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
D0IAu89Z1-VlRDCFUtW0aw
vary
Accept-Encoding
content-length
1090
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127230685704
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
Branding
dciconsult.sf-api.com/sf/v3/Accounts/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Accounts/Branding
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:22 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127223090804
citrix-transactionid
b59d6155-01ab-431b-b85c-4f7164cca2d7
correlationid
Bd3cZvT1FUePdMGbiQjtkg
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
providers.json
i2-mnjpjjwtngcnhejjldcrcnsgdxgzpx.init.cedexis-radar.net/i2/1/55156/j1/20/122/1620930322/0/0/
3 KB
1 KB
XHR
General
Full URL
https://i2-mnjpjjwtngcnhejjldcrcnsgdxgzpx.init.cedexis-radar.net/i2/1/55156/j1/20/122/1620930322/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.225.98.131 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS
131.98.225.104.ptr.anycast.net
Software
nginx/1.10.3 /
Resource Hash
fe4c136f89c394636b998f1e239c5758564dc25bd1f2cf43f08bf8e703df5555

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 18:25:22 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
1620930321051
rpt.cedexis.com/n1/0/1620930319890/0/0/0/0/1620930319890/1620930319891/1620930319914/1620930319914/1620930320157/1620930319932/1620930320157/1620930320880/1620930320881/1620930320891/1620930321788/...
16 B
283 B
XHR
General
Full URL
https://rpt.cedexis.com/n1/0/1620930319890/0/0/0/0/1620930319890/1620930319891/1620930319914/1620930319914/1620930320157/1620930319932/1620930320157/1620930320880/1620930320881/1620930320891/1620930321788/1620930321788/1620930321788/1620930322383/1620930322383/1620930322384/_CgJqMRAUGHoiBggBEPSuAyjktuXKCjCS3vWEBjiS3vWEBkCivcr6BEoPCAMQNRiXaCAAKPODgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMy5hbXMuaHYucHJvZIIBDwgDEA0YsUYgACiIgYCgBIgBuenTpgOQAQCYAQA/0/1620930321051
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 18:25:22 GMT
Server
nginx/1.10.3
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Content-Length
16
Branding
dciconsult.sf-api.com/sf/v3/Accounts/
3 KB
2 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Accounts/Branding
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
856af3e1b2e72568276213ca230dc282db705102c7925c18c508c02c130ba3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
qVpUOgZ50P_A_0aVqcAobg
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
ea92ca84-2416-4b93-98a9-527bcd01c871
date
Thu, 13 May 2021 18:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
qVpUOgZ50P_A_0aVqcAobg
vary
Accept-Encoding
content-length
1090
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127238862586
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/
2 KB
751 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2640bd9724ef2a00d4f8c0b5a0f1cd24db69640ff9ced6f815faa591d601bfe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
X-LaunchDarkly-User-Agent
JSClient/2.18.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
age
0
x-cache
MISS
access-control-max-age
300
date
Thu, 13 May 2021 18:25:23 GMT
x-served-by
cache-fra19123-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1620930323.434391,VS0,VE95
etag
"467cb"
vary
Accept-Encoding, Authorization
access-control-allow-methods
REPORT, OPTIONS
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
Branding
dciconsult.sf-api.com/sf/v3/Accounts/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Accounts/Branding
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:23 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127234490678
citrix-transactionid
33e41a38-301d-459d-896f-ec2def8e0fb7
correlationid
aBWrlr_uiUKZgcqZYt4zYA
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
REPORT
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
REPORT, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
allow
REPORT, OPTIONS
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Thu, 13 May 2021 18:25:23 GMT
via
1.1 varnish
x-served-by
cache-fra19123-FRA
x-cache
HIT
x-cache-hits
4
x-timer
S1620930323.402990,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
06a3155a83cf23d395fc.js
dciconsult.sharefile.com/bundles/
12 KB
6 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/06a3155a83cf23d395fc.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c7a223f313a93650f20c22f7ccc5658983c1d43184bc323e0c9867e2326d572b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/06a3155a83cf23d395fc.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=1NznvxBzxUMygB5npMeoNC0qUvegF8wq1jbPtI6QgAeV736+xvu+0Csx+tbBT8qhSbPE+ASW3gd6+t/kBx3utg4n034NMyLzdOJMCMZg1LsZHGZFNzEIPWh7sbQ10v/x3GwNmkJXtaLXWgOOuJJt6J8QIHZW19DfbtvGFIqvvmQI; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBTGCORS=1NznvxBzxUMygB5npMeoNC0qUvegF8wq1jbPtI6QgAeV736+xvu+0Csx+tbBT8qhSbPE+ASW3gd6+t/kBx3utg4n034NMyLzdOJMCMZg1LsZHGZFNzEIPWh7sbQ10v/x3GwNmkJXtaLXWgOOuJJt6J8QIHZW19DfbtvGFIqvvmQI; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure AWSALB=dbnF60Y7fbgL6QIuF1ix5hXmy8HCvahHYYRvudGS8CqoOOO/g9IgtGlXJ0/XY1EEACrxBesvZ/6ompL5UMsLfhBdhp6NzSnn4AGdgUCWyIN21vEUB/S706k91GKo; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBCORS=dbnF60Y7fbgL6QIuF1ix5hXmy8HCvahHYYRvudGS8CqoOOO/g9IgtGlXJ0/XY1EEACrxBesvZ/6ompL5UMsLfhBdhp6NzSnn4AGdgUCWyIN21vEUB/S706k91GKo; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
4704
x-content-type-options
nosniff
3f3f2364a59283d6fb44.js
dciconsult.sharefile.com/bundles/
79 KB
24 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/3f3f2364a59283d6fb44.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
16f13ee9792884c51cb4202d76f8e07cdb555248142ad2fc6d436b3145132005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/3f3f2364a59283d6fb44.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=fTZAOlH4QJtYzJH2a3SE9mc5Yj2ECI3XvNBt/OE2SB4h5SDUCfElEmFG5FO4h/hwIIKpJ6cbFs8kD6bOnY8S2JGFbedWz7Gk39r5m4qLuxxlaM1XylvEi8e886cX8dc+auDfB+7l67IdV80mhfHASF+UqVE0Z5GjdT2GiuO9ZWKz; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBTGCORS=fTZAOlH4QJtYzJH2a3SE9mc5Yj2ECI3XvNBt/OE2SB4h5SDUCfElEmFG5FO4h/hwIIKpJ6cbFs8kD6bOnY8S2JGFbedWz7Gk39r5m4qLuxxlaM1XylvEi8e886cX8dc+auDfB+7l67IdV80mhfHASF+UqVE0Z5GjdT2GiuO9ZWKz; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure AWSALB=Kc1Lcllp23c6yKmlxwHO6gMfYZNolk0lvZc47+W6AxfNyTt33D/o3YWzvgQBbQ5Z3xcZ/y7evSbVOr0i6UuCnTHalJFcPoibT3ycIHe/ODdzUybLAAnL5W2BC251; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBCORS=Kc1Lcllp23c6yKmlxwHO6gMfYZNolk0lvZc47+W6AxfNyTt33D/o3YWzvgQBbQ5Z3xcZ/y7evSbVOr0i6UuCnTHalJFcPoibT3ycIHe/ODdzUybLAAnL5W2BC251; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
23444
x-content-type-options
nosniff
8ec63baadb7820a5fc95.js
dciconsult.sharefile.com/bundles/
32 KB
10 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/8ec63baadb7820a5fc95.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
010e18556f7064e3244d493d5eddf1fbf3232fa116eccc245993589c7d5e6175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/8ec63baadb7820a5fc95.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=gB8d8/qw+S0SKp58UJ39nlQ98fHb3fAv1jWT35KPjZTE1bRMVg3yANHzeLUx7TrIQiLWyxYFZWXwPrpv353YLTmmZB0jKryEOiLiUKwdFJVq9/oaMGNeTJ+UTRmbp4zMQkRGZqiOI4XEoZ/QXEUwyM/7sWZRKlAlqe/WYwkLFdvh; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBTGCORS=gB8d8/qw+S0SKp58UJ39nlQ98fHb3fAv1jWT35KPjZTE1bRMVg3yANHzeLUx7TrIQiLWyxYFZWXwPrpv353YLTmmZB0jKryEOiLiUKwdFJVq9/oaMGNeTJ+UTRmbp4zMQkRGZqiOI4XEoZ/QXEUwyM/7sWZRKlAlqe/WYwkLFdvh; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure AWSALB=y0KDaFqbT6IbipC+LOZ3LyhV/MNPMfqr1iVgYPKQlUfWcXowK/PLglyenYh5dB+GMER8RR9ytg8Rv0h6UnSJxYm23XkFnqxr1KknzAK/uv7zoTqDm/zn8P7jot2c; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBCORS=y0KDaFqbT6IbipC+LOZ3LyhV/MNPMfqr1iVgYPKQlUfWcXowK/PLglyenYh5dB+GMER8RR9ytg8Rv0h6UnSJxYm23XkFnqxr1KknzAK/uv7zoTqDm/zn8P7jot2c; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
9118
x-content-type-options
nosniff
0f5b9a106fe8c2382299.js
dciconsult.sharefile.com/bundles/
92 KB
19 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/0f5b9a106fe8c2382299.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
14455b7e075723efdb29c8dd18e2cce60da123a904104ed97a22a9d22164a1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/0f5b9a106fe8c2382299.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=SELGUtkajbrqqThago0WE5vBT0nwX156ByL997zz6aheMHfqSw2Fc6GQHOdGYptoujWhPRY0YzNfJhwNNTsQlXqcEPuAJnqZqSx+4aMtPKM5S9M9RVPl5o8VmD76GCHDv4fC5XNbPIt7P2OvMZYO/IRo/pG5mZFSQe/Tj+uJPP04; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBTGCORS=SELGUtkajbrqqThago0WE5vBT0nwX156ByL997zz6aheMHfqSw2Fc6GQHOdGYptoujWhPRY0YzNfJhwNNTsQlXqcEPuAJnqZqSx+4aMtPKM5S9M9RVPl5o8VmD76GCHDv4fC5XNbPIt7P2OvMZYO/IRo/pG5mZFSQe/Tj+uJPP04; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure AWSALB=UuvBry73of2bIGJ/GwEvhs8SSO/SI6qOLk8eiNy6jIXW0Dzl4BiKGNMRsAyqxAkHCC7uWAvE+un2etO+sDfr3T9spE8ozQHFr07qVaQVZQHCJwOqO6obeEgtuBxY; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBCORS=UuvBry73of2bIGJ/GwEvhs8SSO/SI6qOLk8eiNy6jIXW0Dzl4BiKGNMRsAyqxAkHCC7uWAvE+un2etO+sDfr3T9spE8ozQHFr07qVaQVZQHCJwOqO6obeEgtuBxY; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
18605
x-content-type-options
nosniff
e7456f782790ba868d85.js
dciconsult.sharefile.com/bundles/
28 KB
9 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/e7456f782790ba868d85.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
1c8545f8b1db49dcdb791c6d3342ee5e2517ca3fea897411b0bf1a96d3aa9323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/e7456f782790ba868d85.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=yiGMVBXyUf7Od1paiBvBQ5ffgQobzB7ffGePsGPmyW0BYmEop4RR+tqeThIumrIylHJRB9P1npamF5eBInyLKA8n0RSVcl4SvXXSoHgJOHq70k24X2vtHXwgReekK6U608E77VT0svhumre5BCUib1nRtc+B2iMw2hhYII1xgD7r; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBTGCORS=yiGMVBXyUf7Od1paiBvBQ5ffgQobzB7ffGePsGPmyW0BYmEop4RR+tqeThIumrIylHJRB9P1npamF5eBInyLKA8n0RSVcl4SvXXSoHgJOHq70k24X2vtHXwgReekK6U608E77VT0svhumre5BCUib1nRtc+B2iMw2hhYII1xgD7r; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure AWSALB=/5JuyjfHz0uHnnIlM0Ib+qyjY84ucXv+Wr8bSv7VSsaLjNuefRskQWrpZrgzF00oTdywhBkJriyD3BG/b1Nca1//qYkbnObqRyEU/Pvwwpqm6YDwfIr6/c5Acfz5; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBCORS=/5JuyjfHz0uHnnIlM0Ib+qyjY84ucXv+Wr8bSv7VSsaLjNuefRskQWrpZrgzF00oTdywhBkJriyD3BG/b1Nca1//qYkbnObqRyEU/Pvwwpqm6YDwfIr6/c5Acfz5; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
7739
x-content-type-options
nosniff
49bdefc7-e3bb-4d83-bddf-28ece54bbf5e.png
dciconsult.sharefile.com/styles/images/
4 KB
5 KB
Image
General
Full URL
https://dciconsult.sharefile.com/styles/images/49bdefc7-e3bb-4d83-bddf-28ece54bbf5e.png
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
777cabe7a9b125a171350204d74c5ec866a9c182cc5f885ee508227c970bb939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/styles/images/49bdefc7-e3bb-4d83-bddf-28ece54bbf5e.png
pragma
no-cache
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
referrer-policy
same-origin
last-modified
Fri, 18 Aug 2017 19:47:11 GMT
server
Microsoft-IIS/10.0
etag
"ee107ac85a18d31:0"
content-type
image/png
x-xss-protection
1; mode=block
set-cookie
AWSALBTG=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBTGCORS=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure AWSALB=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/ AWSALBCORS=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI; Expires=Thu, 20 May 2021 18:25:24 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
4489
x-content-type-options
nosniff
expires
Wed, 01 Jan 2020 00:00:00 GMT
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/ptm.gif/
42 B
280 B
Image
General
Full URL
https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.91.0_prod&ct=1620930324101&jzb=eJzVUb1u2zAQfhfOtsWjqD9vBuwWRQHXQdIuQSBQ4jFhK5MqSTmwA797yLTVGBTo1E063vd33_0LCecRyZocMQiyIJ2zzx5dG_QxTqFktMlpzjgt6wU5aa-Dda2WEdAedvvtl_au9T9utpvyRvnPPBKIvreTCb92RF0xEKpeVohqyWnRLOuu5kvZVwiVhLqSRcRMbojLTyGMfp1lste9NX4awso_CYdKD7jq7TF7-8tOGp8zr_qKYQdU1MB5w6ChhexkCRRASYYYWUdnR0_WL39sp8_3nA_CPE7iMR0DTfv1llznNDP0LwMpFGFyGNXvic3LgjxErjG6N2EzM8aRFCHJQZ7RImOUQcSe0HltTRyzVQMr2sYcMnkJovuUPHw3l8PAP57BIN_v5SXpOXHEt8fL3S7gB6s23253sPt5SJWeQ3LCa3ZdzHUPVsj36q74f1t3ivY7EONN_u-XyylcH14Brwr6CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/guide.json/
6 KB
3 KB
XHR
General
Full URL
https://citrix-sharefile-data.customer.pendo.io/data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJyNjzFv-yAUxL8Lc214xA7YW6R0-KtS26jtVFUWhkeC_g5EgNOhyncPyeCx6sY7_e64-yFnl1wO8Z8hPRleH5-3L8P7kP7vtpv1zqanhjwQpXWYfb4jSgoOyspKINqqYW1XyVE2ldECQRiQwrTFMsepwIecT6mn1Ging0_zlOt0UBGtm7DW4UjvFz07_KbJasFxBKYkNE3HoWOtGc0aGIA1HLGkHjEro7Ii_dL79nS_dJ-U389qj4VAP3y8kcuyZ7H-cZNFleeIifSfJKzWLfkqWacywOfNklik0vD2HawoaylnHIr3jDG54IvM6w5qNpxiMORyuQL2knXy&v=2.91.0_prod&ct=1620930324113
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7e8fcbab0319baba8a2a9840b95dbe61cb000c78b648ddb7a8d9460b7e97fd85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/json
via
1.1 google
access-control-max-age
600
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/bulk/
0
509 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5f33f5d44f29ea099db90d2a
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.115.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-115-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
X-LaunchDarkly-Payload-ID
95691a00-b418-11eb-85e1-2bece2b747f2
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/2.18.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 13 May 2021 18:25:25 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
300
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length
0
Access-Control-Expose-Headers
Date
5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/bulk/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5f33f5d44f29ea099db90d2a
Protocol
HTTP/1.1
Server
34.198.115.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-115-132.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 13 May 2021 18:25:24 GMT
Content-Type
application/json
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Access-Control-Max-Age
300
Strict-Transport-Security
max-age=31536000
Shares(sfc72eb10a8144921905dbd61011fd2ee)
dciconsult.sf-api.com/sf/v3/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount&includeExpired=false
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:24 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127247154488
citrix-transactionid
c477263a-47b2-42d9-811d-06a45d321b1b
correlationid
oFh7qVMaQkydO48YC3k2Nw
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
Shares(sfc72eb10a8144921905dbd61011fd2ee)
dciconsult.sf-api.com/sf/v3/
6 KB
3 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount&includeExpired=false
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b2a503b33caf1d03d9295934270f0c36dc9350dd254fde97b722adb5e36b79a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
WCjWS5PcceP9ls3DF-rs3w
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
c776115c-0aa6-4137-a5ee-22cee6f634e8
date
Thu, 13 May 2021 18:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
WCjWS5PcceP9ls3DF-rs3w
vary
Accept-Encoding
content-length
2166
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127251103293
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
guide.css
citrix-sharefile-content.customer.pendo.io/agent/releases/2.91.0/
16 KB
3 KB
Stylesheet
General
Full URL
https://citrix-sharefile-content.customer.pendo.io/agent/releases/2.91.0/guide.css
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.168.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:25 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uw9RIchGHMqHUsKKxjBUbV-7U2o9hXzNYnVWq7RxDhhT9T3LxxjAAtZf4p_QD6Lf9ulgpnTL07rkoKG1P2OZzs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
2742
last-modified
Mon, 03 May 2021 18:01:21 GMT
server
UploadServer
etag
"5670e96f5f8719b2633a94fba0efbaa4"
vary
Accept-Encoding
x-goog-hash
crc32c=lIXClA==, md5=VnDpb1+HGbJjOpT7oO+6pA==
x-goog-generation
1620064881945142
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache
x-goog-stored-content-length
2742
accept-ranges
bytes
content-type
text/css
expires
Fri, 13 May 2022 18:25:25 GMT
guide.-323232.1619036379078.css
citrix-sharefile-content.customer.pendo.io/
13 KB
13 KB
Stylesheet
General
Full URL
https://citrix-sharefile-content.customer.pendo.io/guide.-323232.1619036379078.css
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.168.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d40329443c7a663268c8237320a1e3e0c10c377eef600405d7648b38310dd313

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 17:26:52 GMT
age
3512
x-guploader-uploadid
ABg5-Uw7sXOJ5DUj5J97kpBnBPXRlwrl4mxBYkyGJYGNQMAu4KVk2acScSgvCDsZbsmHdQ-ZuF-EspyQN8v074nWVOqaoXJVFw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
13429
last-modified
Wed, 21 Apr 2021 20:19:43 GMT
server
UploadServer
etag
"0ac6a11a5be033336f129384dd030262"
x-goog-hash
crc32c=I0eGlw==, md5=CsahGlvgMzNvEpOE3QMCYg==
x-goog-generation
1619036383168466
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13429
accept-ranges
bytes
content-type
text/css
expires
Thu, 13 May 2021 18:26:52 GMT
umZMSXw5PmnKOfZ9pI7krQKYWvM.guide.js
citrix-sharefile-content.customer.pendo.io/guide-content/Vr_-mJPl14X6LrvrhM91HqW5LNY/Neqoaw_4MFxyk5dNCF0g0dIJDj4/
80 KB
12 KB
Script
General
Full URL
https://citrix-sharefile-content.customer.pendo.io/guide-content/Vr_-mJPl14X6LrvrhM91HqW5LNY/Neqoaw_4MFxyk5dNCF0g0dIJDj4/umZMSXw5PmnKOfZ9pI7krQKYWvM.guide.js
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.168.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
aa83432528815b53055d1399e5d70260b897e5ce07b0cd22ad09866ae616e3ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:25 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABg5-UzTr2cEirR8oHzAU-Oqe3w09a9SkBjCrlzsWAB_yAGcDJrXnX-AB1Dc_6W7JL9NtusupsRjPf5UJ15L2NONj28L-l_jow
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
11622
last-modified
Mon, 22 Apr 2019 14:46:48 GMT
server
UploadServer
etag
"bec4fc8374c2eb2fbcc06af45c605b69"
vary
Accept-Encoding
x-goog-hash
crc32c=X+2xZA==, md5=vsT8g3TC6y+8wGr0XGBbaQ==
x-goog-generation
1555944408448528
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
11622
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Thu, 13 May 2021 19:25:25 GMT
7UUyQ67_IKcXk7PlJefBAXLdJKE.guide.css
citrix-sharefile-content.customer.pendo.io/guide-content/Vr_-mJPl14X6LrvrhM91HqW5LNY/Neqoaw_4MFxyk5dNCF0g0dIJDj4/
49 KB
6 KB
Stylesheet
General
Full URL
https://citrix-sharefile-content.customer.pendo.io/guide-content/Vr_-mJPl14X6LrvrhM91HqW5LNY/Neqoaw_4MFxyk5dNCF0g0dIJDj4/7UUyQ67_IKcXk7PlJefBAXLdJKE.guide.css
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.168.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
137c2e19f0877de1cd909e272cc94a4b0d82e7d13f86735b8186663d2464ca59

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 17:28:17 GMT
content-encoding
gzip
age
3427
x-guploader-uploadid
ABg5-Uxh72GKXBfCGYin2xPuQ0cw42YiKYNeFq6Xc69KtcjQu-q2mkAn0ml1o8xmcBTkV4R46JqKxdtBtjoPkmR58W8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6087
last-modified
Tue, 09 Apr 2019 17:53:17 GMT
server
UploadServer
etag
"201295e46087f55c69f4244fb55880b6"
vary
Accept-Encoding
x-goog-hash
crc32c=wajpcw==, md5=IBKV5GCH9Vxp9CRPtViAtg==
x-goog-generation
1554832397072071
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
6087
accept-ranges
bytes
content-type
text/css; charset=utf-8
expires
Thu, 13 May 2021 18:28:17 GMT
launcherBadge_custom_eeeb68f44f04ad0671120af33b75ab16
pendo-static-5352587489443840.storage.googleapis.com/
1 KB
2 KB
Image
General
Full URL
https://pendo-static-5352587489443840.storage.googleapis.com/launcherBadge_custom_eeeb68f44f04ad0671120af33b75ab16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
de9f1f38aab20c68fe0616ebb05e95a83450a30e93ea3d59dce6fbd35e3dbd17

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 17:36:29 GMT
age
2936
x-guploader-uploadid
ABg5-UxmTWptCE735__30OTppDkkJNuihYdSWxDO_u-k_1hXcgZWq6tOaPwcRKjn3oZ3MX90rRHNghSen3XQMUj1rUCAgvz7Cw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1250
last-modified
Tue, 09 Apr 2019 17:53:16 GMT
server
UploadServer
etag
"e164ea2dede694cfbfffd8d22f00b9cb"
x-goog-hash
crc32c=p/qF8A==, md5=4WTqLe3mlM+//9jSLwC5yw==
x-goog-generation
1554832396009503
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1250
accept-ranges
bytes
content-type
image/png
expires
Thu, 13 May 2021 18:36:29 GMT
60e4fd22901715c114498c5373630c60.woff
dciconsult.sharefile.com/bundles/
25 KB
26 KB
Font
General
Full URL
https://dciconsult.sharefile.com/bundles/60e4fd22901715c114498c5373630c60.woff
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2fc2ac72f4d63a038ca248de81b16a9edae98d2a0cb115a19ce8e6618b0490dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://dciconsult.sharefile.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672; AWSALBTG=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; AWSALBTGCORS=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; AWSALB=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI; AWSALBCORS=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI
:path
/bundles/60e4fd22901715c114498c5373630c60.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://dciconsult.sharefile.com
Referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:25 GMT
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
content-type
application/x-font-woff
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=FgSn3c4YyJ+s2mEOuhI1TVqWb+xyj1VRK4vLO4OV//8YkVwfsEQ9taOU9NTCVmdWc8fiOfda9tET+ioDjS3s05geRURRtf6lYumZWOh7+9mWa2Ha6mkH7wk1Bl7z861i1KvKHRMHy4YziPVQ1WWEMxcTgINE/J3w0YK7XB730CCf; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/ AWSALBTGCORS=FgSn3c4YyJ+s2mEOuhI1TVqWb+xyj1VRK4vLO4OV//8YkVwfsEQ9taOU9NTCVmdWc8fiOfda9tET+ioDjS3s05geRURRtf6lYumZWOh7+9mWa2Ha6mkH7wk1Bl7z861i1KvKHRMHy4YziPVQ1WWEMxcTgINE/J3w0YK7XB730CCf; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/; SameSite=None; Secure AWSALB=nSh891c3ZHizj6Twc51Nu2+qUC2M3zrPI8cy7cQ+bUe5SRXebVeTIXryp7uVyXy9tTAbSM3/YcBg5q47gB3SQrCU7okasn8cLMh7UrLdnR9dVb5/+IJi6ptAnlCx; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/ AWSALBCORS=nSh891c3ZHizj6Twc51Nu2+qUC2M3zrPI8cy7cQ+bUe5SRXebVeTIXryp7uVyXy9tTAbSM3/YcBg5q47gB3SQrCU7okasn8cLMh7UrLdnR9dVb5/+IJi6ptAnlCx; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
25804
x-content-type-options
nosniff
58238858892db48030c012a757eb17d2.woff
dciconsult.sharefile.com/bundles/
26 KB
27 KB
Font
General
Full URL
https://dciconsult.sharefile.com/bundles/58238858892db48030c012a757eb17d2.woff
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
bd4d5f23336beb3b603af3bcaedb1944361755757ad50616d83d9147ba4cf56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://dciconsult.sharefile.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672; AWSALBTG=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; AWSALBTGCORS=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; AWSALB=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI; AWSALBCORS=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI
:path
/bundles/58238858892db48030c012a757eb17d2.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://dciconsult.sharefile.com
Referer
https://dciconsult.sharefile.com/d-sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:25 GMT
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
content-type
application/x-font-woff
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=4x5b+pv20EcbeAMTGnVDrpn6iYG0IzZWaZnVO6yYogFVR10Gs9McQrUr1E2gtwEXvN3rLtH3VB4tWj1UxVePgLkxcpScyStp4rlRvGzlroWibZRS7MpWspLzEsvw8eVG33YCw3jYbIboZ7roMH9Xmi3G2nI2JT971bTDgkfj/Dex; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/ AWSALBTGCORS=4x5b+pv20EcbeAMTGnVDrpn6iYG0IzZWaZnVO6yYogFVR10Gs9McQrUr1E2gtwEXvN3rLtH3VB4tWj1UxVePgLkxcpScyStp4rlRvGzlroWibZRS7MpWspLzEsvw8eVG33YCw3jYbIboZ7roMH9Xmi3G2nI2JT971bTDgkfj/Dex; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/; SameSite=None; Secure AWSALB=HnyXCw0PY15Qdd+nqQIwprTGOA6KTVONIYqDgM5B+kC2TcCM9ViwJZxc0mwpxcIxPOQ7OBp3K6HvxgEErTC2o0C/bfR+8jzRmH12VSipI3d0Hl7AzoTkaARy1DkV; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/ AWSALBCORS=HnyXCw0PY15Qdd+nqQIwprTGOA6KTVONIYqDgM5B+kC2TcCM9ViwJZxc0mwpxcIxPOQ7OBp3K6HvxgEErTC2o0C/bfR+8jzRmH12VSipI3d0Hl7AzoTkaARy1DkV; Expires=Thu, 20 May 2021 18:25:25 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
26249
x-content-type-options
nosniff
ContentViewer
dciconsult.sf-api.com/sf/v3/Items/
1 KB
2 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Items/ContentViewer
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
da4ef01d3a549b64647530e0129fcde5923de2bce6f465d657a5a2ec345f638a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
nO03hkkUnFW9tccb_LhlZA
Accept-Language
en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
X-SF-App
ShareFileWeb

Response headers

citrix-transactionid
111cb066-014a-4001-b35e-f2e36c987d9e
date
Thu, 13 May 2021 18:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
nO03hkkUnFW9tccb_LhlZA
vary
Accept-Encoding
content-length
698
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127260644665
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
ContentViewer
dciconsult.sf-api.com/sf/v3/Items/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Items/ContentViewer
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:25 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127258557674
citrix-transactionid
21e683eb-3e5b-4193-ac10-5fc13557bf6d
correlationid
rh7CGQ_dx0Ca3gNyXNBogg
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
Items(fia4a143-9b6c-1581-b716-737fe5663db5)
dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/Items(fia4a143-9b6c-1581-b716-737fe5663db5)?canCreateRootFolder=false&fileBox=false
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:26 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127262500865
citrix-transactionid
7122b25d-66af-453f-8a29-c7dd3c320984
correlationid
rKidb8xyV06cMB46uJ94iA
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
Capabilities
dciconsult.sf-api.com/sf/v3/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Capabilities
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:26 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127262485382
citrix-transactionid
2875a9b5-522c-4a78-9ab5-ee3428882eed
correlationid
V_tnEUbYkU-m0bArlx1ung
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
Shares(sfc72eb10a8144921905dbd61011fd2ee)
dciconsult.sf-api.com/sf/v3/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)?%24expand=Items&includeExpired=false
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:26 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127262553576
citrix-transactionid
ab01b662-3564-494a-a25b-801ebd99b78b
correlationid
YEpZF9F0jUa_D8d8leDWeQ
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
1261e00b6c695e25b7a7.js
dciconsult.sharefile.com/bundles/
4 KB
3 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/1261e00b6c695e25b7a7.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f8d028e666b7c92c6e1ad068efc988bbfc1a8450a4b3603dc37eb21fbfc15c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/1261e00b6c695e25b7a7.js
pragma
no-cache
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672; AWSALBTG=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; AWSALBTGCORS=CQn96jkX4uv72g32P6KdbOH3DGyHf4FolCU1EyL7lCXtmzldvRxJnqDE2WNieSVtrzwCnwN6hk6EXVOATZSN9QPUS2j01YCgfzm8bVgPLhdAeVURt1ps/096QPi1LKKTeV4SLMTUJHwsUlqkZF1CVNvDgChgr+w6TJKX4sKRaXiX; AWSALB=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI; AWSALBCORS=DEtjVnuL5zDqev5h3Z6R7rN+3ufXeK9lWvueOdmg5kmKiRqGqAjPeUvxzFG3M6kUPZOBhpxhwfciOQ/7FjFsl1LGUyVC3NYbtBcSBSekutmY9Ig8HnY9QYJOjYaI
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:26 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; Expires=Thu, 20 May 2021 18:25:26 GMT; Path=/ AWSALBTGCORS=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; Expires=Thu, 20 May 2021 18:25:26 GMT; Path=/; SameSite=None; Secure AWSALB=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ; Expires=Thu, 20 May 2021 18:25:26 GMT; Path=/ AWSALBCORS=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ; Expires=Thu, 20 May 2021 18:25:26 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
1815
x-content-type-options
nosniff
Items(fia4a143-9b6c-1581-b716-737fe5663db5)
dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/
1 KB
2 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/Items(fia4a143-9b6c-1581-b716-737fe5663db5)?canCreateRootFolder=false&fileBox=false
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4b19c4e9fdd167783f807fcf881f4eda630971f024b6b398de463f2214396457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
g6ecGffnUbC4RrPzWID1TQ
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
0e8aedaa-f119-47c5-8d26-ed8a73d0382a
date
Thu, 13 May 2021 18:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
g6ecGffnUbC4RrPzWID1TQ
vary
Accept-Encoding
content-length
634
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127264453757
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
Capabilities
dciconsult.sf-api.com/sf/v3/
6 KB
2 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Capabilities
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4c4fcaf89fa96b21fe47ebcc692f8b6aa5214367e10596cfa34bdb8d9d8de6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
vKiU2jxqtGk30KzmS5gh0g
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
5bd81fb8-c139-47cf-b156-4a4d332ec69c
date
Thu, 13 May 2021 18:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
vKiU2jxqtGk30KzmS5gh0g
vary
Accept-Encoding
content-length
926
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127263783227
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
Shares(sfc72eb10a8144921905dbd61011fd2ee)
dciconsult.sf-api.com/sf/v3/
2 KB
2 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)?%24expand=Items&includeExpired=false
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c77b4eb93a3daac674e63f13822b78eeb305abf14eb0d62ec0b35cbad5ee3493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
Ng8YT5t2Hg46oILL2DqbCw
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
d2ec7ba3-4ab8-4b33-879b-8363f725473b
date
Thu, 13 May 2021 18:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
Ng8YT5t2Hg46oILL2DqbCw
vary
Accept-Encoding
content-length
1009
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127264334259
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
launchrequest
sf-cv.sharefile.com/service/contentviewer/
309 B
1 KB
XHR
General
Full URL
https://sf-cv.sharefile.com/service/contentviewer/launchrequest
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.193.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash
5c130885d361523224c0e386b147947d832cf63057a797c9d366eaa3e31ee66e
Security Headers
Name Value
Content-Security-Policy default-src https:; child-src https: blob:; frame-src https: blob:; font-src 'self' data: https:; frame-ancestors 'none'; img-src https: data: blob: https://pendo-static-5352587489443840.storage.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-lOfhpYgt5qMpJzPPDKv3Jw==' https://www.google-analytics.com https://cdn.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com; report-uri https://sf-cv.sharefile.com/cspviolation; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

citrix-transactionid
bce9617c-3aa7-452c-9c6e-2074fe266e2c
date
Thu, 13 May 2021 18:25:26 GMT
content-encoding
br
x-content-type-options
nosniff
requestid
0HM8M6UIJTS24:00000002
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-frame-options
DENY
vary
Accept-Encoding
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
0HM8M6UIJTS24:00000002
access-control-expose-headers
Content-Length,Accept-Ranges,Content-Type
access-control-allow-credentials
true
content-security-policy
default-src https:; child-src https: blob:; frame-src https: blob:; font-src 'self' data: https:; frame-ancestors 'none'; img-src https: data: blob: https://pendo-static-5352587489443840.storage.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-lOfhpYgt5qMpJzPPDKv3Jw==' https://www.google-analytics.com https://cdn.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com; report-uri https://sf-cv.sharefile.com/cspviolation; upgrade-insecure-requests;
content-type
text/plain
launchrequest
sf-cv.sharefile.com/service/contentviewer/ Frame
0
0
Preflight
General
Full URL
https://sf-cv.sharefile.com/service/contentviewer/launchrequest
Protocol
H2
Server
13.248.193.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:26 GMT
content-language
en
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-HTTP-Method-Override,X-SF-App,Authorization,X-SF-ClientCapabilities,X-SF-LimitedAuthId,X-SF-CaptchaUserToken,X-SF-Subdomain
access-control-allow-methods
GET,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-max-age
600
requestid
0HM8M6S7G7RVD:00000002
x-sfapi-requestid
0HM8M6S7G7RVD:00000002
citrix-transactionid
b1b104b0-5c86-416f-9939-e0f9ac1e8d47
153a1dfb595ad383fd81.js
dciconsult.sharefile.com/bundles/
3 KB
2 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/153a1dfb595ad383fd81.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e4c1e97b91291ac4bfefb2fd726f832cdce4a491063c09ac26d843ea1bfcd77e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/153a1dfb595ad383fd81.js
pragma
no-cache
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672; AWSALBTG=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; AWSALBTGCORS=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; AWSALB=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ; AWSALBCORS=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=93UORRKENE1RQSBItEsd5Nh+NvGUw9t+mKvDYRa2b8t2yBdL20BSIX/1l7ecJccs6NSZZ7ZFtgYuzy2+SstNVQHa1OOZs8/RFRJOP6H0XnxbmsDeZnIew/Bb8K3bbYwVR3s6cIGZAHXO9Bt+hhfE2ST0ZCUEiUM0UuNe1kbSSjN4; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/ AWSALBTGCORS=93UORRKENE1RQSBItEsd5Nh+NvGUw9t+mKvDYRa2b8t2yBdL20BSIX/1l7ecJccs6NSZZ7ZFtgYuzy2+SstNVQHa1OOZs8/RFRJOP6H0XnxbmsDeZnIew/Bb8K3bbYwVR3s6cIGZAHXO9Bt+hhfE2ST0ZCUEiUM0UuNe1kbSSjN4; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/; SameSite=None; Secure AWSALB=YmJFMSJNNOxhviPuTWaRWUkk0TxSZYdRHFfZsbSEUn1tGyR3IKnIG6TwuUjnoqYgVAcC5gwKXBohhz6nouCNEoLRlooQG/N4n5GUCTW0ScK7iqSKqF1bVNprffa0; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/ AWSALBCORS=YmJFMSJNNOxhviPuTWaRWUkk0TxSZYdRHFfZsbSEUn1tGyR3IKnIG6TwuUjnoqYgVAcC5gwKXBohhz6nouCNEoLRlooQG/N4n5GUCTW0ScK7iqSKqF1bVNprffa0; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
1175
x-content-type-options
nosniff
581a430844ef4d112c2f.js
dciconsult.sharefile.com/bundles/
16 KB
6 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/581a430844ef4d112c2f.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
aafabb23a1d8f6cc94b8b6d3b94ccd3f2dd238baeb23c06176a9755cd3ed35f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/581a430844ef4d112c2f.js
pragma
no-cache
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672; AWSALBTG=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; AWSALBTGCORS=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; AWSALB=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ; AWSALBCORS=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=778TZrTWaN51Bt3xld4sDxTFcJlOpOcj/NkfywcAd4US4PFIikSb1hTHhL/2n4T+bcHgkTHrnVu3squITkHrtrn4dJT48bQmkaRnC3l7xrC+xM3JnAORxLwxFJZiCuh47BynVl1YOg9dWta/7G168bAbset5k6UcOY8sRcpaCtqG; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/ AWSALBTGCORS=778TZrTWaN51Bt3xld4sDxTFcJlOpOcj/NkfywcAd4US4PFIikSb1hTHhL/2n4T+bcHgkTHrnVu3squITkHrtrn4dJT48bQmkaRnC3l7xrC+xM3JnAORxLwxFJZiCuh47BynVl1YOg9dWta/7G168bAbset5k6UcOY8sRcpaCtqG; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/; SameSite=None; Secure AWSALB=xDRpdBZfB1pYCXcx5DuVworUpPez2mMDHWmFfF3Dx/QCxMA0Bx/g1QwW5DOYhuq9WIrp+QCVlCGM4Cs9U8JqVqHjdqPmFcL/ra4QQ0rnL+XoZPnYQPg8FrsI/DLh; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/ AWSALBCORS=xDRpdBZfB1pYCXcx5DuVworUpPez2mMDHWmFfF3Dx/QCxMA0Bx/g1QwW5DOYhuq9WIrp+QCVlCGM4Cs9U8JqVqHjdqPmFcL/ra4QQ0rnL+XoZPnYQPg8FrsI/DLh; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
5026
x-content-type-options
nosniff
fcd2d1fe7054a8d03da0.js
dciconsult.sharefile.com/bundles/
13 KB
5 KB
Script
General
Full URL
https://dciconsult.sharefile.com/bundles/fcd2d1fe7054a8d03da0.js
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9679cb942dac913bcd8ba0f6003a09327cfab83649f6604a186766227760e8f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/fcd2d1fe7054a8d03da0.js
pragma
no-cache
cookie
_pendo_accountId.74b07336-7560-45fc-7cd1-95032a784d52=a8721af8-7eef-4059-8b84-dc7e17d187d5; _pendo_visitorId.74b07336-7560-45fc-7cd1-95032a784d52=_PENDO_T_skQDA6QfsK4; _pendo_meta.74b07336-7560-45fc-7cd1-95032a784d52=1395047672; AWSALBTG=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; AWSALBTGCORS=aPXVrZi6zBH1pxnLYEcQq3e/0xzL3VLcyGgcLBVMhLdwOxPz+T/vg+L4dXQ8mb2i8wU80YeEEOZQBKTWF9OUutlLKpbKwIGrdeMT2WjjMq/hrz8l14SQJ9PTfzlwbbIC4bPJ8iQ/7uwraPWR/ARSuTFlG/ZtumcwpE3/eNen5NZP; AWSALB=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ; AWSALBCORS=T1tounlbucTmCxAAEw34Mjf+z9WngsGuamW80rx7z09DO5bhRRSKkB6bSPfmWl6eWH7kPOmMOnJxlHfYjY6R1WpnZxz/IinF1tt0M2BgKtZuOzcThgWXU4Cr5ywJ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dciconsult.sharefile.com
referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dciconsult.sharefile.com/share/view/sfc72eb10a8144921905dbd61011fd2ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:25:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 12 May 2021 16:02:42 GMT
server
Microsoft-IIS/10.0
etag
"07d283d4847d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
set-cookie
AWSALBTG=q86qr7EO65gvzCjYcAC1zqNtk3P0dc9O+Y0U7Vild6H6bqgQcvwU7HxafQ2bvG0pBAOKIGW5pXtBarzFtuj660OepylkTsob2OExVKbq+Ey0rtssRj05MlgUg5TzTzOHsZ83wkwhYpmqTOHqYiYM/Iy/8HD8Z/5xc7sGKfHDtD8s; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/ AWSALBTGCORS=q86qr7EO65gvzCjYcAC1zqNtk3P0dc9O+Y0U7Vild6H6bqgQcvwU7HxafQ2bvG0pBAOKIGW5pXtBarzFtuj660OepylkTsob2OExVKbq+Ey0rtssRj05MlgUg5TzTzOHsZ83wkwhYpmqTOHqYiYM/Iy/8HD8Z/5xc7sGKfHDtD8s; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/; SameSite=None; Secure AWSALB=J4eZHGsoZMT72AZDJ/QesoWO55DyFHz+yYvNFwhYzsV7Z9EeERxmpw4yO7DfyFqb6wlUBrq05EaBxlyXu6Fv03nyLf2UpbohNRSRBqhjFxovlVkVLU/G575q6ZuM; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/ AWSALBCORS=J4eZHGsoZMT72AZDJ/QesoWO55DyFHz+yYvNFwhYzsV7Z9EeERxmpw4yO7DfyFqb6wlUBrq05EaBxlyXu6Fv03nyLf2UpbohNRSRBqhjFxovlVkVLU/G575q6ZuM; Expires=Thu, 20 May 2021 18:25:27 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
4352
x-content-type-options
nosniff
ProtocolLinks(Web)
dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/Items(fia4a143-9b6c-1581-b716-737fe5663db5)/ Frame
0
0
Preflight
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/Items(fia4a143-9b6c-1581-b716-737fe5663db5)/ProtocolLinks(Web)
Protocol
H2
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://dciconsult.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 13 May 2021 18:25:27 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
https://dciconsult.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637565127274510678
citrix-transactionid
a3ccd7be-4eff-4b3f-a43d-5d2a31dcebe3
correlationid
6J6Zi6jfFUyutlh1vnnrAw
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
ProtocolLinks(Web)
dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/Items(fia4a143-9b6c-1581-b716-737fe5663db5)/
4 KB
3 KB
XHR
General
Full URL
https://dciconsult.sf-api.com/sf/v3/Shares(sfc72eb10a8144921905dbd61011fd2ee)/Items(fia4a143-9b6c-1581-b716-737fe5663db5)/ProtocolLinks(Web)
Requested by
Host: dciconsult.sharefile.com
URL: https://dciconsult.sharefile.com/bundles/index.bdf435ee10b95f848a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d9a7ac3963084acd5cb66ee20bd7e1e904af312b976dbb62ef9786d94ac0af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
0RvL_vXT-zRG3P4nNckBHw
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
20b13c7a-9fbb-4999-ac9a-082a8b44c6a1
date
Thu, 13 May 2021 18:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
a8721af8-7eef-4059-8b84-dc7e17d187d5
correlationid
0RvL_vXT-zRG3P4nNckBHw
vary
Accept-Encoding
content-length
1603
x-xss-protection
1; mode=block
pragma
no-cache
server
Microsoft-IIS/10.0
x-frame-options
DENY
content-language
en
access-control-allow-origin
https://dciconsult.sharefile.com
x-sfapi-requestid
637565127278163555
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
wordviewerframe.aspx
word-view.officeapps.live.com/wv/ Frame 7A07
81 KB
83 KB
Document
General
Full URL
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
322a8263a058be6357ea6d16ae306792f7c0fe27c3cc587d64a1a6429a35dd01
Security Headers
Name Value
Content-Security-Policy font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
word-view.officeapps.live.com
:scheme
https
:path
/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
content-length
1446
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
null
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Fri, 13-Aug-2021 18:25:28 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure PNL1-ARRAffinity=a3b71d71452e7c4ef8fecfc782432fdd5d2758f8421f32671836c9612f82820c;Path=/;Domain=word-view.officeapps.live.com; samesite=none; secure
x-correlationid
43a4696b-d341-40ed-aad1-9de3831b87ab
x-usersessionid
43a4696b-d341-40ed-aad1-9de3831b87ab
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-officefe
AM4PEPF00006A28
x-officeversion
16.0.14111.41002
x-officecluster
PNL1
x-content-type-options
nosniff
content-security-policy
font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
x-officefd
AM4PEPF000068C4
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref
Ref A: 3333111D1AC243BAA7CBABAB49EBD393 Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:28Z
date
Thu, 13 May 2021 18:25:27 GMT
WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/h060CC761C1640608_resources/1033/ Frame 7A07
221 KB
27 KB
Stylesheet
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h060CC761C1640608_resources/1033/WordViewer.css
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
060cc761c164060885ce5f3ba6fefac5e301b38ff37aaebf6ff606b66027c7ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"efd837769f43d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
AM4PEPF00006A08
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
26722
Cache-Control
public,max-age=31536000
Server
Microsoft-IIS/10.0
Last-Modified
Sat, 08 May 2021 00:16:59 GMT
X-OFFICEFD
AM4PEPF000068A0
X-UserSessionId
509d9b25-c6eb-45d6-8158-dda0d534cbb2
Date
Thu, 13 May 2021 18:25:28 GMT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
509d9b25-c6eb-45d6-8158-dda0d534cbb2
Accept-Ranges
bytes
Timing-Allow-Origin
*
MicrosoftAjaxDS.js
c1-word-view-15.cdn.office.net/wv/s/hEC076514833295DE_App_Scripts/ Frame 7A07
105 KB
24 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/hEC076514833295DE_App_Scripts/MicrosoftAjaxDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec076514833295de8c016bdf18fd7867c51d477aacfa8435e2e675f598ebb6bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"5347a2d5f143d71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
DB5PEPF00008415
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
23360
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified
Sat, 08 May 2021 10:06:38 GMT
X-OFFICEFD
DB5PEPF000082D4
X-MSEdge-Ref
Ref A: D528239C326048609B04A900E5B934B8 Ref B: AM3EDGE0522 Ref C: 2021-05-12T07:19:04Z
X-UserSessionId
01b1d8fd-5ee4-4fff-95f9-ee85e1eccf2a
Date
Thu, 13 May 2021 18:25:28 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
01b1d8fd-5ee4-4fff-95f9-ee85e1eccf2a
Accept-Ranges
bytes
Timing-Allow-Origin
*
CommonIntl.js
c1-word-view-15.cdn.office.net/wv/s/h62CF06AB9B096235_App_Scripts/1033/ Frame 7A07
99 KB
23 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h62CF06AB9B096235_App_Scripts/1033/CommonIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
62cf06ab9b096235e9deed08776805d96410aa7415e33853e3cce1e8dafe1515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"bda17d579742d71:0"
X-OfficeCluster
US1C
X-OfficeVersion
16.0.14103.41002
X-OfficeFE
DM3PEPF0001395A
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
22743
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified
Thu, 06 May 2021 16:46:20 GMT
X-OFFICEFD
DM3PEPF00001D4B
X-MSEdge-Ref
Ref A: C8A9315C49944863980DA89FC0FBABA7 Ref B: AM3EDGE0815 Ref C: 2021-05-06T16:46:19Z
X-UserSessionId
12f18f35-609a-483b-bfc0-a9d13f1f1816
Date
Thu, 13 May 2021 18:25:28 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
12f18f35-609a-483b-bfc0-a9d13f1f1816
Accept-Ranges
bytes
Timing-Allow-Origin
*
Compat.js
c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame 7A07
6 KB
2 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"845d5eaa42d71:0"
X-OfficeCluster
US1C
X-OfficeVersion
16.0.14103.41002
X-OfficeFE
DM3PEPF00013956
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
1365
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Thu, 06 May 2021 00:01:07 GMT
X-OFFICEFD
DM3PEPF00008A23
X-MSEdge-Ref
Ref A: 6D7AB33B448A41AEA18AF79E5BC3A405 Ref B: AMS04EDGE0809 Ref C: 2021-05-07T00:32:46Z
X-UserSessionId
b4e39507-eb74-4628-8407-617a90e6bb2b
Date
Thu, 13 May 2021 18:25:28 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
b4e39507-eb74-4628-8407-617a90e6bb2b
Accept-Ranges
bytes
Timing-Allow-Origin
*
WordViewerIntl.js
c1-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/ Frame 7A07
19 KB
5 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/WordViewerIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"647c89e04d47d71:0"
X-OfficeCluster
US3C
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
DM3PEPF000138D2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
4514
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified
Wed, 12 May 2021 16:43:03 GMT
X-OFFICEFD
DM3PEPF000132E1
X-MSEdge-Ref
Ref A: 4109C22ED58B466193BF556D13A86925 Ref B: AM3EDGE0217 Ref C: 2021-05-12T16:43:02Z
X-UserSessionId
50b2ad64-2e26-497d-b5b0-a3510125c600
Date
Thu, 13 May 2021 18:25:28 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
50b2ad64-2e26-497d-b5b0-a3510125c600
Accept-Ranges
bytes
Timing-Allow-Origin
*
word-app-intl.min.js
c1-word-view-15.cdn.office.net/wv/s/h0C5154B5C62807AA_App_Scripts/1033/ Frame 7A07
313 KB
52 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h0C5154B5C62807AA_App_Scripts/1033/word-app-intl.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0c5154b5c62807aa342bcebe4b0057669011984535288cac2d36d94276289dc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"4b45672c41d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14030.41011
X-OfficeFE
AM4PEPF00007290
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
52695
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 04 May 2021 21:28:19 GMT
X-OFFICEFD
AM4PEPF0000601A
X-MSEdge-Ref
Ref A: 23B0BE830F4B4B1989FA59002AE6CABD Ref B: AMS04EDGE0918 Ref C: 2021-05-04T21:28:19Z
X-UserSessionId
6d284083-9074-4f4e-82b0-40c46da52ed5
Date
Thu, 13 May 2021 18:25:28 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
6d284083-9074-4f4e-82b0-40c46da52ed5
Accept-Ranges
bytes
Timing-Allow-Origin
*
WordViewerDS.js
c1-word-view-15.cdn.office.net/wv/s/h4FEC89B750B3BF04_App_Scripts/ Frame 7A07
2 MB
423 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h4FEC89B750B3BF04_App_Scripts/WordViewerDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4fec89b750b3bf0455e814edfb6bdbe0c0af51ff10b57fde25092d2a3207a195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"f7626d14d47d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
AM4PEPF00006FE3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
432306
Cache-Control
public,max-age=31536000
Server
Microsoft-IIS/10.0
Last-Modified
Wed, 12 May 2021 16:42:37 GMT
X-OFFICEFD
AM4PEPF000087E6
X-UserSessionId
d82646ad-4a48-452f-a2a8-983231f2b2a7
Date
Thu, 13 May 2021 18:25:28 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
d82646ad-4a48-452f-a2a8-983231f2b2a7
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
0
387 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14111.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
X-UserSessionId
43a4696b-d341-40ed-aad1-9de3831b87ab
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BY3PEPF0000C936
x-officeversion
16.0.14106.41021
x-officefe
BY3PEPF0000C936
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
d6203d86-d81c-4abe-b4fc-7b7fc45b3afe
x-officecluster
PGTUS1
x-usersessionid
43a4696b-d341-40ed-aad1-9de3831b87ab
date
Thu, 13 May 2021 18:25:27 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 80C6ECEF180249A587F0DAA9D70CA7D5 Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:28Z
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
0
264 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14111.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
X-UserSessionId
43a4696b-d341-40ed-aad1-9de3831b87ab
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":230,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/h060CC761C1640608_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BB19
x-officeversion
16.0.14106.41021
x-officefe
BL6PEPF0000BB19
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid
b86c2044-94b4-4bed-a336-c18036fd82f2
x-officecluster
PGTUS4
x-usersessionid
43a4696b-d341-40ed-aad1-9de3831b87ab
date
Thu, 13 May 2021 18:25:28 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: B7CA9D0FABD5456F98DBB77E44A13E3A Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:28Z
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
1 KB
1 KB
Image
General
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fsfwopionline%2Dec2%2Esharefile%2Ecom%2FWopiServer%2Fwopi%2Ffiles%2Ffia4a143%2D9b6c%2D1581%2Db716%2D737fe5663db5&access_token=ueW3kblUuQMr3v6EpeuraPWS32WH%2FacketRkI6dWakOuk727flXpfP2T496EigNoPlIDsCdxaBqv2xvWQ6E8uJDiUdmH1viBHM4tX6uWeKlyfRJvG0RRFvgIxBr71Pi%2B9oH0awFfb33LDwgnMYa1zZBLR7VwNBsdS6f5LFvHDi%2BfeXMjFlKo6ZMqDhT%2F32pJV12N%2FdJMUcWc3VtEhutpIn%2FVrHArdoRuup%2Fax753F9j0qlsf1yABb4GT%2F046J8h5v9CHFxpgQu07zKLNqbC73MdsRzrqrfNyKdQOl%2FnC91jxvsbCPjGKxIWLtI1jgEAbHOeWmeyPbamiho7ZtrwE4PePlXMdZo01jPYLTxX6d0gnnA7F5kYhg3kqbwUs3GTvzYIVt0Z7kGVpAhSFuQdT1mhfAqHD9%2BEmJbjl5e0Rc3m1ZoyO8SHRBTFxcCN3mkpB7SiUT3ZJU1XcLPrHxSbnDnJwawzpTlAvZaau%2BY6w5tiMNm%2FUT%2B7KDanN9sW5R%2BzBLSKvKytmj1fjj0G%2Fa2nmsvz2JZmqJcOH09rc1HnLGgvH%2BHg4prTSaornyro2R%2FPAScQxEGABHxVrGa2zldckie425clvLRGg0xmpSJVJpWs6F5FR1LAbCeBK4Y9X8ksDgepYz3YkHD5YoNp4XLPAINQID98Kng01ZNj6OJQKcl9%2B8HPzvDplFyZD0cYRWS46QsWKfeK0TqIRxQYJmedOOYbsd%2F0kFqGcBU4TLDfAQntof%2F0NwKrBHHfekCQfaPS6FBwmY2o8cLLxLUi%2BwwEvGS71BzdypGVcgQITpEo1E9ZezeN7bQy%2FuykGziNEOpyY5HwzX%2FiC%2Fr8HCvuDQOomvtU4atA9UOeHM14IpX4J6h8QkOdTph1FamCt8ivDxddLFI6cRNESg9crRA0Xlp1JpQcOgjmE8EC5dkSES%2B0nZfdEWaJnCB0kHx3D%2BF75lkE512eMCtMEC0%2FiTC7cUm%2FPshnZhOfTnoRP7OrtoKq6kFOLeDbx5u74OT%2FgrkQibXLfs3Ht1BFwnk%2BV5xPwvfZssh%2F5CGSgseZK5DSJZHoYz9oPkE8O8loRDc1a5ViXzQs%2BDwjvk1UM2wkYg4TSlvfrZTvXt41YWOAlnfOn6HEYGe4j96FsivTxQFuqwqJ1szZh%2Fyrw7DQtiokYYTbdJPMA55e0hY8IQUEBVzjv7O3kATCwf9LW0y%2FqqSPB%2BzzDIlsWJ4dxyoxHeiKWu7IKRWs8hOL9PlqKowXjAqQlGEKaYuK85unIPXSmWQ4tO3STQMwRx9sGGKMqlDZwmT3XqtCwHDpjy23aXpmCZDmdsq2Q6SfaterBuFKJAsRiUoVBuyxAGdl4WyDfyVdINoB%2FF&access_token_ttl=0&z=18d699be46a87c1be35e11a7897218fa&v=00000000-0000-0000-0000-000000000802&usid=43a4696b-d341-40ed-aad1-9de3831b87ab&splashscreen=1&build=16.0.14111.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14111.41002
x-officefe
AM4PEPF00006A20
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1245
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
729a0523-cd6a-4c81-98ac-918a390e0f75
x-officefd
AM4PEPF000068C5
x-usersessionid
43a4696b-d341-40ed-aad1-9de3831b87ab
date
Thu, 13 May 2021 18:25:31 GMT
x-download-options
noopen
content-type
text/html
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 2A3BA2FED66F4B15A7866DC92CFE1586 Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:29Z
timing-allow-origin
*
expires
-1
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
0
230 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14111.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
X-UserSessionId
43a4696b-d341-40ed-aad1-9de3831b87ab
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":1442,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BY3PEPF0000C93D
x-officeversion
16.0.14106.41021
x-officefe
BY3PEPF0000C93D
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
80f9ed72-88a8-4929-95be-a41c5613eae1
x-officecluster
PGTUS1
x-usersessionid
43a4696b-d341-40ed-aad1-9de3831b87ab
date
Thu, 13 May 2021 18:25:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 9C87723EBA8E47528CD9CAE1DC28F138 Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:29Z
RemoteTelemetry.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
0
424 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h4FEC89B750B3BF04_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
DB5PEPF000082B0
x-officeversion
16.0.14111.41002
x-cache
CONFIG_NOCACHE
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
05e14451-2e63-4448-be55-b9e1670adf45
x-officecluster
PIE1
x-usersessionid
05e14451-2e63-4448-be55-b9e1670adf45
date
Thu, 13 May 2021 18:25:29 GMT
x-download-options
noopen
access-control-allow-origin
https://word-view.officeapps.live.com
cache-control
private
x-msedge-ref
Ref A: B5B78823F4D84768947A20D3C1FE3534 Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:29Z
timing-allow-origin
*
x-officefe
DB5PEPF00008400
sharedheaderplaceholder-icons.woff
c1-word-view-15.cdn.office.net/wv/s/h89EDB66D2A189EF4_App_Scripts/fonts/ Frame 7A07
2 KB
3 KB
Font
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h89EDB66D2A189EF4_App_Scripts/fonts/sharedheaderplaceholder-icons.woff
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
89edb66d2a189ef4ba42857076ec94080a7e07196bd730bd152d20511f62925c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"1720e5479a43d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
AM4PEPF0000C144
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
2472
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified
Fri, 07 May 2021 23:39:54 GMT
X-OFFICEFD
AM4PEPF000068A7
X-MSEdge-Ref
Ref A: 4A8BC30DEA0440738E7E7BE97FF4633A Ref B: AM3EDGE0208 Ref C: 2021-05-08T21:01:36Z
X-UserSessionId
07fd2586-8b96-42ef-bf98-71639fadf5a4
Date
Thu, 13 May 2021 18:25:30 GMT
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-CorrelationId
07fd2586-8b96-42ef-bf98-71639fadf5a4
Accept-Ranges
bytes
Timing-Allow-Origin
*
docdatahandler.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
328 B
783 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fsfwopionline%2Dec2%2Esharefile%2Ecom%2FWopiServer%2Fwopi%2Ffiles%2Ffia4a143%2D9b6c%2D1581%2Db716%2D737fe5663db5&access_token=ueW3kblUuQMr3v6EpeuraPWS32WH%2FacketRkI6dWakOuk727flXpfP2T496EigNoPlIDsCdxaBqv2xvWQ6E8uJDiUdmH1viBHM4tX6uWeKlyfRJvG0RRFvgIxBr71Pi%2B9oH0awFfb33LDwgnMYa1zZBLR7VwNBsdS6f5LFvHDi%2BfeXMjFlKo6ZMqDhT%2F32pJV12N%2FdJMUcWc3VtEhutpIn%2FVrHArdoRuup%2Fax753F9j0qlsf1yABb4GT%2F046J8h5v9CHFxpgQu07zKLNqbC73MdsRzrqrfNyKdQOl%2FnC91jxvsbCPjGKxIWLtI1jgEAbHOeWmeyPbamiho7ZtrwE4PePlXMdZo01jPYLTxX6d0gnnA7F5kYhg3kqbwUs3GTvzYIVt0Z7kGVpAhSFuQdT1mhfAqHD9%2BEmJbjl5e0Rc3m1ZoyO8SHRBTFxcCN3mkpB7SiUT3ZJU1XcLPrHxSbnDnJwawzpTlAvZaau%2BY6w5tiMNm%2FUT%2B7KDanN9sW5R%2BzBLSKvKytmj1fjj0G%2Fa2nmsvz2JZmqJcOH09rc1HnLGgvH%2BHg4prTSaornyro2R%2FPAScQxEGABHxVrGa2zldckie425clvLRGg0xmpSJVJpWs6F5FR1LAbCeBK4Y9X8ksDgepYz3YkHD5YoNp4XLPAINQID98Kng01ZNj6OJQKcl9%2B8HPzvDplFyZD0cYRWS46QsWKfeK0TqIRxQYJmedOOYbsd%2F0kFqGcBU4TLDfAQntof%2F0NwKrBHHfekCQfaPS6FBwmY2o8cLLxLUi%2BwwEvGS71BzdypGVcgQITpEo1E9ZezeN7bQy%2FuykGziNEOpyY5HwzX%2FiC%2Fr8HCvuDQOomvtU4atA9UOeHM14IpX4J6h8QkOdTph1FamCt8ivDxddLFI6cRNESg9crRA0Xlp1JpQcOgjmE8EC5dkSES%2B0nZfdEWaJnCB0kHx3D%2BF75lkE512eMCtMEC0%2FiTC7cUm%2FPshnZhOfTnoRP7OrtoKq6kFOLeDbx5u74OT%2FgrkQibXLfs3Ht1BFwnk%2BV5xPwvfZssh%2F5CGSgseZK5DSJZHoYz9oPkE8O8loRDc1a5ViXzQs%2BDwjvk1UM2wkYg4TSlvfrZTvXt41YWOAlnfOn6HEYGe4j96FsivTxQFuqwqJ1szZh%2Fyrw7DQtiokYYTbdJPMA55e0hY8IQUEBVzjv7O3kATCwf9LW0y%2FqqSPB%2BzzDIlsWJ4dxyoxHeiKWu7IKRWs8hOL9PlqKowXjAqQlGEKaYuK85unIPXSmWQ4tO3STQMwRx9sGGKMqlDZwmT3XqtCwHDpjy23aXpmCZDmdsq2Q6SfaterBuFKJAsRiUoVBuyxAGdl4WyDfyVdINoB%2FF&access_token_ttl=0&z=18d699be46a87c1be35e11a7897218fa&type=png&o15=1&ui=en-US
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hEC076514833295DE_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6682e826efe2b0574b6678da7d92db7de99a1abe9a9f05361a2791be6c5bcda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00006A28
X-UserSessionId
43a4696b-d341-40ed-aad1-9de3831b87ab
X-OfficeVersion
16.0.14111.41002
X-Key
CkJl6PRb21kud3xgzyN6xC0f20CUAwIzlgqPXic7BYk=,637565271284734732
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14111.41002
x-officefe
AM4PEPF00006A11
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
378
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
55206ae5-694b-479b-8c54-3cf0d9c6631e
x-officefd
AM4PEPF0000840D
x-usersessionid
43a4696b-d341-40ed-aad1-9de3831b87ab
date
Thu, 13 May 2021 18:25:31 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: ACEB6CFB1CAE4EDDBA340C532C880374 Ref B: AM3EDGE0420 Ref C: 2021-05-13T18:25:30Z
timing-allow-origin
*
expires
-1
wacairspaceanimationlibrary.js
c1-word-view-15.cdn.office.net/wv/s/161411141002_App_Scripts/ Frame 7A07
40 KB
7 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161411141002_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h4FEC89B750B3BF04_App_Scripts/WordViewerDS.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"5dabfd24d47d71:0"
X-OfficeCluster
US1C
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
DM3PEPF00013966
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
5997
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Wed, 12 May 2021 16:42:40 GMT
X-OFFICEFD
DM3PEPF00001D49
X-MSEdge-Ref
Ref A: ECCBB15796514262907E4B3FFA01ADA8 Ref B: AMS04EDGE0209 Ref C: 2021-05-12T16:42:40Z
X-UserSessionId
aed6151d-fca8-4e6c-acdf-1f02018e7f08
Date
Thu, 13 May 2021 18:25:30 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
aed6151d-fca8-4e6c-acdf-1f02018e7f08
Accept-Ranges
bytes
Timing-Allow-Origin
*
segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/h060CC761C1640608_resources/1033/ Frame 7A07
22 KB
23 KB
Font
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/h060CC761C1640608_resources/1033/segoeui.woff
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h060CC761C1640608_resources/1033/WordViewer.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://word-view.officeapps.live.com
Referer
https://c1-word-view-15.cdn.office.net/wv/s/h060CC761C1640608_resources/1033/WordViewer.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"19d4b04d3846d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14106.41012
X-OfficeFE
AM4PEPF0000C14C
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
22720
Cache-Control
public,max-age=31536000
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 11 May 2021 07:36:06 GMT
X-OFFICEFD
AM4PEPF000068CA
X-UserSessionId
339013d8-f4d1-40ac-90b8-2010826cda6c
Date
Thu, 13 May 2021 18:25:30 GMT
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-CorrelationId
339013d8-f4d1-40ac-90b8-2010826cda6c
Accept-Ranges
bytes
Timing-Allow-Origin
*
a4d49971-1944-40a4-acec-c2412314ec76
https://word-view.officeapps.live.com/ Frame 7A07
224 B
0
Other
General
Full URL
blob:https://word-view.officeapps.live.com/a4d49971-1944-40a4-acec-c2412314ec76
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sfwopionline-ec2.sharefile.com/WopiServer/wopi/files/fia4a143-9b6c-1581-b716-737fe5663db5&IsLicensedUser=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
224
Content-Type
application/javascript
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
0
0

docdatahandler.ashx
word-view.officeapps.live.com/wv/ Frame 7A07
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
word-view.officeapps.live.com
URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fsfwopionline%2Dec2%2Esharefile%2Ecom%2FWopiServer%2Fwopi%2Ffiles%2Ffia4a143%2D9b6c%2D1581%2Db716%2D737fe5663db5&access_token=ueW3kblUuQMr3v6EpeuraPWS32WH%2FacketRkI6dWakOuk727flXpfP2T496EigNoPlIDsCdxaBqv2xvWQ6E8uJDiUdmH1viBHM4tX6uWeKlyfRJvG0RRFvgIxBr71Pi%2B9oH0awFfb33LDwgnMYa1zZBLR7VwNBsdS6f5LFvHDi%2BfeXMjFlKo6ZMqDhT%2F32pJV12N%2FdJMUcWc3VtEhutpIn%2FVrHArdoRuup%2Fax753F9j0qlsf1yABb4GT%2F046J8h5v9CHFxpgQu07zKLNqbC73MdsRzrqrfNyKdQOl%2FnC91jxvsbCPjGKxIWLtI1jgEAbHOeWmeyPbamiho7ZtrwE4PePlXMdZo01jPYLTxX6d0gnnA7F5kYhg3kqbwUs3GTvzYIVt0Z7kGVpAhSFuQdT1mhfAqHD9%2BEmJbjl5e0Rc3m1ZoyO8SHRBTFxcCN3mkpB7SiUT3ZJU1XcLPrHxSbnDnJwawzpTlAvZaau%2BY6w5tiMNm%2FUT%2B7KDanN9sW5R%2BzBLSKvKytmj1fjj0G%2Fa2nmsvz2JZmqJcOH09rc1HnLGgvH%2BHg4prTSaornyro2R%2FPAScQxEGABHxVrGa2zldckie425clvLRGg0xmpSJVJpWs6F5FR1LAbCeBK4Y9X8ksDgepYz3YkHD5YoNp4XLPAINQID98Kng01ZNj6OJQKcl9%2B8HPzvDplFyZD0cYRWS46QsWKfeK0TqIRxQYJmedOOYbsd%2F0kFqGcBU4TLDfAQntof%2F0NwKrBHHfekCQfaPS6FBwmY2o8cLLxLUi%2BwwEvGS71BzdypGVcgQITpEo1E9ZezeN7bQy%2FuykGziNEOpyY5HwzX%2FiC%2Fr8HCvuDQOomvtU4atA9UOeHM14IpX4J6h8QkOdTph1FamCt8ivDxddLFI6cRNESg9crRA0Xlp1JpQcOgjmE8EC5dkSES%2B0nZfdEWaJnCB0kHx3D%2BF75lkE512eMCtMEC0%2FiTC7cUm%2FPshnZhOfTnoRP7OrtoKq6kFOLeDbx5u74OT%2FgrkQibXLfs3Ht1BFwnk%2BV5xPwvfZssh%2F5CGSgseZK5DSJZHoYz9oPkE8O8loRDc1a5ViXzQs%2BDwjvk1UM2wkYg4TSlvfrZTvXt41YWOAlnfOn6HEYGe4j96FsivTxQFuqwqJ1szZh%2Fyrw7DQtiokYYTbdJPMA55e0hY8IQUEBVzjv7O3kATCwf9LW0y%2FqqSPB%2BzzDIlsWJ4dxyoxHeiKWu7IKRWs8hOL9PlqKowXjAqQlGEKaYuK85unIPXSmWQ4tO3STQMwRx9sGGKMqlDZwmT3XqtCwHDpjy23aXpmCZDmdsq2Q6SfaterBuFKJAsRiUoVBuyxAGdl4WyDfyVdINoB%2FF&access_token_ttl=0&z=18d699be46a87c1be35e11a7897218fa&v=00000000-0000-0000-0000-000000000802&usid=43a4696b-d341-40ed-aad1-9de3831b87ab&splashscreen=1&build=16.0.14111.41002&waccluster=PNL1
Domain
word-view.officeapps.live.com
URL
https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fsfwopionline%2Dec2%2Esharefile%2Ecom%2FWopiServer%2Fwopi%2Ffiles%2Ffia4a143%2D9b6c%2D1581%2Db716%2D737fe5663db5&access_token=ueW3kblUuQMr3v6EpeuraPWS32WH%2FacketRkI6dWakOuk727flXpfP2T496EigNoPlIDsCdxaBqv2xvWQ6E8uJDiUdmH1viBHM4tX6uWeKlyfRJvG0RRFvgIxBr71Pi%2B9oH0awFfb33LDwgnMYa1zZBLR7VwNBsdS6f5LFvHDi%2BfeXMjFlKo6ZMqDhT%2F32pJV12N%2FdJMUcWc3VtEhutpIn%2FVrHArdoRuup%2Fax753F9j0qlsf1yABb4GT%2F046J8h5v9CHFxpgQu07zKLNqbC73MdsRzrqrfNyKdQOl%2FnC91jxvsbCPjGKxIWLtI1jgEAbHOeWmeyPbamiho7ZtrwE4PePlXMdZo01jPYLTxX6d0gnnA7F5kYhg3kqbwUs3GTvzYIVt0Z7kGVpAhSFuQdT1mhfAqHD9%2BEmJbjl5e0Rc3m1ZoyO8SHRBTFxcCN3mkpB7SiUT3ZJU1XcLPrHxSbnDnJwawzpTlAvZaau%2BY6w5tiMNm%2FUT%2B7KDanN9sW5R%2BzBLSKvKytmj1fjj0G%2Fa2nmsvz2JZmqJcOH09rc1HnLGgvH%2BHg4prTSaornyro2R%2FPAScQxEGABHxVrGa2zldckie425clvLRGg0xmpSJVJpWs6F5FR1LAbCeBK4Y9X8ksDgepYz3YkHD5YoNp4XLPAINQID98Kng01ZNj6OJQKcl9%2B8HPzvDplFyZD0cYRWS46QsWKfeK0TqIRxQYJmedOOYbsd%2F0kFqGcBU4TLDfAQntof%2F0NwKrBHHfekCQfaPS6FBwmY2o8cLLxLUi%2BwwEvGS71BzdypGVcgQITpEo1E9ZezeN7bQy%2FuykGziNEOpyY5HwzX%2FiC%2Fr8HCvuDQOomvtU4atA9UOeHM14IpX4J6h8QkOdTph1FamCt8ivDxddLFI6cRNESg9crRA0Xlp1JpQcOgjmE8EC5dkSES%2B0nZfdEWaJnCB0kHx3D%2BF75lkE512eMCtMEC0%2FiTC7cUm%2FPshnZhOfTnoRP7OrtoKq6kFOLeDbx5u74OT%2FgrkQibXLfs3Ht1BFwnk%2BV5xPwvfZssh%2F5CGSgseZK5DSJZHoYz9oPkE8O8loRDc1a5ViXzQs%2BDwjvk1UM2wkYg4TSlvfrZTvXt41YWOAlnfOn6HEYGe4j96FsivTxQFuqwqJ1szZh%2Fyrw7DQtiokYYTbdJPMA55e0hY8IQUEBVzjv7O3kATCwf9LW0y%2FqqSPB%2BzzDIlsWJ4dxyoxHeiKWu7IKRWs8hOL9PlqKowXjAqQlGEKaYuK85unIPXSmWQ4tO3STQMwRx9sGGKMqlDZwmT3XqtCwHDpjy23aXpmCZDmdsq2Q6SfaterBuFKJAsRiUoVBuyxAGdl4WyDfyVdINoB%2FF&access_token_ttl=0&z=18d699be46a87c1be35e11a7897218fa&type=png&o15=1&ui=en-US

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| pendoModel object| returnExports object| ES6 object| webpackJsonp object| regeneratorRuntime function| Directory object| __core-js_shared__ function| _ object| pendo object| cedexis object| closure_lm_461437

5 Cookies

Domain/Path Name / Value
dciconsult.sharefile.com/ Name: AWSALBTGCORS
Value: U0PQ4JrtqUPwYVpfoLKfIi0Ru2SS14JTBSZYH/HuSrZH/65kxESaYI1wP/Aw0uDDREi9YA88s4brR/UmNtkPyjvHxKcmzvUwoeW/woRzLrTOAT5ZEM6K1RW2Qd3Oh2j3R+IwG7dwcE6Wga4M3IHgzHMQ+JFg5sQ9CPk5uvCA1jG0
dciconsult.sharefile.com/ Name: AWSALBCORS
Value: DBwQdbldkDwZHtlAZpD5defrP9YOBm+7kZSRkcI9lgV/np/Jm8v+ipcrfRJhNPSsj8MaI24McueoYQfDTEg8QQRg4MaRhP9wA3mMcVM0X3R7NpD+xRF++uBr3obA
dciconsult.sharefile.com/ Name: AWSALBTG
Value: U0PQ4JrtqUPwYVpfoLKfIi0Ru2SS14JTBSZYH/HuSrZH/65kxESaYI1wP/Aw0uDDREi9YA88s4brR/UmNtkPyjvHxKcmzvUwoeW/woRzLrTOAT5ZEM6K1RW2Qd3Oh2j3R+IwG7dwcE6Wga4M3IHgzHMQ+JFg5sQ9CPk5uvCA1jG0
dciconsult.sharefile.com/ Name: AWSALB
Value: DBwQdbldkDwZHtlAZpD5defrP9YOBm+7kZSRkcI9lgV/np/Jm8v+ipcrfRJhNPSsj8MaI24McueoYQfDTEg8QQRg4MaRhP9wA3mMcVM0X3R7NpD+xRF++uBr3obA
dciconsult.sharefile.com/ Name: ASP.NET_SessionId
Value: kxgfg2so3lqu3abpz5kcv44i

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-Yul0Ip5rkNNokM02L3/SCA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
c1-word-view-15.cdn.office.net
cdn.pendo.io
citrix-sharefile-content.customer.pendo.io
citrix-sharefile-data.customer.pendo.io
dciconsult.sf-api.com
dciconsult.sharefile.com
events.launchdarkly.com
i2-mnjpjjwtngcnhejjldcrcnsgdxgzpx.init.cedexis-radar.net
pendo-static-5352587489443840.storage.googleapis.com
radar.cedexis.com
rpt.cedexis.com
sf-cv.sharefile.com
word-view.officeapps.live.com
word-view.officeapps.live.com
104.225.98.131
13.224.95.84
13.248.193.251
151.101.14.217
2001:4860:4802:32::34
2607:f740:e619::1
2620:1ec:a92::171
2a00:1450:4001:82f::2010
2a02:26f0:6c00:292::4b36
34.107.168.21
34.198.115.132
35.241.57.45
76.223.1.166
010e18556f7064e3244d493d5eddf1fbf3232fa116eccc245993589c7d5e6175
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
060cc761c164060885ce5f3ba6fefac5e301b38ff37aaebf6ff606b66027c7ff
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
0c5154b5c62807aa342bcebe4b0057669011984535288cac2d36d94276289dc7
137c2e19f0877de1cd909e272cc94a4b0d82e7d13f86735b8186663d2464ca59
14455b7e075723efdb29c8dd18e2cce60da123a904104ed97a22a9d22164a1bb
16f13ee9792884c51cb4202d76f8e07cdb555248142ad2fc6d436b3145132005
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
18bb515a611b1aa19cc5520f9016f6ca2bde7005e190cefab802b1b30610ace5
1c8545f8b1db49dcdb791c6d3342ee5e2517ca3fea897411b0bf1a96d3aa9323
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2640bd9724ef2a00d4f8c0b5a0f1cd24db69640ff9ced6f815faa591d601bfe9
27b1c336fe632e91087181d1cb2086d23e4257b8874571ac648f4535126c8e86
2fc2ac72f4d63a038ca248de81b16a9edae98d2a0cb115a19ce8e6618b0490dc
322a8263a058be6357ea6d16ae306792f7c0fe27c3cc587d64a1a6429a35dd01
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
462f94877de43e7825105a2661ea64de287e77d84ff0818ee36464ea1475cdb8
49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2
4b19c4e9fdd167783f807fcf881f4eda630971f024b6b398de463f2214396457
4c4fcaf89fa96b21fe47ebcc692f8b6aa5214367e10596cfa34bdb8d9d8de6c5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fec89b750b3bf0455e814edfb6bdbe0c0af51ff10b57fde25092d2a3207a195
5c130885d361523224c0e386b147947d832cf63057a797c9d366eaa3e31ee66e
62cf06ab9b096235e9deed08776805d96410aa7415e33853e3cce1e8dafe1515
6682e826efe2b0574b6678da7d92db7de99a1abe9a9f05361a2791be6c5bcda7
777cabe7a9b125a171350204d74c5ec866a9c182cc5f885ee508227c970bb939
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
7e8fcbab0319baba8a2a9840b95dbe61cb000c78b648ddb7a8d9460b7e97fd85
856af3e1b2e72568276213ca230dc282db705102c7925c18c508c02c130ba3c2
89edb66d2a189ef4ba42857076ec94080a7e07196bd730bd152d20511f62925c
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8dc2d4e78fa4e1f268d5b767cdc47f64f26d9283c66e6ce6bdbe49c503243561
9679cb942dac913bcd8ba0f6003a09327cfab83649f6604a186766227760e8f7
aa83432528815b53055d1399e5d70260b897e5ce07b0cd22ad09866ae616e3ae
aafabb23a1d8f6cc94b8b6d3b94ccd3f2dd238baeb23c06176a9755cd3ed35f0
b2a503b33caf1d03d9295934270f0c36dc9350dd254fde97b722adb5e36b79a6
bd4d5f23336beb3b603af3bcaedb1944361755757ad50616d83d9147ba4cf56d
c77b4eb93a3daac674e63f13822b78eeb305abf14eb0d62ec0b35cbad5ee3493
c7a223f313a93650f20c22f7ccc5658983c1d43184bc323e0c9867e2326d572b
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b
d2fc51019df30fa168879139f74017a80fb43fff46c54718f68f334c7b40aef9
d40329443c7a663268c8237320a1e3e0c10c377eef600405d7648b38310dd313
d9a7ac3963084acd5cb66ee20bd7e1e904af312b976dbb62ef9786d94ac0af44
da4ef01d3a549b64647530e0129fcde5923de2bce6f465d657a5a2ec345f638a
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de9f1f38aab20c68fe0616ebb05e95a83450a30e93ea3d59dce6fbd35e3dbd17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c1e97b91291ac4bfefb2fd726f832cdce4a491063c09ac26d843ea1bfcd77e
eaaeed609327c4ba82db5346f9a5985bd76b33c28e91d1767c36171fe369d961
ec076514833295de8c016bdf18fd7867c51d477aacfa8435e2e675f598ebb6bc
ecc37e01ea37e3b466592107b3d727fe4a0b4d0bbdca98a65016c41192218396
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25d3521d48404087e17ffa730b3b308ebf3a59cc5bc1f5b7e02286947ce4e90
f8d028e666b7c92c6e1ad068efc988bbfc1a8450a4b3603dc37eb21fbfc15c6c
fe4c136f89c394636b998f1e239c5758564dc25bd1f2cf43f08bf8e703df5555