Submitted URL: https://payworks.sharefile.com/Authentication/Login#ForgotPassword
Effective URL: https://payworks.sharefile.com/Authentication/Login
Submission: On January 18 via manual from CA — Scanned from CA

Summary

This website contacted 7 IPs in 1 countries across 4 domains to perform 26 HTTP transactions. The main IP is 76.223.1.166, located in United States and belongs to AMAZON-02, US. The main domain is payworks.sharefile.com.
TLS certificate: Issued by Amazon on December 7th 2021. Valid for: a year.
This is the only time payworks.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
11 sharefile.com
payworks.sharefile.com
299 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
481 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2577
24 KB
4 pendo.io
citrix-sharefile-content.customer.pendo.io — Cisco Umbrella Rank: 26260
citrix-sharefile-data.customer.pendo.io — Cisco Umbrella Rank: 22465
139 KB
26 4
Domain Requested by
11 payworks.sharefile.com payworks.sharefile.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
4 www.recaptcha.net payworks.sharefile.com
www.gstatic.com
www.recaptcha.net
3 citrix-sharefile-data.customer.pendo.io citrix-sharefile-content.customer.pendo.io
1 fonts.gstatic.com www.recaptcha.net
1 citrix-sharefile-content.customer.pendo.io payworks.sharefile.com
26 6

This site contains no links.

Subject Issuer Validity Valid
*.sharefile.com
Amazon
2021-12-07 -
2023-01-05
a year crt.sh
citrix-sharefile-content.customer.pendo.io
GTS CA 1D4
2021-12-26 -
2022-03-26
3 months crt.sh
citrix-sharefile-data.customer.pendo.io
GTS CA 1D4
2021-12-05 -
2022-03-05
3 months crt.sh
misc.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh

This page contains 3 frames:

Primary Page: https://payworks.sharefile.com/Authentication/Login
Frame ID: 7C4293E6906DF61F0F0876E967D55AD1
Requests: 17 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
Frame ID: 1F80A2E36CE838663C181F654E2FFB7F
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7
Frame ID: 6EDAEFCCA89218DA57F0DBE47364FAFA
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

ShareFile Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

6
Subdomains

7
IPs

1
Countries

943 kB
Transfer

2645 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login
payworks.sharefile.com/Authentication/
6 KB
4 KB
Document
General
Full URL
https://payworks.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash
ed1b591e97e7793499ea5d8fba0b387bd2c6626f19ec226f64d0a518b93cf6e1
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-QlKIxh71iDrdQEvICeiD0A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-type
text/html; charset=utf-8
content-length
2448
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-encoding
gzip
expires
0
vary
Accept-Encoding
citrix-transactionid
ce994ae8-9f87-4297-a615-56a1e4c8c7e6
x-frame-options
SAMEORIGIN
content-security-policy
style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-QlKIxh71iDrdQEvICeiD0A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
custom.css
payworks.sharefile.com/cache/sha/_Auth/Styles/custom/
27 KB
6 KB
Stylesheet
General
Full URL
https://payworks.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=GQZ7y3e6e3Y13tDKuFRaOn7VZVhTUR77I2nrsICWn0s1
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2128c31fad7346456c5e44e8aa0c617063f3137d7139d877cf898f30c416dce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:17:08 GMT
server
Microsoft-IIS/10.0
etag
"0a2108499d81:0"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5358
x-content-type-options
nosniff
errorhandler.js
payworks.sharefile.com/_Auth/
548 B
1 KB
Script
General
Full URL
https://payworks.sharefile.com/_Auth/errorhandler.js
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:16:58 GMT
server
Microsoft-IIS/10.0
etag
"0c11a2499d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
349
x-content-type-options
nosniff
webpop
payworks.sharefile.com/cache/sha/javascript/bundles/
91 KB
30 KB
Script
General
Full URL
https://payworks.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

citrix-transactionid
51c3d3d7-dfc0-4002-8d68-1dd797fa0ef2
date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:33:29 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
29743
x-content-type-options
nosniff
expires
Wed, 18 Jan 2023 17:33:29 GMT
webpoprequireconfig
payworks.sharefile.com/cache/sha/bundles/
1 KB
2 KB
Script
General
Full URL
https://payworks.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=jWlLbyFw0-Fc1ZuEBA9OsqzolkRNAODk4V9Z5w3TqQc1
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
/
Resource Hash
c7355bb3d240ba9106e292048af5cfd0028902c2b06d7b1bf7fcd1a544902600
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

citrix-transactionid
aba3b1c2-b79c-483c-8f2f-05733cb72c03
date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Tue, 18 Jan 2022 17:33:29 GMT
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
482
x-content-type-options
nosniff
expires
Wed, 18 Jan 2023 17:33:29 GMT
pendo.js
citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/
443 KB
137 KB
Script
General
Full URL
https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.168.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.168.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
021620b2ff12f7a39ebf2f8ee83c893c7ea0a6b8f61fc2e989905bc9decd29e8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:27:40 GMT
content-encoding
gzip
age
349
x-guploader-uploadid
ADPycdustDWt6UX0Yy2ZglLP2SjSKIxCjSMu2f8_L2acAmSLcdb1pIgwEQDrKLf3n3oCjSN46xJ0ALn8ftUlXyvFPbV9erU3TA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139798
last-modified
Fri, 14 Jan 2022 20:11:46 GMT
server
UploadServer
etag
"4b76b568ae44c32540685a08c9f56877"
vary
Accept-Encoding
x-goog-hash
crc32c=DOgkxw==, md5=S3a1aK5EwyVAaFoIyfVodw==
x-goog-generation
1642191106156944
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
139798
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jan 2022 17:35:10 GMT
webpop.js
payworks.sharefile.com/cache/6b6b7b77db/bundles/
778 KB
211 KB
Script
General
Full URL
https://payworks.sharefile.com/cache/6b6b7b77db/bundles/webpop.js
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
20cdba511cfc7e3d9405b0449f37f6d5cd6804ba0140fed5f6eb91e3d30bd7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:17:08 GMT
server
Microsoft-IIS/10.0
etag
"0a2108499d81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
214605
x-content-type-options
nosniff
en.json
payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_Auth/locales/
25 KB
9 KB
XHR
General
Full URL
https://payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_Auth/locales/en.json
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/cache/6b6b7b77db/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ba03fc960aa760c7f8e160f5b111781f6bcc340dad3b7a5f51e4622bfc4d5a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://payworks.sharefile.com/Authentication/Login
X-Requested-With
XMLHttpRequest
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:17:08 GMT
server
Microsoft-IIS/10.0
etag
"0a2108499d81:0"
vary
Accept-Encoding
content-type
application/json
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
8363
x-content-type-options
nosniff
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/ptm.gif/
42 B
104 B
Image
General
Full URL
https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.120.4_prod&ct=1642527209393&jzb=eJzNkU9vwjAMxb9Ldq36J7RQuCGNSUxowGBwmKYqtKHNaJMqcWEV4rvjgEC7bLdJu8XO89Pv2e9HAm3NyYBUHBhxyEarg-E6AVFhN-iGNKI96vc7ceSQvTAClE5EhgPJbPTyOE2WSbtQwWhXBPEqRAOWpqqRcNHIpiwd0ugS5QVAbQaeV7P2oPTOuKZgmm9Fyd1UVd6wgYJLECkDoaQ3UbmQD09K5wpmzBgcydC81qo2ZHC8kdjnbzAlk3nDcpuPy-RtQU53QBzFokYGCcPvrYyB1Qex5wce9SlFnz3XBrGwTd2A-m6YIElm3a4GS7YZ3_PCtSDD-TheTp7X2Xg2ha_pJ_psNav45XOUzaNgr7NtZ73qVq-NXX0LHMN1-uHJuZ-lVMwG__ksvf90Fkt7Y_Rj_0_2Q3vR6eMMwxzknQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/guide.json/
2 KB
2 KB
XHR
General
Full URL
https://citrix-sharefile-data.customer.pendo.io/data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJx9jkFLxjAMQP9LvI6VgQfZbeAnCKKDT72W0NW2rEtGmypD9t-_7jJv3pLwXni_8B1yEE7PE_Sgx8vr45t-19uVu8vsu4fPe2gAjeFCciBUYmygpFhpL7LmXqkVtx9Oc26zx2S_QrSt4UUNRbwlCQYlMKkXdoHunjg5lhFzrspUfy9WcEJB6M-UYwz_5EQkV9DZSljSH1fYz8Sq1mWtGSTD32nfb445UJc&v=2.120.4_prod&ct=1642527209396
Requested by
Host: citrix-sharefile-content.customer.pendo.io
URL: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
18d73766e695a3590d42e0d363310c69100b77ae835dffb7aff44f375025bf70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/json
via
1.1 google
access-control-max-age
600
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
AuthShell.html
payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_Auth/
1 KB
1 KB
XHR
General
Full URL
https://payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_Auth/AuthShell.html
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/cache/6b6b7b77db/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
016786366a208e9d5e9e3bfa6bcd0020979e3d8019b344c7dde7950e695052b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:17:08 GMT
server
Microsoft-IIS/10.0
etag
"0a2108499d81:0"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
494
x-content-type-options
nosniff
CitrixSans-Light.woff
payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_auth/styles/fonts/
25 KB
26 KB
Font
General
Full URL
https://payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_auth/styles/fonts/CitrixSans-Light.woff
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=GQZ7y3e6e3Y13tDKuFRaOn7VZVhTUR77I2nrsICWn0s1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2fc2ac72f4d63a038ca248de81b16a9edae98d2a0cb115a19ce8e6618b0490dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://payworks.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=GQZ7y3e6e3Y13tDKuFRaOn7VZVhTUR77I2nrsICWn0s1
Origin
https://payworks.sharefile.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:17:08 GMT
server
Microsoft-IIS/10.0
etag
"0a2108499d81:0"
content-type
application/x-font-woff
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
25804
x-content-type-options
nosniff
d990d3f3-2e3c-41a5-ae4e-19cd31187777.png
payworks.sharefile.com/styles/images/
6 KB
7 KB
Image
General
Full URL
https://payworks.sharefile.com/styles/images/d990d3f3-2e3c-41a5-ae4e-19cd31187777.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
262f3b49e045a55e6bf2e03f8bf0e80e52661c33e0c950a5264a7f77119f7545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
referrer-policy
same-origin
last-modified
Mon, 06 Mar 2017 21:30:46 GMT
server
Microsoft-IIS/10.0
etag
"b6b5eaeac096d21:0"
content-type
image/png
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
5725
x-content-type-options
nosniff
expires
Wed, 01 Jan 2020 00:00:00 GMT
ForgotPassword.html
payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_Auth/ForgotPassword/
1 KB
2 KB
XHR
General
Full URL
https://payworks.sharefile.com/cache/181e9fe89c066dab8fcc8299b8f38e25d91ef14e/_Auth/ForgotPassword/ForgotPassword.html
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/cache/6b6b7b77db/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
adbc6357b41625fc7.awsglobalaccelerator.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d616537757fe361e61db96f47ca887a683244c6d41b67e8f28fa5c68f1c4c42a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://payworks.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Fri, 14 Jan 2022 13:17:08 GMT
server
Microsoft-IIS/10.0
etag
"0a2108499d81:0"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
522
x-content-type-options
nosniff
api.js
www.recaptcha.net/recaptcha/
913 B
993 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit
Requested by
Host: payworks.sharefile.com
URL: https://payworks.sharefile.com/cache/6b6b7b77db/bundles/webpop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f7d190f149f972061e4f303adf393debe0c58cb70d06c2e654079df945aa56b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Tue, 18 Jan 2022 17:33:29 GMT
74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/ptm.gif/
42 B
280 B
Image
General
Full URL
https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.120.4_prod&ct=1642527209589&jzb=eJy9VmFP2zwQ_ivI-9pQEigDvhVRtEwdLV0HmqZXlZM4iVcntuwLTTX1v3NxCkpXIDDo2w-VnbvnnufOd05-_SGwVIyckViGhSEdEmi5MEzPgGf42D0-8nreZ-_gtHd80CF33HCQesYjRMzGg6uL0Ww6W36X7mCeuic3RxiAhqEscrA-eSFEhxRaoHsKoMxZt6vociH13OyblGoWc8H2Q5l1-wWkLAceUuAy7w5lwvNPl1InEsbUGIREGFxpqQw5Q9VUJwzqVYLR_avxjyk6WGWxhTlqjXNYRrlAYygQS6AEnqsC9uy_w4FlaAMOAhOuFVMAbWlCgTGex9CA5xEr0cFxyapDsqVf710kS7mI1lssncJkcxgIBD6KHvbPB8MH0Y_68ABa9VQ-b-e78G-22GxCZg9YCU6ICKZbyZ-ANLX0NrV4T2u5HE2-bYl5jvpjUjXA1N5fvVFnIVgMrWm3wJsaUdQ_atxJBahSYj1YX6SpMt0hWVUmJ5Q5UJ7bZqq5ZIF9EuDNEFW3zMuVbvq-vbOeKmtI7fXxMq11-phWq0JtFKGdueH-gRoWGg__tQoenN_FX6WB9o2pe9VsvW-C_tcetw26WwpFE7YDhvPRxc_tTikMyMwJaDhPdDV27e2yhWhKwcFsSnFXmz8MXuKrm5BqWYuc0sB__F7A12q1If1r_2Q6_Hob-eMRlKPfqCrWNGPWOIiue-6djuLD25vjbFKg0TBj8Pit-Q5SLyjZYXk6z6juT6ovmyUw1O55J97qv3tjUev1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:29 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/
351 KB
139 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onRecaptchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://payworks.sharefile.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 05:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141749
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:17:36 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 1F80
41 KB
22 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8af77da82ca9eb231f61d3adfb4a7497f606c1d15b8e094d49f76f702fae901b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kaMBAdzmSdGiiR2PsH1FGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 18 Jan 2022 17:33:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-kaMBAdzmSdGiiR2PsH1FGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21794
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 1F80
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 05:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:17:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 1F80
351 KB
138 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 05:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141749
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:17:36 GMT
truncated
/ Frame 1F80
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1F80
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1F80
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 17:24:45 GMT
x-content-type-options
nosniff
age
432525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 20 Jan 2022 17:24:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F80
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 11:41:34 GMT
x-content-type-options
nosniff
age
21116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 11:41:34 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1F80
102 B
133 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
762bc62721580cd804e80ef3be945628fb5d4ebaa24dba64c13759d25809cc52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7&co=aHR0cHM6Ly9wYXl3b3Jrcy5zaGFyZWZpbGUuY29tOjQ0Mw..&hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&size=normal&cb=gtdm81w22gnu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:33:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 18 Jan 2022 17:33:30 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame 6EDA
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0d017cd38eb2acce96853fb774228e76ff26192ad50a12620b2b414c11fdeab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mKgffUaKkzdhxIKO2FHFMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 18 Jan 2022 17:33:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-mKgffUaKkzdhxIKO2FHFMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 6EDA
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 05:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:17:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/ Frame 6EDA
351 KB
138 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/TDBxTlSsKAUm3tSIa0fwIqNu/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=TDBxTlSsKAUm3tSIa0fwIqNu&k=6LcjF8QZAAAAAB2bvfv77jUFHJwIiKoIzbTzlff7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 05:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141749
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 05:01:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:17:36 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oAuthViewModel function| requirejs function| require function| define object| returnExports object| pendoModel object| pendo function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| $ function| jQuery function| onRecaptchaLoad object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_727625

7 Cookies

Domain/Path Name / Value
payworks.sharefile.com/ Name: ASP.NET_SessionId
Value: kvbj0xhb2y0xqkzztzzrmqt1
.sharefile.com/ Name: SF_Subdomain
Value: payworks
payworks.sharefile.com/ Name: i18next
Value: en
payworks.sharefile.com/ Name: AWSALBTG
Value: Gc7n5lNoLoraTWioKvDwBq+ZWvs3qlav9ar7o2ZU0c/VYV/emNFsAGttcqoNHRyJDaDNR4EMGLaJVHQA4auAz8F95A5XwQ3IL1QyoisVwd8Rp9V8Lgrdu7s6IQWSTLtdmcoknJPBKm4tvnAB+tSyJWFTIoScQpCOfPDV93VHX3Vj
payworks.sharefile.com/ Name: AWSALBTGCORS
Value: Gc7n5lNoLoraTWioKvDwBq+ZWvs3qlav9ar7o2ZU0c/VYV/emNFsAGttcqoNHRyJDaDNR4EMGLaJVHQA4auAz8F95A5XwQ3IL1QyoisVwd8Rp9V8Lgrdu7s6IQWSTLtdmcoknJPBKm4tvnAB+tSyJWFTIoScQpCOfPDV93VHX3Vj
payworks.sharefile.com/ Name: AWSALB
Value: t/9vd+SPzNWF4ZOr9eyoLYlmwk368htaDJsNMKBrJYyKe75JLJqd04ppKANLsQ5f5hLuuv2lwBngnj6oKyZoD43Yxj2blbC80dFJ/XfYTmybw3jrKyd0Lh+qQqv8
payworks.sharefile.com/ Name: AWSALBCORS
Value: t/9vd+SPzNWF4ZOr9eyoLYlmwk368htaDJsNMKBrJYyKe75JLJqd04ppKANLsQ5f5hLuuv2lwBngnj6oKyZoD43Yxj2blbC80dFJ/XfYTmybw3jrKyd0Lh+qQqv8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-QlKIxh71iDrdQEvICeiD0A==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citrix-sharefile-content.customer.pendo.io
citrix-sharefile-data.customer.pendo.io
fonts.gstatic.com
payworks.sharefile.com
www.gstatic.com
www.recaptcha.net
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2013
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2003
34.107.168.21
76.223.1.166
016786366a208e9d5e9e3bfa6bcd0020979e3d8019b344c7dde7950e695052b8
021620b2ff12f7a39ebf2f8ee83c893c7ea0a6b8f61fc2e989905bc9decd29e8
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
18d73766e695a3590d42e0d363310c69100b77ae835dffb7aff44f375025bf70
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f7d190f149f972061e4f303adf393debe0c58cb70d06c2e654079df945aa56b
20cdba511cfc7e3d9405b0449f37f6d5cd6804ba0140fed5f6eb91e3d30bd7b6
2128c31fad7346456c5e44e8aa0c617063f3137d7139d877cf898f30c416dce0
262f3b49e045a55e6bf2e03f8bf0e80e52661c33e0c950a5264a7f77119f7545
2fc2ac72f4d63a038ca248de81b16a9edae98d2a0cb115a19ce8e6618b0490dc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
762bc62721580cd804e80ef3be945628fb5d4ebaa24dba64c13759d25809cc52
8af77da82ca9eb231f61d3adfb4a7497f606c1d15b8e094d49f76f702fae901b
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
ba03fc960aa760c7f8e160f5b111781f6bcc340dad3b7a5f51e4622bfc4d5a15
c0d017cd38eb2acce96853fb774228e76ff26192ad50a12620b2b414c11fdeab
c7355bb3d240ba9106e292048af5cfd0028902c2b06d7b1bf7fcd1a544902600
d616537757fe361e61db96f47ca887a683244c6d41b67e8f28fa5c68f1c4c42a
ed1b591e97e7793499ea5d8fba0b387bd2c6626f19ec226f64d0a518b93cf6e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8bf0b735b32ad006ebb24281f26003602080d6da979243af106c1962777cac6