![](/screenshots/07c5c5fc-7bfd-44ec-8b30-f4fc5173d923.png)
berkeley-group.sharefile.eu
Open in
urlscan Pro
13.248.181.201
Public Scan
Effective URL: https://berkeley-group.sharefile.eu/Authentication/Login
Submission: On December 19 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by Amazon on October 16th 2022. Valid for: a year.
This is the only time berkeley-group.sharefile.eu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 18.119.83.41 18.119.83.41 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2600:9000:205... 2600:9000:2057:fa00:c:771f:ad80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:400d:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:205... 2600:9000:2057:4000:1f:aa31:7740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 76.223.1.166 76.223.1.166 | () () | |
1 | 13.248.181.201 13.248.181.201 | () () | |
16 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-83-41.us-east-2.compute.amazonaws.com
citrixworkflows.sharefile.com |
ASN16509 (AMAZON-02, US)
d17f4e1i5rb5bq.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
d17f4e1i5rb5bq.cloudfront.net |
5 MB |
3 |
sharefile.com
1 redirects
citrixworkflows.sharefile.com — Cisco Umbrella Rank: 524467 berkeley-group.sharefile.com |
6 KB |
1 |
sharefile.eu
berkeley-group.sharefile.eu |
|
1 |
pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 828 |
135 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
869 B |
16 | 5 |
Domain | Requested by | |
---|---|---|
7 | d17f4e1i5rb5bq.cloudfront.net |
citrixworkflows.sharefile.com
d17f4e1i5rb5bq.cloudfront.net |
2 | citrixworkflows.sharefile.com |
d17f4e1i5rb5bq.cloudfront.net
|
1 | berkeley-group.sharefile.eu |
d17f4e1i5rb5bq.cloudfront.net
berkeley-group.sharefile.eu |
1 | berkeley-group.sharefile.com | 1 redirects |
1 | cdn.pendo.io |
citrixworkflows.sharefile.com
|
1 | fonts.googleapis.com |
citrixworkflows.sharefile.com
|
16 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
citrixworkflows.sharefile.com Amazon |
2022-09-10 - 2023-10-09 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
cdn.pendo.io Amazon |
2022-07-30 - 2023-08-28 |
a year | crt.sh |
*.sharefile.eu Amazon |
2022-10-16 - 2023-11-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://berkeley-group.sharefile.eu/Authentication/Login
Frame ID: 8A484A6A600AE1605113C9F2636BB080
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/07c5c5fc-7bfd-44ec-8b30-f4fc5173d923.png)
Page URL History Show full URLs
- https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5 Page URL
-
https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=http...
HTTP 301
https://berkeley-group.sharefile.eu/Authentication/Login Page URL
Detected technologies
![](/vendor/wappa/icons/Ruby on Rails.png)
Detected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://citrixworkflows.sharefile.com/feedback-workflow/67a3c399-f184-4b61-a33e-6dfddb2d1bd5 Page URL
-
https://berkeley-group.sharefile.com/oauth/authorize?client_id=5DCuyjYt2Y56QPOcKQB697rYnkxFnG6l&redirect_uri=https%3A%2F%2Fcitrixworkflows.sharefile.com%2Fsharefile-callback&response_type=code&state=94d07dfd-0322-42f8-bcd6-072afeb23717&subdomain=Berkeley-Group
HTTP 301
https://berkeley-group.sharefile.eu/Authentication/Login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
67a3c399-f184-4b61-a33e-6dfddb2d1bd5
citrixworkflows.sharefile.com/feedback-workflow/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-0dab0c9575b30c7766d2a039b88cd0d4.css
d17f4e1i5rb5bq.cloudfront.net/assets/ |
104 KB 104 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ember-workflows-8614861cfc5b2a2f8b75fe270c0eed8b.css
d17f4e1i5rb5bq.cloudfront.net/assets/ |
453 KB 454 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 869 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-eb420ed2f95222ccdc016abddc2efa7d.js
d17f4e1i5rb5bq.cloudfront.net/assets/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ember-workflows-6e3497f91d7f729de8954c40c51f2cdb.js
d17f4e1i5rb5bq.cloudfront.net/assets/ |
892 KB 893 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ |
407 KB 135 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CitrixSans-Regular-58238858892db48030c012a757eb17d2.woff
d17f4e1i5rb5bq.cloudfront.net/assets/fonts/ |
26 KB 26 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assetMap-8ae09434020a0661e0e70670f3415094.json
d17f4e1i5rb5bq.cloudfront.net/assets/ |
17 KB 18 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assetMap-8ae09434020a0661e0e70670f3415094.json
d17f4e1i5rb5bq.cloudfront.net/assets/ |
17 KB 18 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorize_url
citrixworkflows.sharefile.com/api/ |
300 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Login
berkeley-group.sharefile.eu/Authentication/ Redirect Chain
|
6 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
custom.css
berkeley-group.sharefile.eu/cache/sha/_Auth/Styles/custom/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
errorhandler.js
berkeley-group.sharefile.eu/_Auth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
webpop
berkeley-group.sharefile.eu/cache/sha/javascript/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
webpoprequireconfig
berkeley-group.sharefile.eu/cache/sha/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- berkeley-group.sharefile.eu
- URL
- https://berkeley-group.sharefile.eu/cache/sha/_Auth/Styles/custom/custom.css?v=ZC0BVhI7Qxs47G2JW4vi0SxBtisQu-WAg_oh7pyFSqQ1
- Domain
- berkeley-group.sharefile.eu
- URL
- https://berkeley-group.sharefile.eu/_Auth/errorhandler.js
- Domain
- berkeley-group.sharefile.eu
- URL
- https://berkeley-group.sharefile.eu/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
- Domain
- berkeley-group.sharefile.eu
- URL
- https://berkeley-group.sharefile.eu/cache/sha/bundles/webpoprequireconfig?v=bK5vc0SGuMCooCbaNCCWeoGfyYtFXizRkCpDE0iiGis1
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
citrixworkflows.sharefile.com/ | Name: _session_id Value: c948df2df5961aef9ec70787c59b497c |
|
citrixworkflows.sharefile.com/ | Name: ember_simple_auth-session Value: %7B%22attempted_transition_url%22%3A%22https%3A%2F%2Fcitrixworkflows.sharefile.com%2Ffeedback-workflow%2F67a3c399-f184-4b61-a33e-6dfddb2d1bd5%22%2C%22authenticated%22%3A%7B%7D%7D |
|
.sharefile.com/ | Name: state Value: 94d07dfd-0322-42f8-bcd6-072afeb23717 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src https: 'self'; child-src 'self'; connect-src *; font-src 'self' data: fonts.gstatic.com d17f4e1i5rb5bq.cloudfront.net; form-action 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; frame-ancestors 'none'; img-src 'self' blob: data: d17f4e1i5rb5bq.cloudfront.net *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com sharefile-workflows-development.s3.amazonaws.com sharefile-workflows-test.s3.amazonaws.com sharefile-workflows-staging.s3.amazonaws.com sharefile-workflows-production.s3.amazonaws.com pendo-static-5352587489443840.storage.googleapis.com *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; media-src 'self' *.sharefile.com *.sharefiletest.com *.sharefilestaging.com *.sharefiledemo.com *.sharefile.eu *.sharefiletest.eu *.sharefilestaging.eu *.sharefiledemo.eu; object-src 'self' d17f4e1i5rb5bq.cloudfront.net; plugin-types application/x-shockwave-flash image/svg+xml; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pendo.io pendo-io-static.storage.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' *.pendo.io pendo-io-static.storage.googleapis.com fonts.googleapis.com d17f4e1i5rb5bq.cloudfront.net pendo-static-5352587489443840.storage.googleapis.com; report-uri api/csp_violation/report |
Strict-Transport-Security | max-age=631138519 |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
berkeley-group.sharefile.com
berkeley-group.sharefile.eu
cdn.pendo.io
citrixworkflows.sharefile.com
d17f4e1i5rb5bq.cloudfront.net
fonts.googleapis.com
berkeley-group.sharefile.eu
13.248.181.201
18.119.83.41
2600:9000:2057:4000:1f:aa31:7740:93a1
2600:9000:2057:fa00:c:771f:ad80:21
2a00:1450:400d:808::200a
76.223.1.166
07c5fc0eed34853db70f1d1b4460415cfe1a9002d0de4cf3dd439312a97da250
8e1192936a3a5931d2d1f3fe44304c81fba0641d50cc8f0249ad9b0b80ec1aaa
ac44436172c0b214967edeaf909cb7a289fd5850a9f363d91cf8a03699879239
d4944b5a5e746fd2a29fe6218f565cb35e1a508e8217b06f0bc9dbc7312444a3
d7969cf6f0a070be9665cbd1c9a96898bfdb15bec341af38d62893a677f623a8
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f