Submitted URL: https://gbtpa.sharefile.com/
Effective URL: https://www.gallagherbassett.com/sso/App/Logon
Submission Tags: falconsandbox
Submission: On March 21 via api from US

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 50 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is www.gallagherbassett.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.
This is the only time www.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 52.3.211.188 14618 (AMAZON-AES)
4 151.101.14.217 54113 (FASTLY)
1 2 35.241.57.45 15169 (GOOGLE)
2 13.226.159.15 16509 (AMAZON-02)
10 52.1.177.90 14618 (AMAZON-AES)
1 104.225.98.129 36236 (NETACTUATE)
1 2607:f740:e61... 63911 (NETACTUAT...)
2 151.147.160.186 46342 (AJGCO)
12 45.60.123.80 19551 (INCAPSULA)
2 2a00:1450:400... 15169 (GOOGLE)
50 10
Domain Requested by
17 gbtpa.sharefile.com 2 redirects gbtpa.sharefile.com
12 www.gallagherbassett.com www.gallagherbassett.com
10 gbtpa.sf-api.com gbtpa.sharefile.com
4 app.launchdarkly.com gbtpa.sharefile.com
2 www.google-analytics.com www.gallagherbassett.com
www.google-analytics.com
2 sso.gallagherbassett.com www.gallagherbassett.com
2 cdn.pendo.io gbtpa.sharefile.com
2 radar.cedexis.com 1 redirects gbtpa.sharefile.com
1 rpt.cedexis.com radar.cedexis.com
1 i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net radar.cedexis.com
50 10

This site contains no links.

Subject Issuer Validity Valid
*.sharefile.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-08 -
2022-03-16
a year crt.sh
c3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-03-09 -
2021-04-20
a month crt.sh
radar.cedexis.com
Go Daddy Secure Certificate Authority - G2
2019-06-26 -
2021-08-25
2 years crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA
2019-06-04 -
2021-09-02
2 years crt.sh
*.sf-api.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-17 -
2021-11-21
a year crt.sh
*.init.cedexis-radar.net
Go Daddy Secure Certificate Authority - G2
2019-11-14 -
2022-01-13
2 years crt.sh
sso.gallagherbassett.com
DigiCert SHA2 Secure Server CA
2020-05-05 -
2021-05-31
a year crt.sh
www.gallagherbassett.com
DigiCert SHA2 Secure Server CA
2020-02-24 -
2022-03-10
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.gallagherbassett.com/sso/App/Logon
Frame ID: A84DA0186D0360C614C8B3D18D6A8BD2
Requests: 43 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://gbtpa.sharefile.com/ Page URL
  2. https://gbtpa.sharefile.com/login HTTP 302
    https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=X... HTTP 302
    https://gbtpa.sharefile.com/Authentication/Login Page URL
  3. https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=9... Page URL
  4. https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
  5. https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
  6. https://www.gallagherbassett.com/sso/App/Logon Page URL

Page Statistics

50
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1706 kB
Transfer

5825 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gbtpa.sharefile.com/ Page URL
  2. https://gbtpa.sharefile.com/login HTTP 302
    https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Xgzt8I5Yuc2Ho9eml2Fgmg--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
    https://gbtpa.sharefile.com/Authentication/Login Page URL
  3. https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=9enmm3tlfplXMZToGcykeQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
  4. https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
  5. https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
  6. https://www.gallagherbassett.com/sso/App/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://radar.cedexis.com/1/55156/radar.js HTTP 302
  • https://radar.cedexis.com/1593429750/radar.js
Request Chain 22
  • https://gbtpa.sharefile.com/login HTTP 302
  • https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Xgzt8I5Yuc2Ho9eml2Fgmg--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
  • https://gbtpa.sharefile.com/Authentication/Login

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
gbtpa.sharefile.com/
3 KB
2 KB
Document
General
Full URL
https://gbtpa.sharefile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
5d3c0eee606d78fe60dc44cb73595c5e2c9d65d78b04e07d6e08c55e7deb6dfc
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-WrccWu9wfsmw5wJZK02lkQ==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
9e6cae8e-8128-4121-860d-064ff37a20e9
set-cookie
ASP.NET_SessionId=rddiv2xaooo0dcgwlgp3raam; path=/; secure; HttpOnly; SameSite=None SFWEB_SRVNAME=i-0cdc058a46dad4cba; path=/
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-WrccWu9wfsmw5wJZK02lkQ==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Sun, 21 Mar 2021 06:32:24 GMT
content-length
1289
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
spinner.css
gbtpa.sharefile.com/css/
1 KB
788 B
Stylesheet
General
Full URL
https://gbtpa.sharefile.com/css/spinner.css
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:02:42 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"0854038deed71:0"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
425
x-content-type-options
nosniff
ShimSham
gbtpa.sharefile.com/javascript/bundles/
86 KB
26 KB
Script
General
Full URL
https://gbtpa.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid
e2b37240-dbca-4626-8865-6d569d505a25
date
Sun, 21 Mar 2021 06:32:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Sun, 21 Mar 2021 06:32:25 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
25784
x-content-type-options
nosniff
expires
Mon, 21 Mar 2022 06:32:25 GMT
index.78534fe2a04db73d4257.js
gbtpa.sharefile.com/bundles/
2 MB
557 KB
Script
General
Full URL
https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
16b4183175766ca41c7a7bd667ef9c758c3816cae54bc2015c91c2f8183f9e48
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:24 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:06:38 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"043ebc4deed71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
spinner.svg
gbtpa.sharefile.com/css/
1 KB
1 KB
Image
General
Full URL
https://gbtpa.sharefile.com/css/spinner.svg
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/css/spinner.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/css/spinner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:24 GMT
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:02:42 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"0854038deed71:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/svg+xml
cache-control
max-age=1209600
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1093
x-xss-protection
1; mode=block
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
300
allow
GET, OPTIONS, HEAD
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Sun, 21 Mar 2021 06:32:25 GMT
via
1.1 varnish
x-served-by
cache-fra19143-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1616308346.797935,VS0,VE93
vary
Accept-Encoding
age
0
content-length
23
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
REPORT
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
REPORT, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
allow
REPORT, OPTIONS
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Sun, 21 Mar 2021 06:32:25 GMT
via
1.1 varnish
x-served-by
cache-fra19143-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1616308346.844807,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/
2 B
171 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.18.0
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:25 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
content-length
26
x-served-by
cache-fra19143-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1616308346.919527,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
1
radar.js
radar.cedexis.com/1593429750/
Redirect Chain
  • https://radar.cedexis.com/1/55156/radar.js
  • https://radar.cedexis.com/1593429750/radar.js
44 KB
19 KB
Script
General
Full URL
https://radar.cedexis.com/1593429750/radar.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
45.57.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:25 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:30:29 GMT
server
nginx
etag
W/"5ef9d0d5-af5c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
max-age=1209600, public
alt-svc
clear
expires
Sun, 04 Apr 2021 06:32:25 GMT

Redirect headers

date
Sun, 21 Mar 2021 06:32:25 GMT
via
1.1 google
server
nginx
vary
User-Agent,DNT
content-type
text/html
location
/1593429750/radar.js
cache-control
max-age=600
alt-svc
clear
content-length
154
expires
Sun, 21 Mar 2021 06:42:25 GMT
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/
1 KB
454 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0255f99991321bfd05720b5ff62032a3fc6333b9e0cd2c9fd2b712271d844757

Request headers

Referer
X-LaunchDarkly-User-Agent
JSClient/2.18.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 06:32:25 GMT
content-encoding
gzip
age
0
x-cache
MISS
access-control-max-age
300
x-served-by
cache-fra19143-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1616308346.875147,VS0,VE90
etag
"387ca"
vary
Accept-Encoding, Authorization
access-control-allow-methods
REPORT, OPTIONS
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
5e008d67143b94c744ce.js
gbtpa.sharefile.com/bundles/
17 KB
7 KB
Script
General
Full URL
https://gbtpa.sharefile.com/bundles/5e008d67143b94c744ce.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
5b1ea5e8e2ab7e458a012b91b643ae271cc11190719e06829d658fcfd22813bf
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:25 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:06:38 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"043ebc4deed71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
6704
x-content-type-options
nosniff
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/
385 KB
121 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-15.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
e70c9fe2c57c9cac96696fbc4d4c31eb51536b819c5029c8964a33c82797914f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:32:26 GMT
Content-Encoding
gzip
Content-Type
application/javascript
X-Amz-Cf-Pop
DUS51-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 19 Mar 2021 14:09:02 GMT
Server
UploadServer
ETag
"8a59208f2243156a60d1f2c97503ecaa"
Vary
Accept-Encoding
x-goog-hash
crc32c=ILPtTw==, md5=ilkgjyJDFWpg0fLJdQPsqg==
x-goog-generation
1616162942440997
Via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
123322
Accept-Ranges
bytes
X-GUploader-UploadID
ABg5-UwVrknx8dB0lQ0p0d28RAmUEAGOvI90O2hqQBQ7VfhFpEnVmqZkLjTenRNYSvKokekOtNMj7g_L6qyiy08SFA
X-Amz-Cf-Id
DvcQ9LyHKWMpzfvBrUp_ZbIbAKlFhQZQHODj7RxKUQZJnmVAFNhLUA==
Expires
Sun, 21 Mar 2021 06:39:31 GMT
Branding
gbtpa.sf-api.com/sf/v3/Accounts/
0
0
Preflight
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/Branding
Protocol
H2
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache,no-store
pragma
no-cache
expires
-1
access-control-allow-origin
https://gbtpa.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637518907462298083
citrix-transactionid
b1decf30-cbec-4ee0-ac7f-6484ff7dc482
correlationid
aBv2DCJFUUuXJeTpYGFORQ
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
date
Sun, 21 Mar 2021 06:32:25 GMT
content-length
0
x-sf-server
api_ssl_v3/i-0a38bb7caf4e442c5_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Branding
gbtpa.sf-api.com/sf/v3/Accounts/
4 KB
2 KB
XHR
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/Branding
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
h4rmjHG736YYyNqCf2iz2Q
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
aa216975-cc4d-4833-ae5a-7c2e6034f8d8
date
Sun, 21 Mar 2021 06:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
h4rmjHG736YYyNqCf2iz2Q
vary
Accept-Encoding
content-length
1746
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_ssl_v3/i-0e82db60a23f3062d_us-east-1c
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637518907465693557
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
providers.json
i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net/i2/1/55156/j1/20/122/1616308345/0/0/
3 KB
1 KB
XHR
General
Full URL
https://i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net/i2/1/55156/j1/20/122/1616308345/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.225.98.129 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS
129.98.225.104.ptr.anycast.net
Software
nginx/1.10.3 /
Resource Hash
0769cfe464db9e83c76e8c2c12af036a00a5bc1f2996a4cb7d896740b8087b4a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:32:26 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
1616308345213
rpt.cedexis.com/n1/0/1616308344543/0/0/0/0/1616308344543/1616308344544/1616308344552/1616308344552/1616308344762/1616308344566/1616308344762/1616308345092/1616308345093/1616308345095/1616308345837/...
16 B
283 B
XHR
General
Full URL
https://rpt.cedexis.com/n1/0/1616308344543/0/0/0/0/1616308344543/1616308344544/1616308344552/1616308344552/1616308344762/1616308344566/1616308344762/1616308345092/1616308345093/1616308345095/1616308345837/1616308345837/1616308345837/1616308346135/1616308346135/1616308346136/_CgJqMRAUGHoiBggBEPSuAyj7s5rPCzD50NuCBjj50NuCBkCs-4efAkoPCAMQNRjBdiAAKPODgKAEUJCZtQNaEAgDEDUY7MIBIAAo74OAoARgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBEwgDEBQYsUYg1YCAwAQozoGAoASIAdLMzcAIkAEAmAEA/0/1616308345213
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:32:26 GMT
Server
nginx/1.10.3
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Content-Length
16
Users
gbtpa.sf-api.com/sf/v3/
0
0
Preflight
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone
Protocol
H2
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache,no-store
pragma
no-cache
expires
-1
access-control-allow-origin
https://gbtpa.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637518907467466655
citrix-transactionid
bbecf3e6-0ce3-4553-8655-88d54898535f
correlationid
bEs2Zs3VqE2oW9OsPWIYQQ
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
date
Sun, 21 Mar 2021 06:32:26 GMT
content-length
0
x-sf-server
api_ssl_v3/i-0b21ccd1d6ab59740_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Accounts
gbtpa.sf-api.com/sf/v3/
0
0
Preflight
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams
Protocol
H2
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache,no-store
pragma
no-cache
expires
-1
access-control-allow-origin
https://gbtpa.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637518907467549724
citrix-transactionid
3cc1376f-ae7c-40b8-86bb-47843c7beee9
correlationid
C_NjczHDkEW2SxA8xvzmZQ
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
date
Sun, 21 Mar 2021 06:32:26 GMT
content-length
0
x-sf-server
api_ssl_v3/i-05d77392453ea23d4_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/
0
0
Preflight
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig
Protocol
H2
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache,no-store
pragma
no-cache
expires
-1
access-control-allow-origin
https://gbtpa.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637518907467622156
citrix-transactionid
863efb58-267e-4ffe-aec6-60c78b2977a8
correlationid
ItgAaWpaR0-HG0vILEd8Gw
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
date
Sun, 21 Mar 2021 06:32:26 GMT
content-length
0
x-sf-server
api_ssl_v3/i-0bf9e00b7b9ca3742_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Users
gbtpa.sf-api.com/sf/v3/
118 B
830 B
XHR
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
3jeq5bFfmRu_MqbXyNU1fQ
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
c69f7a1e-a98d-4c4f-b8f7-07b63716ede2
date
Sun, 21 Mar 2021 06:32:26 GMT
www-authenticate
Bearer
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
3jeq5bFfmRu_MqbXyNU1fQ
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_ssl_v3/i-086de96ab4c65dea8_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637518907468783346
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
x-content-type-options
nosniff
expires
-1
Accounts
gbtpa.sf-api.com/sf/v3/
118 B
830 B
XHR
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
WQljQjfCKEusiu5NDEdVwQ
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
ce8b84b5-b91a-4a80-ab76-a51021aeb5c7
date
Sun, 21 Mar 2021 06:32:26 GMT
www-authenticate
Bearer
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
WQljQjfCKEusiu5NDEdVwQ
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_ssl_v3/i-00dd6f3cf751a80d0_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637518907468987254
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
x-content-type-options
nosniff
expires
-1
WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/
118 B
830 B
XHR
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
SSDlDTsi5y8Zfk2UYCF09w
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
70011717-fe4a-48eb-a795-15b8da44f669
date
Sun, 21 Mar 2021 06:32:25 GMT
www-authenticate
Bearer
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
SSDlDTsi5y8Zfk2UYCF09w
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_ssl_v3/i-0d3531776d05e7fe5_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637518907468980941
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
x-content-type-options
nosniff
expires
-1
Login
gbtpa.sharefile.com/Authentication/
Redirect Chain
  • https://gbtpa.sharefile.com/login
  • https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Xgzt8I5Yuc2Ho9eml2Fgmg--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&...
  • https://gbtpa.sharefile.com/Authentication/Login
7 KB
4 KB
Document
General
Full URL
https://gbtpa.sharefile.com/Authentication/Login
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
c35537e2f527395fb0136031cfc59bb877952ecb4e2ab773c2cceec1cea8a3c2
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-auAGf3fRgI4GdQMs/H0BRw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/Authentication/Login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gbtpa.sharefile.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASP.NET_SessionId=rddiv2xaooo0dcgwlgp3raam; SFWEB_SRVNAME=i-0cdc058a46dad4cba; SF_Subdomain=gbtpa; clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiWGd6dDhJNVl1YzJIbzllbWwyRmdtZy0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gbtpa.sharefile.com/

Response headers

cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
99ded0dd-5573-44b1-aafe-2586e737f5d8
x-frame-options
SAMEORIGIN
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-auAGf3fRgI4GdQMs/H0BRw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
set-cookie
clientRequest=; expires=Sat, 20-Mar-2021 06:32:27 GMT; path=/; Secure
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Sun, 21 Mar 2021 06:32:27 GMT
content-length
2939
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
0
location
/Authentication/Login
citrix-transactionid
e665e583-2855-4a29-857b-9d3fc6529e54
set-cookie
clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiWGd6dDhJNVl1YzJIbzllbWwyRmdtZy0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9; path=/; secure; HttpOnly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Sun, 21 Mar 2021 06:32:27 GMT
content-length
138
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Branding
gbtpa.sf-api.com/sf/v3/Accounts/
4 KB
2 KB
XHR
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/Branding
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.78534fe2a04db73d4257.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

CorrelationId
xUSIGbDX7-zj7_rdpHPuLw
Accept
application/json, text/plain, */*
Referer
Accept-Language
en
X-SF-App
ShareFileWeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
2d0f6c2f-b79a-40fb-b0dc-3e37279cc55d
date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
xUSIGbDX7-zj7_rdpHPuLw
vary
Accept-Encoding
content-length
1746
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_ssl_v3/i-09a73ef6da575188e_us-east-1c
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637518907472315743
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
Branding
gbtpa.sf-api.com/sf/v3/Accounts/
0
0
Preflight
General
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/Branding
Protocol
H2
Server
52.1.177.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-177-90.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
correlationid,x-sf-app,x-sf-clientcapabilities
Origin
https://gbtpa.sharefile.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache,no-store
pragma
no-cache
expires
-1
access-control-allow-origin
https://gbtpa.sharefile.com
access-control-allow-credentials
true
access-control-allow-headers
correlationid,x-sf-app,x-sf-clientcapabilities
x-sfapi-requestid
637518907470429209
citrix-transactionid
e1566f5a-e044-4480-a914-09fa7e98316c
correlationid
kUalXDg4GUWdLqQUhy__HQ
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
DENY
x-robots-tag
noindex
date
Sun, 21 Mar 2021 06:32:26 GMT
content-length
0
x-sf-server
api_ssl_v3/i-09f07062e468e1c95_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/
27 KB
6 KB
Stylesheet
General
Full URL
https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=VISQ0MKGFMU6KxJdHQLi8shoawjcOZLYkodYtvrynuM1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
ca27116239c1ae0a907eabb4a530e047abb821e36758d416f920f4e57d239879
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:05:08 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"05a468fdeed71:0"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5354
x-content-type-options
nosniff
errorhandler.js
gbtpa.sharefile.com/_Auth/
548 B
726 B
Script
General
Full URL
https://gbtpa.sharefile.com/_Auth/errorhandler.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:04:58 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"0795089deed71:0"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
349
x-content-type-options
nosniff
webpop
gbtpa.sharefile.com/cache/sha/javascript/bundles/
91 KB
30 KB
Script
General
Full URL
https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid
4f8a715f-b20b-43cf-ae5c-4912df9f1e4e
date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Sun, 21 Mar 2021 06:32:27 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
29743
x-content-type-options
nosniff
expires
Mon, 21 Mar 2022 06:32:27 GMT
webpoprequireconfig
gbtpa.sharefile.com/cache/sha/bundles/
1 KB
930 B
Script
General
Full URL
https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=LcWzpTtM1wxRVR7btgLz9Y794DLICOyAGXOr3AgPMLk1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

citrix-transactionid
6020982d-e498-42ba-b667-dc665d308e1b
date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Sun, 21 Mar 2021 06:32:27 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
476
x-content-type-options
nosniff
expires
Mon, 21 Mar 2022 06:32:27 GMT
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/
385 KB
121 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-15.dus51.r.cloudfront.net
Software
UploadServer /
Resource Hash
e70c9fe2c57c9cac96696fbc4d4c31eb51536b819c5029c8964a33c82797914f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:32:26 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 19 Mar 2021 14:09:02 GMT
Server
UploadServer
ETag
"8a59208f2243156a60d1f2c97503ecaa"
Vary
Accept-Encoding
x-goog-hash
crc32c=ILPtTw==, md5=ilkgjyJDFWpg0fLJdQPsqg==
x-goog-generation
1616162942440997
Via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
123322
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
X-GUploader-UploadID
ABg5-UwVrknx8dB0lQ0p0d28RAmUEAGOvI90O2hqQBQ7VfhFpEnVmqZkLjTenRNYSvKokekOtNMj7g_L6qyiy08SFA
X-Amz-Cf-Id
1rmNJpQKGEbxS6ARGctkLQ5qAYaXNj3LFqvZVSKLH-Oqk6QnCdALQg==
Expires
Sun, 21 Mar 2021 06:39:31 GMT
1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/
8 KB
9 KB
Image
General
Full URL
https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:27 GMT
referrer-policy
same-origin
last-modified
Mon, 06 Mar 2017 19:21:48 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"143bc5e6ae96d21:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/png
x-content-type-options
nosniff
accept-ranges
bytes
content-length
8438
x-xss-protection
1; mode=block
expires
Wed, 01 Jan 2020 00:00:00 GMT
webpop.js
gbtpa.sharefile.com/cache/73a4e0bf68/bundles/
731 KB
196 KB
Script
General
Full URL
https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:05:06 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"02d158edeed71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
x-content-type-options
nosniff
login
gbtpa.sharefile.com/saml/
5 KB
4 KB
Document
General
Full URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=9enmm3tlfplXMZToGcykeQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
1940fd591442bfaa6647c47e22682dd9a8f9849b2c190e6e028113ec48f4db64
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-q/p/h+SYHTSYMiPo0hk3cw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=9enmm3tlfplXMZToGcykeQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gbtpa.sharefile.com/Authentication/Login
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASP.NET_SessionId=rddiv2xaooo0dcgwlgp3raam; SFWEB_SRVNAME=i-0cdc058a46dad4cba; SF_Subdomain=gbtpa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gbtpa.sharefile.com/Authentication/Login

Response headers

cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
da8f614e-7ff9-49e6-85ca-4f74d29f81b4
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-q/p/h+SYHTSYMiPo0hk3cw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Sun, 21 Mar 2021 06:32:27 GMT
content-length
3165
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
en.json
gbtpa.sharefile.com/cache/7603b8f2074c9bfdf6d434933669fcf4e18c75b4/_Auth/locales/
25 KB
9 KB
XHR
General
Full URL
https://gbtpa.sharefile.com/cache/7603b8f2074c9bfdf6d434933669fcf4e18c75b4/_Auth/locales/en.json
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/73a4e0bf68/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:27 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 01 Mar 2021 21:05:06 GMT
x-sf-server
web_ssl/i-0cdc058a46dad4cba_us-east-1b
etag
"02d158edeed71:0"
vary
Accept-Encoding
content-type
application/json
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
8366
x-content-type-options
nosniff
Cookie set startSSO.ping
sso.gallagherbassett.com/idp/
6 KB
6 KB
Document
General
Full URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
151.147.160.186 , United States, ASN46342 (AJGCO, US),
Reverse DNS
Software
/
Resource Hash
ed58d1a35e7c9f662166491d420937c8868a048ff3063c5d1938d070ad22ef72
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;

Request headers

Host
sso.gallagherbassett.com
Connection
keep-alive
Content-Length
4270
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:32:28 GMT
Referrer-Policy
origin
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=RTQpobJKaRWdQy9rIzzDZN;Path=/;Secure;HttpOnly;SameSite=None
Content-Length
5670
Sharefile
www.gallagherbassett.com/sso/app/startsso/
5 KB
2 KB
Document
General
Full URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5a1bfdeb70de990937536bd03c2fd462aeb08efded039c353c789295245e8360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
POST
:authority
www.gallagherbassett.com
:scheme
https
:path
/sso/app/startsso/Sharefile
content-length
4526
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://sso.gallagherbassett.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://sso.gallagherbassett.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://sso.gallagherbassett.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sso.gallagherbassett.com/

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
mKey=750b0128-fcfd-45d0-9894-5baf0a2984d9; expires=Thu, 21-Mar-2041 06:32:28 GMT; path=/; secure; HttpOnly visid_incap_1944542=z+h4JzSTTwW7w+qFCq0dGHzoVmAAAAAAQUIPAAAAAAB0xqflODfGLsBvrQZfUkHJ; expires=Sun, 20 Mar 2022 08:21:03 GMT; HttpOnly; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None incap_ses_449_1944542=aQYMc8mvkgOYk0s0fCs7BnzoVmAAAAAAaq40KdcjGRVYoStBDMz2/Q==; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None
date
Sun, 21 Mar 2021 06:32:28 GMT
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-iinfo
10-171011455-171011456 NNNN CT(97 305 0) RT(1616308348226 0) q(0 0 4 0) r(6 6) U6
gbStyles2055
www.gallagherbassett.com/sso/lib/
260 KB
47 KB
Stylesheet
General
Full URL
https://www.gallagherbassett.com/sso/lib/gbStyles2055
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7abb827a0bf979a7bfe47f2147e3b2076224db866c72f95cf3f38273bd8380c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:28 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 04:25:39 GMT
x-cdn
Imperva
etag
"25798256"
strict-transport-security
max-age=31536000
content-type
text/css; charset=utf-8
x-iinfo
10-171011518-0 0CNN RT(1616308348857 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31355591, public
content-length
47887
expires
Sat, 19 Mar 2022 04:25:39 GMT
preload2055
www.gallagherbassett.com/sso/bundles/lib/
697 KB
211 KB
Script
General
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/preload2055
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:28 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 07:03:48 GMT
x-cdn
Imperva
etag
"8c8b636a"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
x-iinfo
10-171011519-0 0CNN RT(1616308348860 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31365080, public
content-length
215357
expires
Sat, 19 Mar 2022 07:03:48 GMT
startssojs2055
www.gallagherbassett.com/sso/bundles/
67 KB
20 KB
Script
General
Full URL
https://www.gallagherbassett.com/sso/bundles/startssojs2055
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
dcbfbae7300938be8202c1b277ef4f3c61293113a8af8e9ed54cd109ddd304c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:28 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 04:25:39 GMT
x-cdn
Imperva
etag
"eaeab4d6"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
x-iinfo
10-171011520-0 0CNN RT(1616308348862 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31355591, public
content-length
20730
expires
Sat, 19 Mar 2022 04:25:39 GMT
GBLogo400px.png
www.gallagherbassett.com/sso/images/
14 KB
14 KB
Image
General
Full URL
https://www.gallagherbassett.com/sso/images/GBLogo400px.png
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:28 GMT
last-modified
Mon, 18 Jan 2021 08:11:56 GMT
x-cdn
Imperva
etag
"06e239671edd61:0"
strict-transport-security
max-age=31536000
content-type
image/png
x-iinfo
10-171011537-0 0cNN RT(1616308348942 0) q(0 -1 -1 -1) r(0 -1)
content-length
14208
spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/
3 KB
3 KB
Image
General
Full URL
https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:29 GMT
last-modified
Mon, 18 Jan 2021 08:12:00 GMT
x-cdn
Imperva
etag
"0c8859871edd61:0"
strict-transport-security
max-age=31536000
content-type
image/gif
x-iinfo
10-171011553-0 0cNN RT(1616308349007 0) q(0 -1 -1 -1) r(0 -1)
content-length
2704
postload2055
www.gallagherbassett.com/sso/bundles/lib/
390 KB
113 KB
Script
General
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/postload2055
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:28 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 07:03:48 GMT
x-cdn
Imperva
etag
"9c7bb35e"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
x-iinfo
10-171011536-0 0CNN RT(1616308348932 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31365080, public
content-length
115846
expires
Sat, 19 Mar 2022 07:03:48 GMT
_Incapsula_Resource
www.gallagherbassett.com/
142 KB
20 KB
Script
General
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1485906347
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20497
content-type
application/javascript
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2055
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3844
date
Sun, 21 Mar 2021 05:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sun, 21 Mar 2021 07:28:25 GMT
Primary Request Logon
www.gallagherbassett.com/sso/App/
3 KB
1 KB
Document
General
Full URL
https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4966da8c058159782499f7a543297fa3672e19b834a0af23d6a3a829c551804a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
POST
:authority
www.gallagherbassett.com
:scheme
https
:path
/sso/App/Logon
content-length
99
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.gallagherbassett.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
mKey=750b0128-fcfd-45d0-9894-5baf0a2984d9; visid_incap_1944542=z+h4JzSTTwW7w+qFCq0dGHzoVmAAAAAAQUIPAAAAAAB0xqflODfGLsBvrQZfUkHJ; incap_ses_449_1944542=aQYMc8mvkgOYk0s0fCs7BnzoVmAAAAAAaq40KdcjGRVYoStBDMz2/Q==
Upgrade-Insecure-Requests
1
Origin
https://www.gallagherbassett.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
date
Sun, 21 Mar 2021 06:32:28 GMT
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-iinfo
10-171011556-171011456 PNNN RT(1616308349021 0) q(0 0 0 -1) r(1 1) U6
collect
www.google-analytics.com/j/
2 B
194 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1933254571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=779686652&gjid=812243674&cid=130536333.1616308350&tid=UA-44339965-5&_gid=557532403.1616308350&_r=1&_slc=1&z=2076257953
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 06:32:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gallagherbassett.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
logonjs2055
www.gallagherbassett.com/sso/bundles/
355 KB
102 KB
Script
General
Full URL
https://www.gallagherbassett.com/sso/bundles/logonjs2055
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:32:29 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 07:06:06 GMT
x-cdn
Imperva
etag
"a647ab0b"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
x-iinfo
10-171011588-0 0CNN RT(1616308349159 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31365217, public
content-length
104703
expires
Sat, 19 Mar 2022 07:06:06 GMT
_Incapsula_Resource
www.gallagherbassett.com/
140 KB
20 KB
Script
General
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=705188974
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8c574085e01380629adbc10ef94b8ae2adef6616e8a3e05500e2a38baa55a0f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20210
content-type
application/javascript
openid-configuration
sso.gallagherbassett.com/.well-known/
3 KB
4 KB
XHR
General
Full URL
https://sso.gallagherbassett.com/.well-known/openid-configuration
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2055
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
151.147.160.186 , United States, ASN46342 (AJGCO, US),
Reverse DNS
Software
/
Resource Hash
fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;

Request headers

Referer
https://www.gallagherbassett.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 06:32:30 GMT
Referrer-Policy
origin
Vary
Origin
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.gallagherbassett.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;
Content-Length
3169
Expires
Thu, 01 Jan 1970 00:00:00 GMT
_Incapsula_Resource
www.gallagherbassett.com/
1 B
36 B
Image
General
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7873392635311445
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Oidc object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| settings object| mgr

7 Cookies

Domain/Path Name / Value
.gallagherbassett.com/ Name: _gat
Value: 1
.gallagherbassett.com/ Name: _gid
Value: GA1.2.557532403.1616308350
.gallagherbassett.com/ Name: _ga
Value: GA1.2.130536333.1616308350
www.gallagherbassett.com/ Name: ___utmvc
Value: TXG7ZRqcgJgB8BS5VrtUCQ/FymXfXHdZccvy/VCrjCBYcMjmVJJOyZG5WCwpQgFxlFDuIFF0SOxv0CNiC7z2XvyK6xtB3MDVlrzBQwHfiDaPjfUhWU9ojOV3yhF8ar0hl/JU1TyerwOKTP71PClDNXAlp/+4N1k+MF7My6E1eyv2jCiw1NQVD5EeQB+xbC2BaBVZsalK9Ve3t+i0anHHKulLqSVdxilZaaR5mhKnPAKP2U1GUWhZQzZ/Rr8wXyjD9LVEpkfqUWpVkpxLaiekzBEtTLgJ3mUxF5T6GrfBswTKkKVSyIzT/rL+7Kwuqvy3hRrKsnIZvi2aS8U6uuOUEX/JbcNRIEbeyj5t4ErM/8ZVLZdEALo19+7e0pC2SKqkjiaMT9eeCtlmFeSL5cl9Ol98mt7qKlbJ7yMC2y48E953SAjMTZCBIVhgeFhrHSICVnAS4a+j5KQixtbOg8olzWTo7rCAK/shQrV3JPx91hLjOxW82dxTn7khAu8YbDnMSCHhTF1NVAwR9Ny0t+1q3eF40wFq/okMTOFM0u7Ae2XsEUNAvIyKJuVDmQLMaU0Vr9/HE+qPQs5DSEfcsyBlDVDu6aAFnPjzeQ79ZOE3eweRZAwK748N+OutY9FX8lf+mZXHP+nidV1ivhTu3Z3jGWF9x4W1haMF9tIQvukgcb0OAdcO9NS2Pzgo1hT/te14Zd8EoaAKr7NqCObdcKtUW5ir7yIoKbqZItwx4MJP9yGw0sn7HpEzOwVyFHhh4cyKnF+W59k6dIIO29nst6M/vFaW2XNhknMs6/HRdkgp4yzw5VDD2o+mHvI0MyT/bvl+xviCPd5rxI/0+jQhKSzwGQdopZP+1ugP2mlKOVrdQvl/bFLFYhdwV5mDRFPQU74E4vMex6WsbndMF26lrW48E1mb+BmbKiq92y6ahw34H7PuiKQl4xTtfMJkdvlnzFyaWy9GZrAB4BBlk5LJl9vsOYqw+BEtEP4xayxjHrAW61QWV3kVrSPPDYfQb1gahukJwelAcalyQ9Bmnc92nsubTBllEzsC8USO3cnr8X84lWleKqsRUNfi0wT13OuK+p2L3d7bLO7N2ghO5jmXCP4UF1BomGEZ1hn4eJUmMd7cVSiOGRVfWN06JlE27cw7YPvcMRpwb51gEejkab5DjQsjXnU8v8gpIX8EfMLzbUfK+dhmWXj+7AXHlEQar0kFyGQc0i1ZP5HT9F/yyaRHNclWK4T/oapYzGYdHFrcLjwlNYc24ImVby0jgY6/d+f9Nk7QtEeuIzZ41uGmA5PzSHFYK+GowBQoYRdvCAwa33n27Ced0Phmv5T7D4mOR0vXvNbfaOQ2jY9a8VgSNuyToG2IPqKwqfzr5Gx2TcZGkcYG/0d6rDG6KrWSzZYnmQ16oWOo0pw2nh9Yd6MBCZpRFCXqf9Q3vaEw5YsX9a8aRNoe3MYATbHXOYnXtS9mQZ+VeJsmnCdVFudfgL9mI/biqnlPKSe64Yi/qiq+9aBKhKCDBTJpm6rZWwkem/RKIb2adPAEPt+IKTI7OlgRT8ogMICq/UEY2+srwfZ7KWn47s3poSCQD4a8a2k9vE15wsokTLSvhzhG89jmyg3cyt9ua2SKSwCFB1B53rcosOkL9v7pYzN80UD6p0r2PhElvdFQWlffEIQ3xmaHIAxeY/oywuw/v6yRmHjqxBODMy5uUwXdiB4W9JYYvNR48ywk9oJAgrTlsySzWQyvRJJ8Qe/yUJ02FNWmThwDvxLlckUEvgR/0Cq0OMBKmVZeZkMbWisDnJ6+X9ht80rUaSsxbCliZYnqlAGomIdACp1Oh33em53P4a01o9dkE5dyNi6toN52GwNMGCx7UBT7CSMtl0OfHMy8BK8u9nFsGc5pEAxVZbKoGliwPQ1Lf912Q56LLnchQPP/5zmf/vyS/inTpCDfS8t9m4deD2xsGcx4nJ7TXpDXSVCfkVGli/G5kH2AYxpY+fuQ5MeZutKHXXVorLPel4ALIwnQ1zZl/EV+DI8t+KWggGwWSuksZGlnZXN0PTEzOTQ1OCxzPTkyNjY2YTVmNzlhNjYxOThhZjc3ODdiMTc1ODFhNWEyNjVhNmEwOWI2YTY3ODc5YTgwYTc3YmFjNmQ5YTc3N2E4ZTdiNzk2YTk0NzQ3Njcx
.gallagherbassett.com/ Name: incap_ses_449_1944542
Value: aQYMc8mvkgOYk0s0fCs7BnzoVmAAAAAAaq40KdcjGRVYoStBDMz2/Q==
.gallagherbassett.com/ Name: visid_incap_1944542
Value: z+h4JzSTTwW7w+qFCq0dGHzoVmAAAAAAQUIPAAAAAAB0xqflODfGLsBvrQZfUkHJ
www.gallagherbassett.com/ Name: mKey
Value: 750b0128-fcfd-45d0-9894-5baf0a2984d9

3 Console Messages

Source Level URL
Text
console-api info URL: https://www.gallagherbassett.com/sso/bundles/logonjs2055(Line 5)
Message:
UserManager.getUser: user not found in storage
console-api info URL: https://www.gallagherbassett.com/sso/bundles/logonjs2055(Line 5)
Message:
UserManager.getUser: user not found in storage
console-api log URL: https://www.gallagherbassett.com/sso/App/Logon(Line 72)
Message:
TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-WrccWu9wfsmw5wJZK02lkQ==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.pendo.io
gbtpa.sf-api.com
gbtpa.sharefile.com
i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
104.225.98.129
13.226.159.15
151.101.14.217
151.147.160.186
2607:f740:e619::1
2a00:1450:4001:803::200e
35.241.57.45
45.60.123.80
52.1.177.90
52.3.211.188
0255f99991321bfd05720b5ff62032a3fc6333b9e0cd2c9fd2b712271d844757
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
0769cfe464db9e83c76e8c2c12af036a00a5bc1f2996a4cb7d896740b8087b4a
07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb
16b4183175766ca41c7a7bd667ef9c758c3816cae54bc2015c91c2f8183f9e48
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1940fd591442bfaa6647c47e22682dd9a8f9849b2c190e6e028113ec48f4db64
4966da8c058159782499f7a543297fa3672e19b834a0af23d6a3a829c551804a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292
5a1bfdeb70de990937536bd03c2fd462aeb08efded039c353c789295245e8360
5b1ea5e8e2ab7e458a012b91b643ae271cc11190719e06829d658fcfd22813bf
5d3c0eee606d78fe60dc44cb73595c5e2c9d65d78b04e07d6e08c55e7deb6dfc
69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
7abb827a0bf979a7bfe47f2147e3b2076224db866c72f95cf3f38273bd8380c9
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8c574085e01380629adbc10ef94b8ae2adef6616e8a3e05500e2a38baa55a0f5
8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
c35537e2f527395fb0136031cfc59bb877952ecb4e2ab773c2cceec1cea8a3c2
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
ca27116239c1ae0a907eabb4a530e047abb821e36758d416f920f4e57d239879
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
dcbfbae7300938be8202c1b277ef4f3c61293113a8af8e9ed54cd109ddd304c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70c9fe2c57c9cac96696fbc4d4c31eb51536b819c5029c8964a33c82797914f
ed58d1a35e7c9f662166491d420937c8868a048ff3063c5d1938d070ad22ef72
fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73
ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98