urlscan.io logo urlscan.io
SecurityTrails logo

www.gallagherbassett.com Open in urlscan Pro
45.60.123.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
Effective URL: https://www.gallagherbassett.com/sso/App/Logon
Submission: On August 03 via manual from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 54 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is www.gallagherbassett.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.
This is the only time www.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 52.3.211.188 14618 (AMAZON-AES)
1 2 35.241.57.45 15169 (GOOGLE)
2 143.204.202.10 16509 (AMAZON-02)
1 104.225.98.129 36236 (NETACTUATE)
5 52.21.196.12 14618 (AMAZON-AES)
1 2607:f740:e61... 63911 (NETACTUAT...)
1 151.147.160.186 46342 (AJGCO)
21 45.60.123.80 19551 (INCAPSULA)
5 2a00:1450:400... 15169 (GOOGLE)
54 10
17    52.3.211.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-211-188.compute-1.amazonaws.com
gbtpa.sharefile.com
2    35.241.57.45 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com
radar.cedexis.com
2    143.204.202.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-10.fra53.r.cloudfront.net
cdn.pendo.io
1    104.225.98.129 (West Hollywood, United States)

ASN36236 (NETACTUATE, US)
PTR: 129.98.225.104.ptr.anycast.net
i2-moiqdtcwyxndiixfyalhbidokeqqve.init.cedexis-radar.net
5    52.21.196.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-196-12.compute-1.amazonaws.com
gbtpa.sf-api.com
1    2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
rpt.cedexis.com
1    151.147.160.186 (United States)

ASN46342 (AJGCO, US)
sso.gallagherbassett.com
21    45.60.123.80 (United States)

ASN19551 (INCAPSULA, US)
www.gallagherbassett.com
5    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
21 www.gallagherbassett.com sso.gallagherbassett.com
www.gallagherbassett.com
17 gbtpa.sharefile.com 2 redirects gbtpa.sharefile.com
5 www.google-analytics.com www.gallagherbassett.com
5 gbtpa.sf-api.com gbtpa.sharefile.com
2 cdn.pendo.io gbtpa.sharefile.com
2 radar.cedexis.com 1 redirects gbtpa.sharefile.com
1 sso.gallagherbassett.com gbtpa.sharefile.com
1 rpt.cedexis.com radar.cedexis.com
1 i2-moiqdtcwyxndiixfyalhbidokeqqve.init.cedexis-radar.net radar.cedexis.com
54 9

This site contains no links.

Subject Issuer Validity Valid
*.sharefile.com
DigiCert SHA2 Secure Server CA		 2020-03-25 -
2021-03-30		 a year crt.sh
radar.cedexis.com
Go Daddy Secure Certificate Authority - G2		 2019-06-26 -
2021-08-25		 2 years crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA		 2019-06-04 -
2021-09-02		 2 years crt.sh
*.init.cedexis-radar.net
Go Daddy Secure Certificate Authority - G2		 2019-11-14 -
2022-01-13		 2 years crt.sh
*.sf-api.com
DigiCert SHA2 Secure Server CA		 2019-12-02 -
2020-12-09		 a year crt.sh
sso.gallagherbassett.com
DigiCert SHA2 Secure Server CA		 2020-05-05 -
2021-05-31		 a year crt.sh
www.gallagherbassett.com
DigiCert SHA2 Secure Server CA		 2020-02-24 -
2022-03-10		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.gallagherbassett.com/sso/App/Logon
Frame ID: D237D3C2B6A611D909A97F7290682272
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d Page URL
  2. https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa45853-9625-4dfc-8a37-5502d... HTTP 302
    https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=d... HTTP 302
    https://gbtpa.sharefile.com/Authentication/Login Page URL
  3. https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=r... Page URL
  4. https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
  5. https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
  6. https://www.gallagherbassett.com/sso/App/Logon Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

54
Requests

96 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

2088 kB
Transfer

6323 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d Page URL
  2. https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa45853-9625-4dfc-8a37-5502d0116d3d HTTP 302
    https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=d8hhC81ZI0HMbUU3P0DIbw--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
    https://gbtpa.sharefile.com/Authentication/Login Page URL
  3. https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=r501Rz0DxEnbX.IJC5jYjw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
  4. https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
  5. https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
  6. https://www.gallagherbassett.com/sso/App/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://radar.cedexis.com/1/55156/radar.js HTTP 302
  • https://radar.cedexis.com/1593429750/radar.js
Request Chain 14
  • https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa45853-9625-4dfc-8a37-5502d0116d3d HTTP 302
  • https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=d8hhC81ZI0HMbUU3P0DIbw--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
  • https://gbtpa.sharefile.com/Authentication/Login

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
foa45853-9625-4dfc-8a37-5502d0116d3d
gbtpa.sharefile.com/f/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
c9bc8ba7255e860d4b70e3f6131f0a96fa33d8c3500c18dcf985792df12529a8
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-uH7Sef/u1jD1WMlc2B0Jsg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/f/foa45853-9625-4dfc-8a37-5502d0116d3d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
259ac44d-1764-4728-bacd-54b9f913c574
set-cookie
ASP.NET_SessionId=3cyjg1cepsxkpga4b5avk305; path=/; secure; HttpOnly; SameSite=None SFWEB_SRVNAME=i-07e4b7a4b9326a10d; path=/
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-uH7Sef/u1jD1WMlc2B0Jsg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 03 Aug 2020 20:48:10 GMT
content-length
1250
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
spinner.css
gbtpa.sharefile.com/css/ 		1 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/css/spinner.css
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:10 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:33:12 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"0cc16a9f5fd61:0"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
425
x-content-type-options
nosniff
ShimSham
gbtpa.sharefile.com/javascript/bundles/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

citrix-transactionid
85116987-4236-4bf0-830e-90b291263387
date
Mon, 03 Aug 2020 20:48:10 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 03 Aug 2020 20:48:10 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
25784
x-content-type-options
nosniff
expires
Tue, 03 Aug 2021 20:48:10 GMT
index.6353b13bd11beee10740.js
gbtpa.sharefile.com/bundles/ 		2 MB
527 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
3faaa55a0f7eda873537d775bdefa52e139a3ab42c23c4c21891351f55be73e9
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
539268
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:39:12 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"070aa7f105fd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
spinner.svg
gbtpa.sharefile.com/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbtpa.sharefile.com/css/spinner.svg
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/css/spinner.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:10 GMT
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:33:12 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"0cc16a9f5fd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1093
x-content-type-options
nosniff
radar.js
radar.cedexis.com/1593429750/
Redirect Chain
  • https://radar.cedexis.com/1/55156/radar.js
  • https://radar.cedexis.com/1593429750/radar.js
44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://radar.cedexis.com/1593429750/radar.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/home/findroute/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.57.45 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
45.57.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:11 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:30:29 GMT
server
nginx
etag
W/"5ef9d0d5-af5c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1209600, public
alt-svc
clear
via
1.1 google
expires
Mon, 17 Aug 2020 20:48:11 GMT

Redirect headers

date
Mon, 03 Aug 2020 20:48:11 GMT
via
1.1 google
server
nginx
status
302
vary
User-Agent,DNT
content-type
text/html
location
/1593429750/radar.js
cache-control
max-age=600
alt-svc
clear
content-length
154
expires
Mon, 03 Aug 2020 20:58:11 GMT
21c6ba61ed050a240d7e.js
gbtpa.sharefile.com/bundles/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/bundles/21c6ba61ed050a240d7e.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
27b6311698517437efedbc2c49d400fc0baadebf7ad574263cc330629cdc9f90
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/home/findroute/foa45853-9625-4dfc-8a37-5502d0116d3d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
6548
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:39:12 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"070aa7f105fd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 		346 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/home/findroute/foa45853-9625-4dfc-8a37-5502d0116d3d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-10.fra53.r.cloudfront.net
Software
UploadServer /
Resource Hash
42c05b705b49cfa6bf62f25347d17f2e99242de27a7b9adcb7c1e8110ce6364a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 20:48:11 GMT
Content-Encoding
gzip
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA53-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin
*
Last-Modified
Mon, 03 Aug 2020 19:09:26 GMT
Server
UploadServer
ETag
"dfd7ac33c7137f505696517027889186"
Vary
Accept-Encoding
x-goog-hash
crc32c=fXcBFg==, md5=39esM8cTf1BWllFwJ4iRhg==
x-goog-generation
1596481766328944
Via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
111472
Accept-Ranges
bytes
X-GUploader-UploadID
AAANsUmDReZYqvSRZMYnXxUMZSyECTNNHYA9x8eVLmOqDIqWOXEgELjC-qMsZnmcBOry9ElMfSfc8uO-H0kl8Npe87c
X-Amz-Cf-Id
HUjMdq1hHMykMxB7OwiXQ4It7NqJ34XEE93yUVsr7FqzmMKgclO1XQ==
Expires
Mon, 03 Aug 2020 20:55:15 GMT
providers.json
i2-moiqdtcwyxndiixfyalhbidokeqqve.init.cedexis-radar.net/i2/1/55156/j1/20/122/1596487691/0/0/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i2-moiqdtcwyxndiixfyalhbidokeqqve.init.cedexis-radar.net/i2/1/55156/j1/20/122/1596487691/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1593429750/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.225.98.129 West Hollywood, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
129.98.225.104.ptr.anycast.net
Software
nginx/1.10.3 /
Resource Hash
6652d755e491e40d947a4e50986b3792cfb2a23cb6f1d59d6b1c1b36f3fe7595

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 20:48:11 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/Branding
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.21.196.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-196-12.compute-1.amazonaws.com
Software
/
Resource Hash
b3dcbc5966f6e6a477af10e9bb46ffcfc4578160df12006710dc35875f0054e6
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-SF-App
ShareFileWeb
Accept-Language
en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
b151469b-11d4-4661-b755-9c8f73071b77
date
Mon, 03 Aug 2020 20:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
status
200
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
MzJccf4ubkuzVlm3R1OyOA
vary
Accept-Encoding
content-length
1746
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_new_ssl_v3/i-0c3677bd33b1c0f62_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637320700923308214
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
1596487690645
rpt.cedexis.com/n1/0/1596487690100/0/0/0/0/1596487690100/1596487690100/1596487690136/1596487690136/1596487690370/1596487690153/1596487690370/1596487690512/1596487690513/1596487690515/1596487691295/... 		16 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rpt.cedexis.com/n1/0/1596487690100/0/0/0/0/1596487690100/1596487690100/1596487690136/1596487690136/1596487690370/1596487690153/1596487690370/1596487690512/1596487690513/1596487690515/1596487691295/1596487691295/1596487691295/1596487691553/1596487691553/1596487691554/_CgJqMRAUGHoiBggBEPSuAyjTudCrCjCL8KH5BTiL8KH5BUDYjK8cShAIAxA1GOzCASAAKO6DgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMS5hbXMuaHYucHJvZIIBDwgDECgYsUYgACjVgoCgBIgBubm-3QaQAQCYAQA/0/1596487690645
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1593429750/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 20:48:11 GMT
Server
nginx/1.10.3
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Content-Length
16
Users
gbtpa.sf-api.com/sf/v3/ 		118 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.21.196.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-196-12.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-SF-App
ShareFileWeb
Accept-Language
en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
ac6b1d51-b796-49bc-b175-33c332c2407a
date
Mon, 03 Aug 2020 20:48:12 GMT
www-authenticate
Bearer
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
status
401
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
_QObHeA3D0WJcHf94l8GlA
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_new_ssl_v3/i-0c3677bd33b1c0f62_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637320700930999562
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
x-content-type-options
nosniff
expires
-1
Accounts
gbtpa.sf-api.com/sf/v3/ 		118 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.21.196.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-196-12.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-SF-App
ShareFileWeb
Accept-Language
en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
ba750cbb-8a54-4f5e-828b-27fe706a09ae
date
Mon, 03 Aug 2020 20:48:12 GMT
www-authenticate
Bearer
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
status
401
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
aLf2q-SVCUmSRhhOaDl87w
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_new_ssl_v3/i-0c3677bd33b1c0f62_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637320700932059270
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
x-content-type-options
nosniff
expires
-1
WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ 		118 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.21.196.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-196-12.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-SF-App
ShareFileWeb
Accept-Language
en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
c1289328-fe54-48bc-a656-aa1917f1079b
date
Mon, 03 Aug 2020 20:48:12 GMT
www-authenticate
Bearer
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
status
401
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
D0SfHO4980q_W3bhZCYEMw
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_new_ssl_v3/i-0c3677bd33b1c0f62_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637320700931951510
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
x-content-type-options
nosniff
expires
-1
Login
gbtpa.sharefile.com/Authentication/
Redirect Chain
  • https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa45853-9625-4dfc-8a37-5502d0116d3d
  • https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=d8hhC81ZI0HMbUU3P0DIbw--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&...
  • https://gbtpa.sharefile.com/Authentication/Login
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/Authentication/Login
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
c71597fb1866aae904979d952402b74fd8b997e2f0461dbdb42d5fee65f44346
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-94NcsYHIVa0++5XS4Zok+A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/Authentication/Login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gbtpa.sharefile.com/home/findroute/foa45853-9625-4dfc-8a37-5502d0116d3d
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASP.NET_SessionId=3cyjg1cepsxkpga4b5avk305; SFWEB_SRVNAME=i-07e4b7a4b9326a10d; SF_Subdomain=gbtpa; clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiZDhoaEM4MVpJMEhNYlVVM1AwRElidy0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://gbtpa.sharefile.com/home/findroute/foa45853-9625-4dfc-8a37-5502d0116d3d

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
f47adf95-4d46-425e-af41-8e147a26f60b
x-frame-options
SAMEORIGIN
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-94NcsYHIVa0++5XS4Zok+A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
set-cookie
clientRequest=; expires=Sun, 02-Aug-2020 20:48:13 GMT; path=/; Secure
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 03 Aug 2020 20:48:13 GMT
content-length
2940
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

status
302
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
0
location
/Authentication/Login
citrix-transactionid
e04fc859-8465-4240-a188-9dd24897f8df
set-cookie
clientRequest=eyI8VXNlclRva2VuVHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxVc2VyVG9rZW4+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8YT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxhdXRvcmVkaXJlY3Q+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGNhcGFiaWxpdGllcz5rX19CYWNraW5nRmllbGQiOm51bGwsIjxjbGllbnRfaWQ+a19fQmFja2luZ0ZpZWxkIjoiRHppNFVQVUFnNWw4YmVLZGlvZWNkY25tSFVUV1dsbjYiLCI8ZGV2aWNlX2lkX3N1cHBvcnRlZD5rX19CYWNraW5nRmllbGQiOnRydWUsIjxkZXZpY2VfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8ZGlzYWJsZV9yczM+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGVtYWlsPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPGZpeF9taWVfdmlld3BvcnQ+a19fQmFja2luZ0ZpZWxkIjpmYWxzZSwiPGg+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8bm9saW5rPmtfX0JhY2tpbmdGaWVsZCI6bnVsbCwiPHJlZGlyZWN0X3VyaT5rX19CYWNraW5nRmllbGQiOiJodHRwczpcL1wvc2VjdXJlLnNoYXJlZmlsZS5jb21cL2xvZ2luXC9vYXV0aGxvZ2luIiwiPHJlcXVpcmV2Mz5rX19CYWNraW5nRmllbGQiOmZhbHNlLCI8cmVzZXRfaWQ+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8cmVzcG9uc2VfdHlwZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjxzYW1sX25vaWZyYW1lPmtfX0JhY2tpbmdGaWVsZCI6ZmFsc2UsIjxzdGFydF9hY3Rpb24+a19fQmFja2luZ0ZpZWxkIjpudWxsLCI8c3RhdGU+a19fQmFja2luZ0ZpZWxkIjoiZDhoaEM4MVpJMEhNYlVVM1AwRElidy0tIiwiPHN1YmRvbWFpbj5rX19CYWNraW5nRmllbGQiOiJnYnRwYSIsIjx0aGVtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VySGludD5rX19CYWNraW5nRmllbGQiOm51bGwsIjx1c2VybmFtZT5rX19CYWNraW5nRmllbGQiOm51bGwsIjx3aWR0aD5rX19CYWNraW5nRmllbGQiOm51bGx9; path=/; secure; HttpOnly
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 03 Aug 2020 20:48:13 GMT
content-length
138
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sf-api.com/sf/v3/Accounts/Branding
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.6353b13bd11beee10740.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.21.196.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-196-12.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
X-SF-App
ShareFileWeb
Accept-Language
en
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities
HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid
08d2beff-5e4d-4103-9612-e08fd58b770a
date
Mon, 03 Aug 2020 20:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/json; charset=utf-8
x-sfapi-appcode
_None
status
200
x-sfapi-accountid
ab07c419-1355-4210-b1e8-4d380d8c3695
correlationid
5M49e7D1ZUGsz0Z25IcoNg
vary
Accept-Encoding
content-length
1746
x-xss-protection
1; mode=block
pragma
no-cache
x-sf-server
api_new_ssl_v3/i-0c3677bd33b1c0f62_us-east-1b
x-frame-options
DENY
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-language
en
access-control-allow-origin
https://gbtpa.sharefile.com
x-sfapi-requestid
637320700936948928
cache-control
no-cache,no-store
access-control-allow-credentials
true
x-sfapi-oauthclientid
x-robots-tag
noindex
expires
-1
custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=S_4-ROxcnAS1J2fi9qhUz4d706WDTGLn_DYrNX2ceaU1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
28d4400dcb100f30871db9e0cfe7e8972b93019eb00c2f05fadda276a05ac979
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:13 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:37:38 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"02da347105fd61:0"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5314
x-content-type-options
nosniff
errorhandler.js
gbtpa.sharefile.com/_Auth/ 		548 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/_Auth/errorhandler.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:13 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:37:28 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"04cad41105fd61:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
349
x-content-type-options
nosniff
webpop
gbtpa.sharefile.com/cache/sha/javascript/bundles/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

citrix-transactionid
d04d576b-e620-4066-93f0-302344bb55e1
date
Mon, 03 Aug 2020 20:48:13 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Mon, 03 Aug 2020 20:48:14 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
29743
x-content-type-options
nosniff
expires
Tue, 03 Aug 2021 20:48:14 GMT
webpoprequireconfig
gbtpa.sharefile.com/cache/sha/bundles/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=3U9q5UpNWmuNUgfOC_Gq39T_cKD8d3RPQSkMEr8547U1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
cc5fc3d160153c56be41c6486785454ed6e8c981c60ff1606838e9b055cf0047
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

citrix-transactionid
4cac78d0-dd49-474c-9c63-6d948d00ff13
date
Mon, 03 Aug 2020 20:48:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
User-Agent,Accept-Encoding
content-length
478
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 03 Aug 2020 20:48:14 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
expires
Tue, 03 Aug 2021 20:48:14 GMT
1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:14 GMT
referrer-policy
same-origin
last-modified
Mon, 06 Mar 2017 19:21:48 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"143bc5e6ae96d21:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
8438
x-content-type-options
nosniff
expires
Wed, 01 Jan 2020 00:00:00 GMT
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 		346 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-10.fra53.r.cloudfront.net
Software
UploadServer /
Resource Hash
42c05b705b49cfa6bf62f25347d17f2e99242de27a7b9adcb7c1e8110ce6364a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 20:47:45 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
29
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin
*
Last-Modified
Mon, 03 Aug 2020 19:09:26 GMT
Server
UploadServer
ETag
"dfd7ac33c7137f505696517027889186"
Vary
Accept-Encoding
x-goog-hash
crc32c=fXcBFg==, md5=39esM8cTf1BWllFwJ4iRhg==
x-goog-generation
1596481766328944
Via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
111472
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
X-GUploader-UploadID
AAANsUmDReZYqvSRZMYnXxUMZSyECTNNHYA9x8eVLmOqDIqWOXEgELjC-qMsZnmcBOry9ElMfSfc8uO-H0kl8Npe87c
X-Amz-Cf-Id
LbeNUR6AdYSv2igk35cvWxg7E4BUwBXrUeeFB5JTjErTJ4B7CXFwiA==
Expires
Mon, 03 Aug 2020 20:55:15 GMT
webpop.js
gbtpa.sharefile.com/cache/856763bb95/bundles/ 		730 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/856763bb95/bundles/webpop.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
94ecaa97c1a4a452b16602c5f810e6e057e916fa1841bc7fdbb54c9f791ecd16
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
201201
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:37:38 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"02da347105fd61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
login
gbtpa.sharefile.com/saml/ 		5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=r501Rz0DxEnbX.IJC5jYjw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/856763bb95/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
be8c8d4ac8a624a16fca19ff88b4f333e1998443fc5229ffabc687a5bf0ebb6a
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-JVgFfjtVOUJc8U213+DCaw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=r501Rz0DxEnbX.IJC5jYjw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gbtpa.sharefile.com/Authentication/Login
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASP.NET_SessionId=3cyjg1cepsxkpga4b5avk305; SFWEB_SRVNAME=i-07e4b7a4b9326a10d; SF_Subdomain=gbtpa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://gbtpa.sharefile.com/Authentication/Login

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
fb62d7c0-9984-4494-9a91-4d22c57ef5a5
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-JVgFfjtVOUJc8U213+DCaw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 03 Aug 2020 20:48:14 GMT
content-length
3164
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
en.json
gbtpa.sharefile.com/cache/01298a766dfc6bac486964217478d23e5b258289/_Auth/locales/ 		25 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/01298a766dfc6bac486964217478d23e5b258289/_Auth/locales/en.json
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/856763bb95/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:14 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 21 Jul 2020 03:37:38 GMT
x-sf-server
web_new_ssl/i-07e4b7a4b9326a10d_us-east-1c
etag
"02da347105fd61:0"
vary
Accept-Encoding
content-type
application/json
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
8269
x-content-type-options
nosniff
Cookie set startSSO.ping
sso.gallagherbassett.com/idp/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=r501Rz0DxEnbX.IJC5jYjw--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
151.147.160.186 , United States, ASN46342 (AJGCO, US),
Reverse DNS
Software
/
Resource Hash
cb2389a7beac199857c61aea5aa2c7f1f2be23ed46d4504f2c10ed460b66c0bb
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;

Request headers

Host
sso.gallagherbassett.com
Connection
keep-alive
Content-Length
4270
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 20:48:15 GMT
Referrer-Policy
origin
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=48Gh5Q0bKw2PcoDiuNCHjC;Path=/;Secure;HttpOnly;SameSite=None
Content-Length
5670
Sharefile
www.gallagherbassett.com/sso/app/startsso/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Requested by
Host: sso.gallagherbassett.com
URL: https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
23279e0b294db57a092e7e96da6f6cbd5558c4fb635a114ff723243d3c7ee4a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
POST
:authority
www.gallagherbassett.com
:scheme
https
:path
/sso/app/startsso/Sharefile
content-length
4526
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://sso.gallagherbassett.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://sso.gallagherbassett.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://sso.gallagherbassett.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sso.gallagherbassett.com/

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
mKey=4b1b2aad-c9f4-47e2-a564-86622e14b8bf; expires=Fri, 03-Aug-2040 20:48:16 GMT; path=/; HttpOnly visid_incap_1944542=FirxNlSYSxS3+jNfuVkISw94KF8AAAAAQUIPAAAAAADdjMohB8/L9GxKKJzVgAZO; expires=Tue, 03 Aug 2021 08:15:37 GMT; HttpOnly; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None incap_ses_697_1944542=+hGKVEo2Wyr2CTjp5T2sCRB4KF8AAAAAmRGSFjXXBBSiUkhUeAL4bA==; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None
date
Mon, 03 Aug 2020 20:48:15 GMT
strict-transport-security
max-age=31536000
x-cdn
Incapsula
x-iinfo
5-5792627-5792628 NNNN CT(123 252 0) RT(1596487695738 0) q(0 0 4 0) r(6 6) U6
gbStyles2050
www.gallagherbassett.com/sso/lib/ 		260 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/lib/gbStyles2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f96553827739ebabf96b58c9a0b89a47801f19adbf102a26a3d1d2858271ae11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:15 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:16 GMT
x-cdn
Incapsula
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
x-iinfo
5-5792635-5792628 PNNN RT(1596487696390 0) q(0 0 0 -1) r(2 2) U18
cache-control
public
strict-transport-security
max-age=31536000
content-length
47866
expires
Tue, 03 Aug 2021 20:48:16 GMT
preload2050
www.gallagherbassett.com/sso/bundles/lib/ 		296 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:16 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:16 GMT
x-cdn
Incapsula
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
5-5792636-5792637 NNNN CT(123 125 0) RT(1596487696392 0) q(0 0 3 -1) r(4 4) U18
cache-control
public
strict-transport-security
max-age=31536000
expires
Tue, 03 Aug 2021 20:48:16 GMT
startssojs2050
www.gallagherbassett.com/sso/bundles/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/startssojs2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2e5f54080aae1173182915ffa5b8d3b84267605608bac4479f4a5ccfe7ab7d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:16 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:16 GMT
x-cdn
Incapsula
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
5-5792638-5792639 NNNN CT(124 124 0) RT(1596487696393 0) q(0 0 3 -1) r(4 4) U18
cache-control
public
strict-transport-security
max-age=31536000
content-length
21083
expires
Tue, 03 Aug 2021 20:48:16 GMT
GBLogo400px.png
www.gallagherbassett.com/sso/images/ 		0
0
spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 		0
0
postload2050
www.gallagherbassett.com/sso/bundles/lib/ 		390 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/postload2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:16 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:17 GMT
x-cdn
Incapsula
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
5-5792656-5792639 PNNN RT(1596487697081 0) q(0 0 0 -1) r(2 2) U18
cache-control
public
strict-transport-security
max-age=31536000
expires
Tue, 03 Aug 2021 20:48:17 GMT
_Incapsula_Resource
www.gallagherbassett.com/ 		142 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=339676900
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20769
content-type
application/javascript
Primary Request Logon
www.gallagherbassett.com/sso/App/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/App/Logon
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
822c6b05ee3233f9141f6f579e8e0b742d8a6f0f4630f1d566af788cbcd950b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
POST
:authority
www.gallagherbassett.com
:scheme
https
:path
/sso/App/Logon
content-length
82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.gallagherbassett.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
mKey=4b1b2aad-c9f4-47e2-a564-86622e14b8bf; visid_incap_1944542=FirxNlSYSxS3+jNfuVkISw94KF8AAAAAQUIPAAAAAADdjMohB8/L9GxKKJzVgAZO; incap_ses_697_1944542=+hGKVEo2Wyr2CTjp5T2sCRB4KF8AAAAAmRGSFjXXBBSiUkhUeAL4bA==
Upgrade-Insecure-Requests
1
Origin
https://www.gallagherbassett.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
date
Mon, 03 Aug 2020 20:48:16 GMT
strict-transport-security
max-age=31536000
x-cdn
Incapsula
x-iinfo
5-5792662-5792637 PNNN RT(1596487697459 0) q(0 0 0 -1) r(2 2) U6
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
876
date
Mon, 03 Aug 2020 20:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 03 Aug 2020 22:33:41 GMT
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=940575157&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=853159391&gjid=1603999146&cid=259258071.1596487698&tid=UA-44339965-5&_gid=1830756798.1596487698&_r=1&z=1692188559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 20:48:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
gbStyles2050
www.gallagherbassett.com/sso/lib/ 		260 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/lib/gbStyles2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f96553827739ebabf96b58c9a0b89a47801f19adbf102a26a3d1d2858271ae11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:16 GMT
x-cdn
Incapsula
etag
"6fb6828e"
strict-transport-security
max-age=31536000
content-type
text/css; charset=utf-8
status
200
x-iinfo
5-5792671-0 0CNN RT(1596487697658 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31535999, public
content-length
47866
expires
Tue, 03 Aug 2021 20:48:16 GMT
preload2050
www.gallagherbassett.com/sso/bundles/lib/ 		296 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:16 GMT
x-cdn
Incapsula
etag
"7a9f1370"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
5-5792672-0 0CNN RT(1596487697659 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31535999, public
content-length
103052
expires
Tue, 03 Aug 2021 20:48:16 GMT
logonjs2050
www.gallagherbassett.com/sso/bundles/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/logonjs2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
81cffeb91b77e2c6933384d44636fe59aa9da33f47918004ed173436c4a7f02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:17 GMT
x-cdn
Incapsula
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
5-5792673-5792637 PNNN RT(1596487697660 0) q(0 0 0 -1) r(1 1) U18
cache-control
public
strict-transport-security
max-age=31536000
content-length
22000
expires
Tue, 03 Aug 2021 20:48:17 GMT
GBLogo400px.png
www.gallagherbassett.com/sso/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/GBLogo400px.png
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
71806028fa500df60ecccbc3ab9a794f748dca5f7d8ef960afcee030b8c27d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
last-modified
Thu, 09 Jul 2020 04:58:04 GMT
server
Microsoft-IIS/8.0
etag
"0563387ad55d61:0"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
x-iinfo
5-5792675-5792324 2NNN RT(1596487697739 0) q(0 0 0 -1) r(5 5) U18
accept-ranges
bytes
content-length
15469
x-cdn
Incapsula
spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
last-modified
Thu, 09 Jul 2020 04:58:08 GMT
server
Microsoft-IIS/8.0
etag
"0b09589ad55d61:0"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-iinfo
5-5792676-5790465 2NNN RT(1596487697811 0) q(0 0 0 -1) r(5 5) U18
accept-ranges
bytes
content-length
2704
x-cdn
Incapsula
Do_not_show_again.png
www.gallagherbassett.com/sso/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/Do_not_show_again.png
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
cb54ea14bc6be2f4ad52a2b6b27c35b71ae95b78e9eef0465d2f8d8d5c0caba0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
last-modified
Thu, 09 Jul 2020 04:58:04 GMT
server
Microsoft-IIS/8.0
etag
"0563387ad55d61:0"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
x-iinfo
5-5792677-5792220 2NNN RT(1596487697818 0) q(0 0 0 -1) r(5 5) U18
accept-ranges
bytes
content-length
2558
x-cdn
Incapsula
postload2050
www.gallagherbassett.com/sso/bundles/lib/ 		390 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/postload2050
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 20:48:17 GMT
x-cdn
Incapsula
etag
"c80fd7a2"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
5-5792674-0 0CNN RT(1596487697704 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31536000, public
content-length
115841
expires
Tue, 03 Aug 2021 20:48:17 GMT
_Incapsula_Resource
www.gallagherbassett.com/ 		136 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=1428742669
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2ab9718cff8d8c65eab9973e3fb411bcf5cc94f55f0096c78ab4c0d22e830c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
19714
content-type
application/javascript
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
876
date
Mon, 03 Aug 2020 20:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 03 Aug 2020 22:33:41 GMT
cmPrivacyPolicyVw.html
www.gallagherbassett.com/sso/SPA/Common/privacyPolicy/ 		1 KB
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/SPA/Common/privacyPolicy/cmPrivacyPolicyVw.html
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
424728a2b3db2af33132b75621d6d1efa840a8a8c7768fff49b2b2eb4d15ffa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 04:58:08 GMT
server
Microsoft-IIS/8.0
etag
"0b09589ad55d61:0"
vary
Accept-Encoding
content-type
text/html
status
200
x-iinfo
5-5792679-5792637 PNNN RT(1596487697881 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-cdn
Incapsula
BackgroundImage3.jpg
www.gallagherbassett.com/sso/images/ 		310 KB
312 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/BackgroundImage3.jpg
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
a5f63d83c1c0974831fa81e302e513c495097a2d37d9b9542ae8649f5b88af1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
last-modified
Thu, 09 Jul 2020 04:58:04 GMT
server
Microsoft-IIS/8.0
etag
"0563387ad55d61:0"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
x-iinfo
5-5792680-5790468 2NNN RT(1596487697884 0) q(0 0 0 -1) r(6 6) U18
accept-ranges
bytes
content-length
317403
x-cdn
Incapsula
glyphicons-halflings-regular.woff
www.gallagherbassett.com/sso/lib/bootstrap/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/lib/bootstrap/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.gallagherbassett.com/sso/lib/gbStyles2050
Origin
https://www.gallagherbassett.com

Response headers

date
Mon, 03 Aug 2020 20:48:17 GMT
last-modified
Thu, 09 Jul 2020 04:58:06 GMT
server
Microsoft-IIS/8.0
etag
"0836488ad55d61:0"
strict-transport-security
max-age=31536000
content-type
font/x-woff
status
200
x-iinfo
5-5792681-5791398 2NNN RT(1596487697892 0) q(0 0 0 -1) r(6 6) U12
accept-ranges
bytes
content-length
23424
x-cdn
Incapsula
GetMessages
www.gallagherbassett.com/ssoapi/API/APP/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/ssoapi/API/APP/GetMessages
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
08eb17a629eba4d3db8c9d6fef6534e393f7d9fba1b9da8bed22e524e11e2285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
RequestVerificationToken
WTEBHX_z5I6A-a0ynoZUhOk62Qw4_97CsCpTAqirUOv842-u111XShKm5mbQknPE9VNS5DItxbFqAsqNhJgOhrSM1601:gz3470qQ_ySM2_OdzyHubLCTS_mJ-kmxIVBgM3HxwHRWyCTXXDuSPDIlFh4PwQsiGl1T8b3AktuDehsCwKIto5NAy_o1
Referer
https://www.gallagherbassett.com/sso/App/Logon
TabKey
.undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 20:48:17 GMT
content-encoding
gzip
x-cdn
Incapsula
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
x-iinfo
5-5792682-5792637 PNNN RT(1596487697926 0) q(0 1 1 -1) r(2 2) U6
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
6141
expires
-1
GetMessages
www.gallagherbassett.com/ssoapi/API/APP/ 		1003 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/ssoapi/API/APP/GetMessages
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ef63b627442b4153839b42946d999909203d7128194bc50f58e3c769134b6c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
RequestVerificationToken
WTEBHX_z5I6A-a0ynoZUhOk62Qw4_97CsCpTAqirUOv842-u111XShKm5mbQknPE9VNS5DItxbFqAsqNhJgOhrSM1601:gz3470qQ_ySM2_OdzyHubLCTS_mJ-kmxIVBgM3HxwHRWyCTXXDuSPDIlFh4PwQsiGl1T8b3AktuDehsCwKIto5NAy_o1
Referer
https://www.gallagherbassett.com/sso/App/Logon
TabKey
.undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 20:48:18 GMT
content-encoding
gzip
x-cdn
Incapsula
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
x-iinfo
5-5792683-5792637 PNNN RT(1596487697927 0) q(0 2 2 -1) r(3 3) U6
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
538
expires
-1
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=70935977&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FLogon&dp=%2FApp%2FLogon&ul=en-us&de=UTF-8&dt=Logon%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAAAB~&jid=&gjid=&cid=259258071.1596487698&tid=UA-44339965-5&_gid=1830756798.1596487698&z=1322429220
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jul 2020 16:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2001043
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
_Incapsula_Resource
www.gallagherbassett.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.3248108803677294
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&a=70935977&t=timing&_s=2&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FLogon&ul=en-us&de=UTF-8&dt=Gallagher%20Bassett%20-%20Logon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2045&pdt=2&dns=0&rrt=0&srt=199&tcp=0&dit=390&clt=390&_gst=261&_gbt=476&_u=AACAAAAB~&jid=&gjid=&cid=259258071.1596487698&tid=UA-44339965-5&_gid=1830756798.1596487698&z=1645921387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Jul 2020 16:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2001045
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gallagherbassett.com
URL
https://www.gallagherbassett.com/sso/images/GBLogo400px.png
Domain
www.gallagherbassett.com
URL
https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| logGa function| $ function| jQuery object| jQuery1110048867812894279017 object| angular string| GoogleAnalyticsObject function| ga function| loadMdl function| UAParser function| ngGridDoubleClick function| DP_jQuery_1596487697885 object| ngGrid function| printStackTrace object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
www.gallagherbassett.com/ Name: ___utmvc
Value: ZQEjJJ5YXrQtgEi3Ogyup0I7dYAMd+bpy2KblK4VeOR5AQXVEIpKlicQ7q5Xu/vbUQuBwTEAs+wxuKXsKwKpet5vZg1fLqiHzdT1sQiyFRWxHDNG6RSIGvvv3HU3xiOgXbhUHuA9yHX4n1F/OYbIRV5PQZK4t9X5Ed0j4TpXuw0huWNFtBsM4oANVdl/vQ12zf6qA+uZV3zwiI9WgIIVrqDIVSdHfyfBp5KZpQzA+rFZztqcHbnN8d8w7AkinWpwL0tCZfj58iKWVBM54rlM6PufgZrzLTm8sGdJL5iXLbo0ViQO0O6Nl0tAa2fh1+9wqV3yshf153givBWxaCMlo+Rdd2feaXsRmjdM9hHiW33kIj9A75K4KMLqIxC+LT77vyFu5DMy03sObgXjQdhg+YXk8JP6EfjR/yq8AzWaYqvxsgdp1acfLGyH7J2azG/JtPHaY3sAFvC1AKXs6XdT3B7E2pj2T7DgaDLM8UsgNfzM+KJhwUy0dRIogF2ogQo09Q5kOtF1QvU1lNVTH1B0TH65GaEPbNmUJlEgHNFpac1pRpJWS4MFs+LBKThpP+mzz69vJnVLAYID+O7SSIZ62veYGoXv5HjOpLM/S2OqYJu6rqj7MXUHGuOD8PixPLKW9VlyJeft7a+PJhuiCo1W85n7NCuludNjt+khSm2nY0q7ac8ZSRDVYhh/usWcRM5/Q44rS2t7mhWsVpAkaLSvSW2u4VaUErHgc6mgnnn5z24S8dkscLQ0QOWWURmo9lWmC8W+rBfyK4MKJRHbDPzOlFzA4dhVgAp2qIB4N7vvUGd5Qjk5UQCZr/46iG/Gq39ZyOiZ189tz2wnkqW+8l5ee41yAt9Et3AKApXalIhQ8vJEuWkwEu8NWzCMvRV79nyQnuqsYRTVC/6sazjRQwPYBJK1WdGbbrz20Kprpcv7WYekS8jVGXPdPM9XzDmMHRmdKy9QEEKWTzDw3gjrh+T4LEGpi3HIfQyfQIafPa7v8Di/PKRo6Q2lJ1M+eaCtqmOGJPFn0VLa3IbIewoJCXl7Um+4OrCMMIL1LUt9dewlx3YCRUPlnSWNIY3GaB1v4Cx7laJa2TS1j2VLnUmPGz/fgQGPyNoRCOjidGXVfuJuKPBN/+DqWYUSZ266gMhMRyIVM3iO7r+SXP5nBef9VqZT5p1Nvw8mpxmQIbLY1cBgqHcTX1xxxfdn/V2TQwQg3Z6MvPkI9l/c0O5xop4NzIJx8d9c/DYlbkgkTCMtXI5CPli7vAzyK7PueKZJp688/G3bZmgoVSnJmIp4e1l4YXEdnv9wyutrXa95FlrZjFzDQLjqOzuoF82j2ZYLGFUUvysRGcWMW2lljtGtD3NN6Vf2/h0ma3p/zEG4bakiU3YdDfiis6akctMVQcslRbasj91FUmqem4cnf1UeyrN/lSoWgLpNCFjVtCXRtWFNxMsCODc+hFtyXZnqzSJtPhFp6DC4fFBQTBBA4dDsKGNB+O20Q5vMRotgsc3DiHFLUp00eb7RySi3pzVnTMMm1DZNjJkxqQxNlRMC6gZbXI/YfmgwNXGsXDj6BFSwm02vNfgZJGOfXXA0Jaj2+OP08IYk7pTk5vSx+cYLDz/wrT+PZUDS/hecI919uyuuyjWsLyxkaWdlc3Q9MTE0MTQzLHM9NzY3N2FkOTU4M2FiNzhhNjllODQ4MTlmOWE3ZDgwODk3ODc0Nzk3MmFiOTlhMjc4YTY3ODhkYTFhOGFkOGI4NTlkNjFhYjhhODM5ODcxNmU=
.gallagherbassett.com/ Name: _ga
Value: GA1.2.259258071.1596487698
.gallagherbassett.com/ Name: _gat
Value: 1
.gallagherbassett.com/ Name: _gid
Value: GA1.2.1830756798.1596487698
.gallagherbassett.com/ Name: incap_ses_697_1944542
Value: +hGKVEo2Wyr2CTjp5T2sCRB4KF8AAAAAmRGSFjXXBBSiUkhUeAL4bA==
.gallagherbassett.com/ Name: visid_incap_1944542
Value: FirxNlSYSxS3+jNfuVkISw94KF8AAAAAQUIPAAAAAADdjMohB8/L9GxKKJzVgAZO
www.gallagherbassett.com/ Name: mKey
Value: 4b1b2aad-c9f4-47e2-a564-86622e14b8bf

2 Console Messages

Source Level URL
Text
console-api log URL: https://gbtpa.sharefile.com/cache/856763bb95/bundles/webpop.js(Line 175)
Message:
Debug:Enabled
console-api log URL: https://gbtpa.sharefile.com/cache/856763bb95/bundles/webpop.js(Line 175)
Message:
Application:Starting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-uH7Sef/u1jD1WMlc2B0Jsg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
gbtpa.sf-api.com
gbtpa.sharefile.com
i2-moiqdtcwyxndiixfyalhbidokeqqve.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
www.gallagherbassett.com
104.225.98.129
143.204.202.10
151.147.160.186
2607:f740:e619::1
2a00:1450:4001:808::200e
35.241.57.45
45.60.123.80
52.21.196.12
52.3.211.188
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
08eb17a629eba4d3db8c9d6fef6534e393f7d9fba1b9da8bed22e524e11e2285
169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
23279e0b294db57a092e7e96da6f6cbd5558c4fb635a114ff723243d3c7ee4a4
27b6311698517437efedbc2c49d400fc0baadebf7ad574263cc330629cdc9f90
28d4400dcb100f30871db9e0cfe7e8972b93019eb00c2f05fadda276a05ac979
2ab9718cff8d8c65eab9973e3fb411bcf5cc94f55f0096c78ab4c0d22e830c90
2e5f54080aae1173182915ffa5b8d3b84267605608bac4479f4a5ccfe7ab7d0c
3faaa55a0f7eda873537d775bdefa52e139a3ab42c23c4c21891351f55be73e9
424728a2b3db2af33132b75621d6d1efa840a8a8c7768fff49b2b2eb4d15ffa5
42c05b705b49cfa6bf62f25347d17f2e99242de27a7b9adcb7c1e8110ce6364a
6652d755e491e40d947a4e50986b3792cfb2a23cb6f1d59d6b1c1b36f3fe7595
71806028fa500df60ecccbc3ab9a794f748dca5f7d8ef960afcee030b8c27d75
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
81cffeb91b77e2c6933384d44636fe59aa9da33f47918004ed173436c4a7f02e
822c6b05ee3233f9141f6f579e8e0b742d8a6f0f4630f1d566af788cbcd950b8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
94ecaa97c1a4a452b16602c5f810e6e057e916fa1841bc7fdbb54c9f791ecd16
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a5f63d83c1c0974831fa81e302e513c495097a2d37d9b9542ae8649f5b88af1b
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
b3dcbc5966f6e6a477af10e9bb46ffcfc4578160df12006710dc35875f0054e6
be8c8d4ac8a624a16fca19ff88b4f333e1998443fc5229ffabc687a5bf0ebb6a
c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767
c71597fb1866aae904979d952402b74fd8b997e2f0461dbdb42d5fee65f44346
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
c9bc8ba7255e860d4b70e3f6131f0a96fa33d8c3500c18dcf985792df12529a8
cb2389a7beac199857c61aea5aa2c7f1f2be23ed46d4504f2c10ed460b66c0bb
cb54ea14bc6be2f4ad52a2b6b27c35b71ae95b78e9eef0465d2f8d8d5c0caba0
cc5fc3d160153c56be41c6486785454ed6e8c981c60ff1606838e9b055cf0047
d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef63b627442b4153839b42946d999909203d7128194bc50f58e3c769134b6c48
f96553827739ebabf96b58c9a0b89a47801f19adbf102a26a3d1d2858271ae11
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955