urlscan.io logo urlscan.io
SecurityTrails logo

login.tmf-group.com Open in urlscan Pro
90.115.176.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-eu.mimecast.com/s/NJA0CNOYYtpM5KosmF3_t?domain=tmf-group.sharefile.com
Effective URL: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTn...
Submission: On September 21 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 27 HTTP transactions. The main IP is 90.115.176.17, located in Malakoff, France and belongs to France Telecom - Orange, FR. The main domain is login.tmf-group.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on July 19th 2019. Valid for: 2 years.
This is the only time login.tmf-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 91.220.42.63 42427 (MIMECAST-UK)
3 15 54.166.105.254 14618 (AMAZON-AES)
4 151.101.130.217 54113 (FASTLY)
1 2 35.241.57.45 15169 (GOOGLE)
1 104.225.98.131 36236 (NETACTUATE)
1 99.84.144.61 16509 (AMAZON-02)
6 90.115.176.17 3215 (France Te...)
1 2001:4860:480... 15169 (GOOGLE)
27 8
2    91.220.42.63 (United Kingdom)

ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
protect-eu.mimecast.com
15    54.166.105.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-105-254.compute-1.amazonaws.com
tmf-group.sharefile.com
4    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    35.241.57.45 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com
radar.cedexis.com
1    104.225.98.131 (West Hollywood, United States)

ASN36236 (NETACTUATE, US)
PTR: 131.98.225.104.ptr.anycast.net
i2-oypsewuiwilzyejhiwimuxfvnpldbm.init.cedexis-radar.net
1    99.84.144.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-61.txl52.r.cloudfront.net
cdn.pendo.io
6    90.115.176.17 (Malakoff, France)

ASN3215 (France Telecom - Orange, FR)
login.tmf-group.com
1    2001:4860:4802:32::34 (United States)

ASN15169 (GOOGLE, US)
citrix-sharefile-data.customer.pendo.io
Domain Requested by
15 tmf-group.sharefile.com 3 redirects tmf-group.sharefile.com
6 login.tmf-group.com tmf-group.sharefile.com
login.tmf-group.com
4 app.launchdarkly.com tmf-group.sharefile.com
2 radar.cedexis.com 1 redirects
2 protect-eu.mimecast.com 2 redirects
1 citrix-sharefile-data.customer.pendo.io cdn.pendo.io
1 cdn.pendo.io tmf-group.sharefile.com
1 i2-oypsewuiwilzyejhiwimuxfvnpldbm.init.cedexis-radar.net radar.cedexis.com
27 8

This site contains links to these domains. Also see Links.

Domain
www.tmf-group.com
Subject Issuer Validity Valid
*.sharefile.com
DigiCert SHA2 Secure Server CA		 2020-03-25 -
2021-03-30		 a year crt.sh
c3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-09-08 -
2021-04-20		 7 months crt.sh
radar.cedexis.com
Go Daddy Secure Certificate Authority - G2		 2019-06-26 -
2021-08-25		 2 years crt.sh
*.init.cedexis-radar.net
Go Daddy Secure Certificate Authority - G2		 2019-11-14 -
2022-01-13		 2 years crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA		 2019-06-04 -
2021-09-02		 2 years crt.sh
connect.tmf-group.com
Sectigo RSA Organization Validation Secure Server CA		 2019-07-19 -
2021-07-18		 2 years crt.sh
citrix-sharefile-data.customer.pendo.io
GTS CA 1D2		 2020-09-01 -
2020-11-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Frame ID: BCB1BEC2508242995F29C829E4335045
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protect-eu.mimecast.com/s/NJA0CNOYYtpM5KosmF3_t?domain=tmf-group.sharefile.com HTTP 307
    https://protect-eu.mimecast.com/redirect/eNpFUU2P1DAM_StVLnuZdtykXxkJsau9AkIIbiNVaeJMw7RNlaSgAfHfcWdHIOVgP7_... HTTP 307
    https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50 Page URL
  2. https://tmf-group.sharefile.com/login?cmd=route&id=/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f&a=6d4b27b924e56d50 HTTP 302
    https://tmf-group.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=A... HTTP 302
    https://tmf-group.sharefile.com/Authentication/Login Page URL
  3. https://tmf-group.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Z... HTTP 302
    https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57y... Page URL

Page Statistics

27
Requests

96 %
HTTPS

13 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

1112 kB
Transfer

3333 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-eu.mimecast.com/s/NJA0CNOYYtpM5KosmF3_t?domain=tmf-group.sharefile.com HTTP 307
    https://protect-eu.mimecast.com/redirect/eNpFUU2P1DAM_StVLnuZdtykXxkJsau9AkIIbiNVaeJMw7RNlaSgAfHfcWdHIOVgP7_n2M-_WdBrYicWcXIzFjc3zerXc5ptfgl-WwvtZ3Zgk9fsVB5YQI1uTYmolNdSdqKSZQcAVKM2_MAwOkOBkNA0UApxYGlOn7whAQNoqZlbKSybtuhkUTYFF4TN8bLLGIXrXV-ScAsTQWNKazydj-fj_6niqAJaN-E-3_lo6XmUVWcxt2BFXnEBeTeUdd4ZrmylUbSVfa_eNaYaeDtIXmHdmBroP9zXv_Q6x367QtlL0f8wUuRd_8r5iyx7DhxAUqUEYiQMM89pk5xL2rup2k7uUytyiL0pKFV67_o6or5--_KBAL3F5GcM-s2Jf8Q4qzgSIKEyqgEYQCqAElpeW9Nh1QkL2phGtg0XTT3sksUEUszKTc_R5otPzjqtkvNLfNwr4IUyIq3BJ9Qpx62Y6WhaxfSgxG34ToTPwd3UclXZiyZPbyobVczu9posjZhZPxkM2dPXLVzx9pT9dGnMbn4r2P2wH_227Hd7-ML-_AV53bH5 HTTP 307
    https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50 Page URL
  2. https://tmf-group.sharefile.com/login?cmd=route&id=/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f&a=6d4b27b924e56d50 HTTP 302
    https://tmf-group.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Ak47wvSxlnjy54BCjrY9IA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=tmf-group&autoredirect=False&requirev3=False&fix_mie_viewport=False&a=6d4b27b924e56d50&device_id_supported=True HTTP 302
    https://tmf-group.sharefile.com/Authentication/Login Page URL
  3. https://tmf-group.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=ZLQe8Cwy45d7WffuseGt0Q--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=tmf-group&appcp=sharefile.com&apicp=sf-api.com HTTP 302
    https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-eu.mimecast.com/s/NJA0CNOYYtpM5KosmF3_t?domain=tmf-group.sharefile.com HTTP 307
  • https://protect-eu.mimecast.com/redirect/eNpFUU2P1DAM_StVLnuZdtykXxkJsau9AkIIbiNVaeJMw7RNlaSgAfHfcWdHIOVgP7_n2M-_WdBrYicWcXIzFjc3zerXc5ptfgl-WwvtZ3Zgk9fsVB5YQI1uTYmolNdSdqKSZQcAVKM2_MAwOkOBkNA0UApxYGlOn7whAQNoqZlbKSybtuhkUTYFF4TN8bLLGIXrXV-ScAsTQWNKazydj-fj_6niqAJaN-E-3_lo6XmUVWcxt2BFXnEBeTeUdd4ZrmylUbSVfa_eNaYaeDtIXmHdmBroP9zXv_Q6x367QtlL0f8wUuRd_8r5iyx7DhxAUqUEYiQMM89pk5xL2rup2k7uUytyiL0pKFV67_o6or5--_KBAL3F5GcM-s2Jf8Q4qzgSIKEyqgEYQCqAElpeW9Nh1QkL2phGtg0XTT3sksUEUszKTc_R5otPzjqtkvNLfNwr4IUyIq3BJ9Qpx62Y6WhaxfSgxG34ToTPwd3UclXZiyZPbyobVczu9posjZhZPxkM2dPXLVzx9pT9dGnMbn4r2P2wH_227Hd7-ML-_AV53bH5 HTTP 307
  • https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
Request Chain 7
  • https://tmf-group.sharefile.com/login?cmd=route&id=/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f&a=6d4b27b924e56d50 HTTP 302
  • https://tmf-group.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Ak47wvSxlnjy54BCjrY9IA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=tmf-group&autoredirect=False&requirev3=False&fix_mie_viewport=False&a=6d4b27b924e56d50&device_id_supported=True HTTP 302
  • https://tmf-group.sharefile.com/Authentication/Login
Request Chain 9
  • https://radar.cedexis.com/1/55156/radar.js HTTP 302
  • https://radar.cedexis.com/1593429750/radar.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
foe948fe-f0f3-4230-8b15-8d2af4ce374f
tmf-group.sharefile.com/f/
Redirect Chain
  • https://protect-eu.mimecast.com/s/NJA0CNOYYtpM5KosmF3_t?domain=tmf-group.sharefile.com
  • https://protect-eu.mimecast.com/redirect/eNpFUU2P1DAM_StVLnuZdtykXxkJsau9AkIIbiNVaeJMw7RNlaSgAfHfcWdHIOVgP7_n2M-_WdBrYicWcXIzFjc3zerXc5ptfgl-WwvtZ3Zgk9fsVB5YQI1uTYmolNdSdqKSZQcAVKM2_MAwOkOBkNA0UApx...
  • https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
4f4e74888b76d67379e5180b8a49c494c8d4df59ac37460fd07b765359431c8b
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-bxvgmQc2lGdXhUzPN/e0BA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tmf-group.sharefile.com
:scheme
https
:path
/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
b2a4cb41-1503-4454-8426-b2f241e3071d
set-cookie
ASP.NET_SessionId=waknzkzqglyu1jjbmpsnnhez; path=/; secure; HttpOnly SFWEB_SRVNAME=i-08337b710f49a5e3e; path=/
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-bxvgmQc2lGdXhUzPN/e0BA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 21 Sep 2020 07:56:51 GMT
content-length
1322
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

Location
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-control
no-store
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Length
0
Date
Mon, 21 Sep 2020 08:56:50 +0100
Connection
Keep-Alive
spinner.css
tmf-group.sharefile.com/css/ 		1 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/css/spinner.css
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:51 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:28:54 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"09fb772968bd61:0"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
425
x-content-type-options
nosniff
ShimSham
tmf-group.sharefile.com/javascript/bundles/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

citrix-transactionid
ed7e9e12-2116-4f77-ad18-0f3c0c252d4b
date
Mon, 21 Sep 2020 07:56:51 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 21 Sep 2020 07:56:52 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
25784
x-content-type-options
nosniff
expires
Tue, 21 Sep 2021 07:56:52 GMT
index.529aee44ee04275dbf8e.js
tmf-group.sharefile.com/bundles/ 		2 MB
543 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/bundles/index.529aee44ee04275dbf8e.js
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
2a1518b6c8c1d567d372e8d942fbefff79fca00f545bf7b2c6fb403ded678332
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
555164
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:31:56 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"09e32df968bd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
spinner.svg
tmf-group.sharefile.com/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmf-group.sharefile.com/css/spinner.svg
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/css/spinner.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/css/spinner.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:51 GMT
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:28:54 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"09fb772968bd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1093
x-content-type-options
nosniff
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a
Protocol
H2
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://tmf-group.sharefile.com
Sec-Fetch-Mode
cors

Response headers

status
200
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
accept-ranges
bytes
date
Mon, 21 Sep 2020 07:56:52 GMT
via
1.1 varnish
x-served-by
cache-hhn4069-HHN
x-cache
HIT
x-cache-hits
2
x-timer
S1600675013.788481,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=300
age
0
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ 		2 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/bundles/index.529aee44ee04275dbf8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.18.0
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
status
200
access-control-max-age
300
strict-transport-security
max-age=300
content-length
26
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
x-timer
S1600675013.834558,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
80
Login
tmf-group.sharefile.com/Authentication/
Redirect Chain
  • https://tmf-group.sharefile.com/login?cmd=route&id=/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f&a=6d4b27b924e56d50
  • https://tmf-group.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Ak47wvSxlnjy54BCjrY9IA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlo...
  • https://tmf-group.sharefile.com/Authentication/Login
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/Authentication/Login
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/bundles/index.529aee44ee04275dbf8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
711d4546acf50f872c94b62b02f1d5cd3edf861c0a5b1bbb37a849091af00855
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-2wRyf+EKcSEpCmU2S6cJiA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tmf-group.sharefile.com
:scheme
https
:path
/Authentication/Login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASP.NET_SessionId=waknzkzqglyu1jjbmpsnnhez; SFWEB_SRVNAME=i-08337b710f49a5e3e; SF_Subdomain=tmf-group; clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOiI2ZDRiMjdiOTI0ZTU2ZDUwIiwiPGF1dG9yZWRpcmVjdD5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8Y2FwYWJpbGl0aWVzPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGNsaWVudF9pZD5rX19CYWNraW5nRmllbGQiOiJEemk0VVBVQWc1bDhiZUtkaW9lY2Rjbm1IVVRXV2xuNiIsIjxkZXZpY2VfaWRfc3VwcG9ydGVkPmtfX0JhY2tpbmdGaWVsZCI6dHJ1ZSwiPGRldmljZV9pZD5rX19CYWNraW5nRmllbGQiOm51bGwsIjxkaXNhYmxlX3JzMz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8ZW1haWw+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8Zml4X21pZV92aWV3cG9ydD5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8aD5rX19CYWNraW5nRmllbGQiOm51bGwsIjxub2xpbms+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVkaXJlY3RfdXJpPmtfX0JhY2tpbmdGaWVsZCI6Imh0dHBzOlwvXC9zZWN1cmUuc2hhcmVmaWxlLmNvbVwvbG9naW5cL29hdXRobG9naW4iLCI8cmVxdWlyZXYzPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxyZXNldF9pZD5rX19CYWNraW5nRmllbGQiOm51bGwsIjxyZXNwb25zZV90eXBlPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHNhbWxfbm9pZnJhbWU+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPHN0YXJ0X2FjdGlvbj5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzdGF0ZT5rX19CYWNraW5nRmllbGQiOiJBazQ3d3ZTeGxuank1NEJDanJZOUlBLS0iLCI8c3ViZG9tYWluPmtfX0JhY2tpbmdGaWVsZCI6InRtZi1ncm91cCIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tmf-group.sharefile.com/f/foe948fe-f0f3-4230-8b15-8d2af4ce374f?a=6d4b27b924e56d50

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
8881bfa7-51cd-4c1e-ab2f-1f23dc818d12
x-frame-options
SAMEORIGIN
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-2wRyf+EKcSEpCmU2S6cJiA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
set-cookie
clientRequest=; expires=Sun, 20-Sep-2020 07:56:53 GMT; path=/; Secure
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 21 Sep 2020 07:56:52 GMT
content-length
2542
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

status
302
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
0
location
/Authentication/Login
citrix-transactionid
ea86bc6e-0cb5-43f7-9406-5858bcbc4f26
set-cookie
clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOiI2ZDRiMjdiOTI0ZTU2ZDUwIiwiPGF1dG9yZWRpcmVjdD5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8Y2FwYWJpbGl0aWVzPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGNsaWVudF9pZD5rX19CYWNraW5nRmllbGQiOiJEemk0VVBVQWc1bDhiZUtkaW9lY2Rjbm1IVVRXV2xuNiIsIjxkZXZpY2VfaWRfc3VwcG9ydGVkPmtfX0JhY2tpbmdGaWVsZCI6dHJ1ZSwiPGRldmljZV9pZD5rX19CYWNraW5nRmllbGQiOm51bGwsIjxkaXNhYmxlX3JzMz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8ZW1haWw+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8Zml4X21pZV92aWV3cG9ydD5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8aD5rX19CYWNraW5nRmllbGQiOm51bGwsIjxub2xpbms+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVkaXJlY3RfdXJpPmtfX0JhY2tpbmdGaWVsZCI6Imh0dHBzOlwvXC9zZWN1cmUuc2hhcmVmaWxlLmNvbVwvbG9naW5cL29hdXRobG9naW4iLCI8cmVxdWlyZXYzPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxyZXNldF9pZD5rX19CYWNraW5nRmllbGQiOm51bGwsIjxyZXNwb25zZV90eXBlPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHNhbWxfbm9pZnJhbWU+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPHN0YXJ0X2FjdGlvbj5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzdGF0ZT5rX19CYWNraW5nRmllbGQiOiJBazQ3d3ZTeGxuank1NEJDanJZOUlBLS0iLCI8c3ViZG9tYWluPmtfX0JhY2tpbmdGaWVsZCI6InRtZi1ncm91cCIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9; path=/; secure; HttpOnly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 21 Sep 2020 07:56:52 GMT
content-length
138
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Protocol
H2
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Method
REPORT
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Origin
https://tmf-group.sharefile.com
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
REPORT, OPTIONS
access-control-allow-origin
*
access-control-max-age
300
allow
REPORT, OPTIONS
ld-region
us-east-1
accept-ranges
bytes
date
Mon, 21 Sep 2020 07:56:52 GMT
via
1.1 varnish
x-served-by
cache-hhn4069-HHN
x-cache
HIT
x-cache-hits
14
x-timer
S1600675013.788465,VS0,VE0
strict-transport-security
max-age=300
age
0
content-length
0
radar.js
radar.cedexis.com/1593429750/
Redirect Chain
  • https://radar.cedexis.com/1/55156/radar.js
  • https://radar.cedexis.com/1593429750/radar.js
44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://radar.cedexis.com/1593429750/radar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.57.45 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
45.57.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:30:33 GMT
server
nginx
etag
W/"5ef9d0d9-af5c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1209600, public
alt-svc
clear
via
1.1 google
expires
Mon, 05 Oct 2020 07:56:52 GMT

Redirect headers

date
Mon, 21 Sep 2020 07:56:52 GMT
via
1.1 google
server
nginx
status
302
vary
User-Agent,DNT
content-type
text/html
location
/1593429750/radar.js
cache-control
max-age=600
alt-svc
clear
content-length
154
expires
Mon, 21 Sep 2020 08:06:52 GMT
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 		103 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/user
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/bundles/index.529aee44ee04275dbf8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
X-LaunchDarkly-User-Agent
JSClient/2.18.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding, Authorization
age
0
x-cache
MISS
status
200
access-control-max-age
300
x-served-by
cache-hhn4069-HHN
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1600675013.834605,VS0,VE100
etag
"40ca"
strict-transport-security
max-age=300
access-control-allow-methods
REPORT, OPTIONS
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
providers.json
i2-oypsewuiwilzyejhiwimuxfvnpldbm.init.cedexis-radar.net/i2/1/55156/j1/20/122/1600675012/0/0/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i2-oypsewuiwilzyejhiwimuxfvnpldbm.init.cedexis-radar.net/i2/1/55156/j1/20/122/1600675012/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/55156/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.225.98.131 West Hollywood, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
131.98.225.104.ptr.anycast.net
Software
nginx/1.10.3 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:56:53 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
custom.css
tmf-group.sharefile.com/cache/sha/_Auth/Styles/custom/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=ZW_3AlDmUqZulqyhHUFhmEuCRHcgun6ixH17ArNSdwc1
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
db67e670c9fc78bff01eeda8dc0cfe3b1925ddade93ea479951b5d1e284c4896
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:30:08 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"020d39e968bd61:0"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
no-cache
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5335
x-content-type-options
nosniff
errorhandler.js
tmf-group.sharefile.com/_Auth/ 		548 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/_Auth/errorhandler.js
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:29:58 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"03fdd98968bd61:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
349
x-content-type-options
nosniff
webpop
tmf-group.sharefile.com/cache/sha/javascript/bundles/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

citrix-transactionid
0b278234-818a-44bd-ab14-99c016419826
date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 21 Sep 2020 07:56:53 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
29743
x-content-type-options
nosniff
expires
Tue, 21 Sep 2021 07:56:53 GMT
webpoprequireconfig
tmf-group.sharefile.com/cache/sha/bundles/ 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=D80Jwt90K02xQDqPxO7DDalOXT6tRBP_RO7jXppuQ0I1
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
8f6c03beb46230a64f3ba90e95d26dfcf98ff89c25ca875e4eefe7f72300c7e2
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

citrix-transactionid
d26505ef-88e3-4de6-9ebb-5de774aa3a60
date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
User-Agent,Accept-Encoding
content-length
477
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 21 Sep 2020 07:56:53 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
expires
Tue, 21 Sep 2021 07:56:53 GMT
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 		351 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/Authentication/Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-61.txl52.r.cloudfront.net
Software
UploadServer /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:54:08 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
167
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin
*
Last-Modified
Thu, 10 Sep 2020 18:08:50 GMT
Server
UploadServer
ETag
"c3a553273f6a78d92615f041a4278365"
Vary
Accept-Encoding
x-goog-hash
crc32c=KhIRPQ==, md5=w6VTJz9qeNkmFfBBpCeDZQ==
x-goog-generation
1599761330039116
Via
1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
112757
X-Amz-Cf-Pop
TXL52-C1
Accept-Ranges
bytes
X-GUploader-UploadID
ABg5-UzbPUGtPMKGYB-kLbJNS1V1egZQ4vAFtNt_D9KbfUpN03EgD4NkBrxbMu4_-hvi4SP2ijt7-Hp_YzStgAoOzeX9Uxaz8w
X-Amz-Cf-Id
jYINFVcMTigzW9lNgQJ6ylVDldLvX-CExd7dxh_PeR4T9niJQ9uvZA==
Expires
Mon, 21 Sep 2020 08:01:37 GMT
webpop.js
tmf-group.sharefile.com/cache/a0af857e18/bundles/ 		731 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/cache/a0af857e18/bundles/webpop.js
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
75381210cd75f8a85cc881929f03663b105bc78f6e76e751d221f480d23120bc
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tmf-group.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
201349
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:30:08 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"020d39e968bd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
Primary Request /
login.tmf-group.com/adfs/ls/
Redirect Chain
  • https://tmf-group.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=ZLQe8Cwy45d7WffuseGt0Q--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlo...
  • https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM0...
23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/cache/a0af857e18/bundles/webpop.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
90.115.176.17 Malakoff, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e51f0411e80badd74ecd4e76f0607aa31c389386dc781c75c2ed6417957edfb5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
login.tmf-group.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tmf-group.sharefile.com/Authentication/Login

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Length
23168
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-frame-options
DENY
Date
Mon, 21 Sep 2020 07:56:50 GMT

Redirect headers

status
302
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
0
location
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
citrix-transactionid
aece6fdd-0b98-4634-a65a-87d3dd9ae8ef
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 21 Sep 2020 07:56:54 GMT
content-length
748
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
strict-transport-security
max-age=16000000; includeSubDomains; preload;
en.json
tmf-group.sharefile.com/cache/84f596538477a0986c51b59662ac7e9037d14c37/_Auth/locales/ 		25 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tmf-group.sharefile.com/cache/84f596538477a0986c51b59662ac7e9037d14c37/_Auth/locales/en.json
Requested by
Host: tmf-group.sharefile.com
URL: https://tmf-group.sharefile.com/cache/a0af857e18/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.166.105.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-105-254.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tmf-group.sharefile.com/Authentication/Login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:54 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 15 Sep 2020 19:30:08 GMT
x-sf-server
web_ssl/i-08337b710f49a5e3e_us-east-1b
etag
"020d39e968bd61:0"
vary
Accept-Encoding
content-type
application/json
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
8411
x-content-type-options
nosniff
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/ptm.gif/ 		42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.65.1_prod&ct=1600675014153&jzb=eJzFkFFP-jAUxb9Ln8fWbTCBN6LGGIz-iZI_xpimbGVr7Nra3TEn4btzS5T4xIsPvm23557zu-dlR6C3gkxJLYCTgKyd6RrhGMgap3FGaXYxovEwHmYB2cpGgnFMFrjA_l3fXz2wJ3a5KET3f5XO3QoNeJ6bVsNRo1ulAtI6hfIKwDbTKIJ6MyidaW3YVNyJjVQizE0dzVqohAaZc5BGR3emlBrtrDO2IdPdd7b_PBevuC5bXvqLhGbLR7I_IeEq_lgM1TD7OSo4eH0SR3QSJTSh6LMVrkEOPw6zURgzBCm8GfD1rc8Xi66_ec7oQo1BTtIKdzaO1-L4qDpnP5ZF-ta_L-efc-uL7UHgIWlG98GpdGV4cbb08d-W7vm-qAYnrJQm2e-LSEbJ_vUAm67QVw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 07:56:54 GMT
via
1.1 google
x-content-type-options
nosniff
status
200
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/guide.json/ 		0
0
style.css
login.tmf-group.com/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.tmf-group.com/adfs/portal/css/style.css?id=83A9CB425C23E3BCD689A13356FECF221D6366C6D307A6B194E1F5D47D980F41
Requested by
Host: login.tmf-group.com
URL: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
90.115.176.17 Malakoff, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ce730ff9e448a42b0b188d3b191938bd23fcc11e0dd020d3ec25e70df9e02198

Request headers

Referer
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:56:50 GMT
Expires
Wed, 21 Oct 2020 07:56:51 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
83A9CB425C23E3BCD689A13356FECF221D6366C6D307A6B194E1F5D47D980F41
Content-Length
7925
Content-Type
text/css
logo.png
login.tmf-group.com/adfs/portal/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.tmf-group.com/adfs/portal/logo/logo.png?id=D13A90AC73B59F49C9082B039B64980040EE9135557EF4791DD5DFFAF3F3E709
Requested by
Host: login.tmf-group.com
URL: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
90.115.176.17 Malakoff, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d13a90ac73b59f49c9082b039b64980040ee9135557ef4791dd5dffaf3f3e709

Request headers

Referer
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:56:50 GMT
Expires
Wed, 21 Oct 2020 07:56:51 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
D13A90AC73B59F49C9082B039B64980040EE9135557EF4791DD5DFFAF3F3E709
Content-Length
4079
Content-Type
image/png
localsts.png
login.tmf-group.com/adfs/portal/images/idp/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.tmf-group.com/adfs/portal/images/idp/localsts.png?id=4721A2725A0474BB9C0F0388D34438E99B39FC660CAD5542DCB0A8709C8E4B44
Requested by
Host: login.tmf-group.com
URL: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
90.115.176.17 Malakoff, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4721a2725a0474bb9c0f0388d34438e99b39fc660cad5542dcb0a8709c8e4b44

Request headers

Referer
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:56:50 GMT
Expires
Wed, 21 Oct 2020 07:56:51 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
4721A2725A0474BB9C0F0388D34438E99B39FC660CAD5542DCB0A8709C8E4B44
Content-Length
6071
Content-Type
image/png
otherorganizations.png
login.tmf-group.com/adfs/portal/images/idp/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.tmf-group.com/adfs/portal/images/idp/otherorganizations.png?id=E74530A0067DF244C690EC70617F3646636BF60BDCC89CD87AF2E3E6DE9CEAEE
Requested by
Host: login.tmf-group.com
URL: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
90.115.176.17 Malakoff, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e74530a0067df244c690ec70617f3646636bf60bdcc89cd87af2e3e6de9ceaee

Request headers

Referer
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:56:50 GMT
Expires
Wed, 21 Oct 2020 07:56:51 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
E74530A0067DF244C690EC70617F3646636BF60BDCC89CD87AF2E3E6DE9CEAEE
Content-Length
7123
Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c09a1300a946429d86582c5416de91810a9fe3cf55b31f852510fd0fe01a53

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
illustration.png
login.tmf-group.com/adfs/portal/illustration/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.tmf-group.com/adfs/portal/illustration/illustration.png?id=B94059EF57DAFC048D65BC3D37B38431FA69B6ACBD80FA7A1B45DFAA5C26B750
Requested by
Host: login.tmf-group.com
URL: https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
90.115.176.17 Malakoff, France, ASN3215 (France Telecom - Orange, FR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b94059ef57dafc048d65bc3d37b38431fa69b6acbd80fa7a1b45dfaa5c26b750

Request headers

Referer
https://login.tmf-group.com/adfs/ls/?SAMLRequest=nVNdrxIxEP0rTd%2f3C1i5NiwGIUaSq24AffDF1HYWmnTbtTPr5f57ywLKgxcTH5omM%2bfMyTnTzlC2thOLng5uAz96QGLrVcW%2fjVSp1bSUqijlJB9PZFmMy%2fHDeBLPVMMDZ18goPGu4qM052yN2MPaIUlHsZSP8iR%2fnYyKXT4V5StRTr5yVgdPXnn71jht3L7ifXDCSzQonGwBBSmxXXx4FHGi%2bH4GoXi%2f29VJ%2fWm742yBCIGi6NI77FsIWwg%2fjYLPm8eKH4g6FFlGbZPsg%2b%2b7FA8yQGMspMq32clpJhW%2bMboDR4aeja6uJOv3xqV%2fqJHA2SqmYZykweUdZCZ1g5nFjLNjax2KIdT79rpLFnw%2bO6HFkF%2b44d%2bny2sSfP4v37PsRuCs1omPceJ6VXtr1DN750Mr6WXBIi2GitFJM0AFtNLYhdYBEONarPVPywCSoOIUeuAsuwpdHhXo4YnFvREciS1928lg8BQsHKWiawy3qKWNLjfQ%2fE8od2FKqNPoWK7j9eSDvmT0N%2fX5ufeCk9%2fd2x80%2fwU%3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 07:56:50 GMT
Expires
Wed, 21 Oct 2020 07:56:51 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
B94059EF57DAFC048D65BC3D37B38431FA69B6ACBD80FA7A1B45DFAA5C26B750
Content-Length
114801
Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
citrix-sharefile-data.customer.pendo.io
URL
https://citrix-sharefile-data.customer.pendo.io/data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJx9jj9PwzAQxb_LzSVOg0BqtgoYEIg_AkQ362RfHUvOOXLOZUD57r0sFROb7-nn936_cIpzlFwePfRg3x5e7l_tp7179_Tzfbh-KgfYADqXK8uKcE1pA7UkpQeRae6NkfF4FUquUzMPWOgYEzUuj2ZfZSCW6FBiZvOcQ2RtG0nQoyD0l_H1Gf8RSMihYiAliO3XBywXKf2qx6S7LPu_kU6sfLc17c50bddqz4nKrCpr3NzeNFs7lexhWc79-Vcl&v=2.65.1_prod&ct=1600675014157

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| HRDErrors function| InputUtil function| HRD undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage object| checkidp_OtherRpPanel string| currentURL undefined| myCheckHRD object| labelAuthfailed

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://tmf-group.sharefile.com/cache/a0af857e18/bundles/webpop.js(Line 175)
Message:
Debug:Enabled
console-api log URL: https://tmf-group.sharefile.com/cache/a0af857e18/bundles/webpop.js(Line 175)
Message:
Application:Starting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-bxvgmQc2lGdXhUzPN/e0BA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.pendo.io
citrix-sharefile-data.customer.pendo.io
i2-oypsewuiwilzyejhiwimuxfvnpldbm.init.cedexis-radar.net
login.tmf-group.com
protect-eu.mimecast.com
radar.cedexis.com
tmf-group.sharefile.com
citrix-sharefile-data.customer.pendo.io
104.225.98.131
151.101.130.217
2001:4860:4802:32::34
35.241.57.45
54.166.105.254
90.115.176.17
91.220.42.63
99.84.144.61
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
2a1518b6c8c1d567d372e8d942fbefff79fca00f545bf7b2c6fb403ded678332
44c09a1300a946429d86582c5416de91810a9fe3cf55b31f852510fd0fe01a53
4721a2725a0474bb9c0f0388d34438e99b39fc660cad5542dcb0a8709c8e4b44
4f4e74888b76d67379e5180b8a49c494c8d4df59ac37460fd07b765359431c8b
711d4546acf50f872c94b62b02f1d5cd3edf861c0a5b1bbb37a849091af00855
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
75381210cd75f8a85cc881929f03663b105bc78f6e76e751d221f480d23120bc
8f6c03beb46230a64f3ba90e95d26dfcf98ff89c25ca875e4eefe7f72300c7e2
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
b94059ef57dafc048d65bc3d37b38431fa69b6acbd80fa7a1b45dfaa5c26b750
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
ce730ff9e448a42b0b188d3b191938bd23fcc11e0dd020d3ec25e70df9e02198
d13a90ac73b59f49c9082b039b64980040ee9135557ef4791dd5dffaf3f3e709
db67e670c9fc78bff01eeda8dc0cfe3b1925ddade93ea479951b5d1e284c4896
e51f0411e80badd74ecd4e76f0607aa31c389386dc781c75c2ed6417957edfb5
e74530a0067df244c690ec70617f3646636bf60bdcc89cd87af2e3e6de9ceaee