berkeley-group.sharefile.eu Open in urlscan Pro
13.248.181.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5
Effective URL:
https://berkeley-group.sharefile.eu/Authentication/Login
Submission: On December 19 via manual (December 19th 2022, 1:38:01 pm UTC) from GB — Scanned from GB

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 13.248.181.201, located in and belongs to . The main domain is berkeley-group.sharefile.eu.
TLS certificate: Issued by Amazon on October 16th 2022. Valid for: a year.

This is the only time berkeley-group.sharefile.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	18.119.83.41 18.119.83.41	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:205... 2600:9000:2057:fa00:c:771f:ad80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:4000:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	76.223.1.166 76.223.1.166	() ()
1	13.248.181.201 13.248.181.201	() ()
16	6

2 18.119.83.41 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-83-41.us-east-2.compute.amazonaws.com

citrixworkflows.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2057:fa00:c:771f:ad80:21 (United States)

ASN16509 (AMAZON-02, US)

d17f4e1i5rb5bq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4000:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.1.166 (None, ) 1 redirects

ASN- ()

berkeley-group.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.181.201 (None, )

ASN- ()

berkeley-group.sharefile.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net d17f4e1i5rb5bq.cloudfront.net	5 MB
3	sharefile.com 1 redirects citrixworkflows.sharefile.com — Cisco Umbrella Rank: 524467 berkeley-group.sharefile.com	6 KB
1	sharefile.eu berkeley-group.sharefile.eu
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 828	135 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	869 B
16	5

	Domain	Requested by
7	d17f4e1i5rb5bq.cloudfront.net	citrixworkflows.sharefile.com d17f4e1i5rb5bq.cloudfront.net
2	citrixworkflows.sharefile.com	d17f4e1i5rb5bq.cloudfront.net
1	berkeley-group.sharefile.eu	d17f4e1i5rb5bq.cloudfront.net berkeley-group.sharefile.eu
1	berkeley-group.sharefile.com	1 redirects
1	cdn.pendo.io	citrixworkflows.sharefile.com
1	fonts.googleapis.com	citrixworkflows.sharefile.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
citrixworkflows.sharefile.com Amazon	`2022-09-10` - `2023-10-09`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
*.sharefile.eu Amazon	`2022-10-16` - `2023-11-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://berkeley-group.sharefile.eu/Authentication/Login
Frame ID: 8A484A6A600AE1605113C9F2636BB080
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5 Page URL
https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=http... HTTP 301
https://berkeley-group.sharefile.eu/Authentication/Login Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Page Statistics

16
Requests

75 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

5163 kB
Transfer

5430 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5 Page URL
https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&state=94d07dfd-0322-42f8-bcd6-072afeb23717&subdomain=Berkeley-Group HTTP 301
https://berkeley-group.sharefile.eu/Authentication/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 67a3c399-f184-4b61-a33e-6dfddb2d1bd5 Show response
citrixworkflows.sharefile.com/feedback-workflow/ 3 KB
3 KB 427ms
137ms Document
text/html 18.119.83.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.83.41 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-83-41.us-east-2.compute.amazonaws.com

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10

Resource Hash

d7969cf6f0a070be9665cbd1c9a96898bfdb15bec341af38d62893a677f623a8

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; child-src 'self'; connect-src ; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; media-src 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' .pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 13:37:50 GMT
etag: W/"d7969cf6f0a070be9665cbd1c9a96898"
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.10
status: 200 OK
strict-transport-security: max-age=631138519
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) 6.0.10
x-request-id: df6f17a3-7e44-494b-9820-2057b8cb2eb3
x-xss-protection: 1; mode=block

GET
H2 200 vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
d17f4e1i5rb5bq.cloudfront.net/assets/ 104 KB
104 KB 203ms
63ms Stylesheet
text/css 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4944b5a5e746fd2a29fe6218f565cb35e1a508e8217b06f0bc9dbc7312444a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 04:25:05 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Thu, 09 Sep 2021 14:15:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 33166
etag: "a1641098e53c453003aa46b937c8a8f7"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31556952
accept-ranges: bytes
content-length: 106313
x-amz-cf-id: dYT0QcOGLUIwn347MgV9q4fvBumntjcP7vA5xve1CK80GGIXmJ_T_A==

GET
H2 200 ember-workflows-8614861cfc5b2a2f8b75fe270c0eed8b.css
d17f4e1i5rb5bq.cloudfront.net/assets/ 453 KB
454 KB 310ms
170ms Stylesheet
text/css 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-8614861cfc5b2a2f8b75fe270c0eed8b.css
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e1192936a3a5931d2d1f3fe44304c81fba0641d50cc8f0249ad9b0b80ec1aaa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:25:18 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 10:11:25 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-2:623976028815:key/7c81cfe2-b281-4339-893e-eafcf7ff325c
x-amz-cf-pop: FRA6-C1
age: 15243
x-amz-server-side-encryption: aws:kms
etag: "c67bdb21abebf758362995e7dddcd351"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31556952
accept-ranges: bytes
content-length: 464290
x-amz-cf-id: j-XsyjFIAxvEbhd3fdKckpFojHSV-IfDBdJ5dIjnsIFC9hPi6hDFaw==

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 260ms
94ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 13:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 13:37:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 13:37:50 GMT

GET
H2 200 vendor-eb420ed2f95222ccdc016abddc2efa7d.js Show response
d17f4e1i5rb5bq.cloudfront.net/assets/ 3 MB
3 MB 442ms
302ms Script
application/javascript 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07c5fc0eed34853db70f1d1b4460415cfe1a9002d0de4cf3dd439312a97da250

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 04:25:05 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Wed, 04 May 2022 09:12:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 33166
etag: "079a819c9caacaf3ab98c1e8657177bd"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556952
accept-ranges: bytes
content-length: 3587732
x-amz-cf-id: leB1i8hGs5n7twiEiSECuJ8M56Fgga6sR07jLSrYAO5y9PsvgrrT7w==

GET
H2 200 ember-workflows-6e3497f91d7f729de8954c40c51f2cdb.js Show response
d17f4e1i5rb5bq.cloudfront.net/assets/ 892 KB
893 KB 394ms
255ms Script
application/javascript 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-6e3497f91d7f729de8954c40c51f2cdb.js
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac44436172c0b214967edeaf909cb7a289fd5850a9f363d91cf8a03699879239

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 04:25:06 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 10:11:25 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-2:623976028815:key/7c81cfe2-b281-4339-893e-eafcf7ff325c
x-amz-cf-pop: FRA6-C1
age: 33165
x-amz-server-side-encryption: aws:kms
etag: "c4306ec9ba55ca459c7ae8331a8d3378"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556952
accept-ranges: bytes
content-length: 913369
x-amz-cf-id: f7m0fTAgstkBsUHO0jw3dZmSbj0uG0OMsfnxBVE1A4D4AJJlaoMfVQ==

GET
H2 200 pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 407 KB
135 KB 220ms
67ms Script
application/javascript 2600:9000:2057:4000:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: citrixworkflows.sharefile.com
URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4000:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://citrixworkflows.sharefile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:37:51 GMT
content-encoding: gzip
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 281
x-guploader-uploadid: ADPycdvJDbgfcqCeHu1sNGBMzxbVyZ_wtc20g91Dn2C1JQTgQLqXa6yuwqFKGf-LfBYyHj4fKyVpnvkgs1-Kxw2L2kLiDg
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 137175
last-modified: Thu, 15 Dec 2022 19:11:31 GMT
server: UploadServer
etag: "8070b2af79ab0ede214ba4c4369365e1"
vary: Accept-Encoding
x-goog-generation: 1671131490999795
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=xvyUDA==, md5=gHCyr3mrDt4hS6TENpNl4Q==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 137175
accept-ranges: bytes
x-amz-cf-id: QCYSIgj7eBA2y-8j1XGeR3Kz3XW3MvKT8MytX56LSJQSVODswzuHIw==
expires: Mon, 19 Dec 2022 13:40:40 GMT

GET
H2 200 CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
d17f4e1i5rb5bq.cloudfront.net/assets/fonts/ 26 KB
26 KB 183ms
74ms Font
font/woff 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/fonts/CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
Requested by: Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-8614861cfc5b2a2f8b75fe270c0eed8b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-8614861cfc5b2a2f8b75fe270c0eed8b.css
Origin: https://citrixworkflows.sharefile.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:25:18 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 13848
x-cache: Hit from cloudfront
content-length: 26249
last-modified: Thu, 09 Sep 2021 14:14:57 GMT
server: AmazonS3
etag: "58238858892db48030c012a757eb17d2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31556952
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: qdQ6KaBwgUsm0nv7LVKd31kfJBvTxNllBqcKFHVxbZrPtNf8qd14iQ==

GET
H2 200 assetMap-8ae09434020a0661e0e70670f3415094.json
d17f4e1i5rb5bq.cloudfront.net/assets/ 17 KB
18 KB 180ms
122ms XHR
application/json 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/assetMap-8ae09434020a0661e0e70670f3415094.json
Requested by: Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citrixworkflows.sharefile.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:25:18 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 15243
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 17901
last-modified: Tue, 27 Sep 2022 10:11:25 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-2:623976028815:key/7c81cfe2-b281-4339-893e-eafcf7ff325c
etag: "efee87761cc7f4e50f51020a88b5805d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31556952
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 81Gedx5496aDqeFSS-FsfjjNJefZ3e-kIxDWRUZcW7tpFcQeJ8tWMg==

GET
H2 200 assetMap-8ae09434020a0661e0e70670f3415094.json
d17f4e1i5rb5bq.cloudfront.net/assets/ 17 KB
18 KB 113ms
56ms XHR
application/json 2600:9000:2057:fa00:c:771f:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/assetMap-8ae09434020a0661e0e70670f3415094.json
Requested by: Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:c:771f:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citrixworkflows.sharefile.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:25:18 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 15243
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 17901
last-modified: Tue, 27 Sep 2022 10:11:25 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:us-east-2:623976028815:key/7c81cfe2-b281-4339-893e-eafcf7ff325c
etag: "efee87761cc7f4e50f51020a88b5805d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31556952
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: tVjO-D0FahiT27qkzgYEhAbnGg0LBdcknVwb7Xs0f9elBfGCRBMDrw==

GET
H2 200 authorize_url
citrixworkflows.sharefile.com/api/ 300 B
2 KB 145ms
145ms XHR
application/json 18.119.83.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://citrixworkflows.sharefile.com/api/authorize_url?workflow_id=67a3c399-f184-4b61-a33e-6dfddb2d1bd5

Requested by

Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/vendor-eb420ed2f95222ccdc016abddc2efa7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.83.41 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-83-41.us-east-2.compute.amazonaws.com

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; child-src 'self'; connect-src ; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; media-src 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' .pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citrixworkflows.sharefile.com/
X-Requested-With: XMLHttpRequest
X-CSRF-Token: 8w0+dJWJ1GSShP/ajHiCmI6xnWeDqAiJAuNRerige1+t2M7ZSQ3BvtjnS3iOWqLpTMAXv7fFB64SjNRGpmsO9A==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 13:37:51 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
content-security-policy: default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) 6.0.10
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 692b7a6b-9863-4ed3-b12c-9488b4c2f781
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.10
etag: W/"b1cd5e027688e37eac6782172feedd2a"
x-download-options: noopen
vary: Origin
x-frame-options: sameorigin
content-type: application/json
cache-control: max-age=0, private, must-revalidate

GET
H2

200

Primary Request Login
berkeley-group.sharefile.eu/Authentication/
Redirect Chain

https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&stat...
https://berkeley-group.sharefile.eu/Authentication/Login

6 KB
0

1003ms
850ms

Document
text/html

13.248.181.201

General

Check archive.org

Show headers Download Go to

Full URL

https://berkeley-group.sharefile.eu/Authentication/Login

Requested by

Host: d17f4e1i5rb5bq.cloudfront.net
URL: https://d17f4e1i5rb5bq.cloudfront.net/assets/ember-workflows-6e3497f91d7f729de8954c40c51f2cdb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.181.201 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-kt588sQQ6k7547c8al1neA==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 41806ac2-e555-4666-8a59-51bf74a03f7d
content-encoding: gzip
content-length: 2590
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-kt588sQQ6k7547c8al1neA==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 13:38:01 GMT
expires: 0
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 5f8e8e41-13ce-4b5a-a600-76893ee5d31e
content-length: 173
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 13:38:00 GMT
expires: 0
location: https://berkeley-group.sharefile.eu/Authentication/Login
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET custom.css
berkeley-group.sharefile.eu/cache/sha/_Auth/Styles/custom/ 0
0

GET errorhandler.js
berkeley-group.sharefile.eu/_Auth/ 0
0

GET webpop
berkeley-group.sharefile.eu/cache/sha/javascript/bundles/ 0
0

GET webpoprequireconfig
berkeley-group.sharefile.eu/cache/sha/bundles/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: berkeley-group.sharefile.eu
URL: https://berkeley-group.sharefile.eu/cache/sha/_Auth/Styles/custom/custom.css?v=ZC0BVhI7Qxs47G2JW4vi0SxBtisQu-WAg_oh7pyFSqQ1

Domain: berkeley-group.sharefile.eu
URL: https://berkeley-group.sharefile.eu/_Auth/errorhandler.js

Domain: berkeley-group.sharefile.eu
URL: https://berkeley-group.sharefile.eu/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Domain: berkeley-group.sharefile.eu
URL: https://berkeley-group.sharefile.eu/cache/sha/bundles/webpoprequireconfig?v=bK5vc0SGuMCooCbaNCCWeoGfyYtFXizRkCpDE0iiGis1

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
citrixworkflows.sharefile.com/	1970-01-20 08:17:40	Name: _session_id Value: c948df2df5961aef9ec70787c59b497c
citrixworkflows.sharefile.com/	1969-12-31 23:59:59	Name: ember_simple_auth-session Value: %7B%22attempted_transition_url%22%3A%22https%3A%2F%2Fcitrixworkflows.sharefile.com%2Ffeedback-workflow%2F67a3c399-f184-4b61-a33e-6dfddb2d1bd5%22%2C%22authenticated%22%3A%7B%7D%7D
.sharefile.com/	1970-01-20 08:17:37	Name: state Value: 94d07dfd-0322-42f8-bcd6-072afeb23717

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5 Message: The Content-Security-Policy directive 'plugin-types' has been removed from the specification. If you want to block plugins, consider specifying "object-src 'none'" instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self'; child-src 'self'; connect-src ; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; media-src 'self' .sharefile.com .sharefiletest.com .sharefilestaging.com .sharefiledemo.com .sharefile.eu .sharefiletest.eu .sharefilestaging.eu .sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' .pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' .pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berkeley-group.sharefile.com
berkeley-group.sharefile.eu
cdn.pendo.io
citrixworkflows.sharefile.com
d17f4e1i5rb5bq.cloudfront.net
fonts.googleapis.com
berkeley-group.sharefile.eu
13.248.181.201
18.119.83.41
2600:9000:2057:4000:1f:aa31:7740:93a1
2600:9000:2057:fa00:c:771f:ad80:21
2a00:1450:400d:808::200a
76.223.1.166
07c5fc0eed34853db70f1d1b4460415cfe1a9002d0de4cf3dd439312a97da250
8e1192936a3a5931d2d1f3fe44304c81fba0641d50cc8f0249ad9b0b80ec1aaa
ac44436172c0b214967edeaf909cb7a289fd5850a9f363d91cf8a03699879239
d4944b5a5e746fd2a29fe6218f565cb35e1a508e8217b06f0bc9dbc7312444a3
d7969cf6f0a070be9665cbd1c9a96898bfdb15bec341af38d62893a677f623a8
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

berkeley-group.sharefile.eu Open in urlscan Pro 13.248.181.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

75 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

5163 kBTransfer

5430 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

berkeley-group.sharefile.eu Open in urlscan Pro
13.248.181.201 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

5163 kB
Transfer

5430 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions