mybenefitskeeper492.sharefile.com Open in urlscan Pro
52.3.211.188 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979
Submission: On May 28 via api (May 28th 2020, 5:55:22 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 52.3.211.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mybenefitskeeper492.sharefile.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 25th 2020. Valid for: a year.

This is the only time mybenefitskeeper492.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	52.3.211.188 52.3.211.188	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
1	13.224.95.26 13.224.95.26	16509 (AMAZON-02) (AMAZON-02)
1	100.24.163.216 100.24.163.216	14618 (AMAZON-AES) (AMAZON-AES)
1	104.225.98.131 104.225.98.131	36236 (NETACTUATE) (NETACTUATE)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
14	7

8 52.3.211.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-211-188.compute-1.amazonaws.com

mybenefitskeeper492.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.57.45 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-26.zrh50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.163.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-163-216.compute-1.amazonaws.com

mybenefitskeeper492.sf-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.131 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 131.98.225.104.ptr.anycast.net

i2-vsidoxvdkamlpnvvwalwpeswsfbede.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	sharefile.com mybenefitskeeper492.sharefile.com	574 KB
3	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	19 KB
1	cedexis-radar.net i2-vsidoxvdkamlpnvvwalwpeswsfbede.init.cedexis-radar.net	1 KB
1	sf-api.com mybenefitskeeper492.sf-api.com	2 KB
1	pendo.io cdn.pendo.io	108 KB
14	5

	Domain	Requested by
8	mybenefitskeeper492.sharefile.com	mybenefitskeeper492.sharefile.com
2	radar.cedexis.com	1 redirects mybenefitskeeper492.sharefile.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-vsidoxvdkamlpnvvwalwpeswsfbede.init.cedexis-radar.net	radar.cedexis.com
1	mybenefitskeeper492.sf-api.com	mybenefitskeeper492.sharefile.com
1	cdn.pendo.io	mybenefitskeeper492.sharefile.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com DigiCert SHA2 Secure Server CA	`2020-03-25` - `2021-03-30`	a year	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.sf-api.com DigiCert SHA2 Secure Server CA	`2019-12-02` - `2020-12-09`	a year	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979
Frame ID: 8015F27B34FBD460C6A0E143277E0D01
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

14
Requests

93 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

704 kB
Transfer

2294 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1571758301/radar.js

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d-5c42f09d88fa4979 Show response
mybenefitskeeper492.sharefile.com/ 3 KB
2 KB 2625ms
2330ms Document
text/html 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

747840443e63f5b7aa9b49232af0cb9a8e1ab893e95881438bc05cf7876d6571

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-GhuMngXdMy7TrKaaZh6IBg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mybenefitskeeper492.sharefile.com
:scheme: https
:path: /d-5c42f09d88fa4979
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=weuae0orxxib3z4apashfnia; path=/; secure; HttpOnly SFWEB_SRVNAME=i-08ad3a697457120e9; path=/
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-GhuMngXdMy7TrKaaZh6IBg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Thu, 28 May 2020 17:55:05 GMT
content-length: 1285
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 spinner.css
mybenefitskeeper492.sharefile.com/css/ 1 KB
789 B 396ms
395ms Stylesheet
text/css 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/css/spinner.css

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:05 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Thu, 21 May 2020 18:59:14 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
etag: "06d6ceba12fd61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 ShimSham Show response
mybenefitskeeper492.sharefile.com/javascript/bundles/ 87 KB
26 KB 397ms
396ms Script
text/javascript 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/javascript/bundles/ShimSham?v=A96NAG7CJ3JIKU4cEP9Rkgucaw4rvlwOpSLYUE0jHM41

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

b0aba32165027cfad4142e7f93cd40d2e3bf50ea427792f9a81c792f383e9910

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 May 2020 17:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 May 2020 17:55:05 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 26055
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: Fri, 28 May 2021 17:55:05 GMT

GET
H2 200 index.125b6b7021c9f817ce45.js Show response
mybenefitskeeper492.sharefile.com/bundles/ 2 MB
526 KB 397ms
396ms Script
application/javascript 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/bundles/index.125b6b7021c9f817ce45.js

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

ca3a1636cdf7bce3e5c2b3e50ca2df08876c3662ea135e6b7b69dd84f38695d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 537841
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 May 2020 19:02:08 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
etag: "0b82253a22fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 spinner.svg
mybenefitskeeper492.sharefile.com/css/ 1 KB
1 KB 421ms
421ms Image
image/svg+xml 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mybenefitskeeper492.sharefile.com/css/spinner.svg

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/d-5c42f09d88fa4979

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:05 GMT
referrer-policy: same-origin
last-modified: Thu, 21 May 2020 18:59:14 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
etag: "06d6ceba12fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: image/svg+xml
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

GET
H2

200

radar.js Show response
radar.cedexis.com/1571758301/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1571758301/radar.js

44 KB
18 KB

62ms
62ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1571758301/radar.js
Requested by: Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/share/view/5c42f09d88fa4979
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.57.45 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d4bc9e5c7c94b708122d7e9a538acad6687b959875981d60dac16c4af93a337

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:06 GMT
content-encoding: gzip
last-modified: Tue, 22 Oct 2019 15:40:23 GMT
server: nginx
etag: W/"5daf22e7-aed4"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1209600, public
alt-svc: clear
via: 1.1 google
expires: Thu, 11 Jun 2020 17:55:06 GMT

Redirect headers

date: Thu, 28 May 2020 17:55:06 GMT
via: 1.1 google
server: nginx
status: 302
vary: User-Agent,DNT
content-type: text/html
location: /1571758301/radar.js
cache-control: max-age=600
alt-svc: clear
content-length: 154
expires: Thu, 28 May 2020 18:05:06 GMT

GET
H2 200 fe5fd39c94a75e628af8.js Show response
mybenefitskeeper492.sharefile.com/bundles/ 29 KB
10 KB 173ms
172ms Script
application/javascript 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/bundles/fe5fd39c94a75e628af8.js

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/bundles/index.125b6b7021c9f817ce45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

13d7e4a6feb503ef216e24c10183909750fc0ad27038cac89502f285e359b4aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/share/view/5c42f09d88fa4979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 9672
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 May 2020 19:02:08 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
etag: "0b82253a22fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 95078ddcfd06a6d9dd22.js Show response
mybenefitskeeper492.sharefile.com/bundles/ 2 KB
1 KB 173ms
172ms Script
application/javascript 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/bundles/95078ddcfd06a6d9dd22.js

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/bundles/index.125b6b7021c9f817ce45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

d750d0564c8358b6013e61b29e70a73695ab479cc34056048b74e10aaacdbfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/share/view/5c42f09d88fa4979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 869
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 May 2020 19:02:10 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
etag: "0e55354a22fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 53e4d2c7b432ea1cb202.js Show response
mybenefitskeeper492.sharefile.com/bundles/ 17 KB
7 KB 183ms
183ms Script
application/javascript 52.3.211.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sharefile.com/bundles/53e4d2c7b432ea1cb202.js

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/bundles/index.125b6b7021c9f817ce45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-211-188.compute-1.amazonaws.com

Software

Resource Hash

923909fc7253b52a6130f8ced9af77f50f7466216ca3630f2e282cf49560dc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mybenefitskeeper492.sharefile.com/share/view/5c42f09d88fa4979
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 May 2020 17:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 6617
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 21 May 2020 19:02:10 GMT
x-sf-server: web_ssl/i-08ad3a697457120e9_us-east-1c
etag: "0e55354a22fd61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 340 KB
108 KB 255ms
62ms Script
application/javascript 13.224.95.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/share/view/5c42f09d88fa4979
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.95.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-26.zrh50.r.cloudfront.net
Software: UploadServer /
Resource Hash: dccb283cb247c875328103aa928977b4dfceed1c696a0469856cf8bf5c79669c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 17:52:54 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 134
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 21 May 2020 18:07:49 GMT
Server: UploadServer
ETag: "692dfef93eecb8e6ceab475513b82421"
Vary: Accept-Encoding
x-goog-hash: crc32c=GqRa6A==, md5=aS3++T7suObOq0dVE7gkIQ==
x-goog-generation: 1590084469015931
Via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 109461
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUko6HNoVBNWIRvM2gzL1Hn7EtzKjkhYnbfMTX09VGKs5paYhB3_V-WMiRbcuqexXSoF2eWbdUgdd2D0MI3aTg
X-Amz-Cf-Id: RlSqPi0oD028kLgqCmEKi9zpHP8VbhpsgIh7lwXheOkE9F9scIVchQ==
Expires: Thu, 28 May 2020 18:00:22 GMT

GET
H2 200 Branding Show response
mybenefitskeeper492.sf-api.com/sf/v3/Accounts/ 3 KB
2 KB 9160ms
8226ms XHR
application/json 100.24.163.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mybenefitskeeper492.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: mybenefitskeeper492.sharefile.com
URL: https://mybenefitskeeper492.sharefile.com/bundles/index.125b6b7021c9f817ce45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

100.24.163.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-163-216.compute-1.amazonaws.com

Software

Resource Hash

a76ebc08a661b026c3520cce069cf4548a79187459196b0250d7a2536d56e7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

date: Thu, 28 May 2020 17:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
status: 200
x-sfapi-accountid: a055a5ff-496a-4efb-f50f-d67e53423c76
vary: Accept-Encoding
content-length: 1016
x-xss-protection: 1; mode=block
pragma: no-cache
x-sf-server: api_ssl_v3/i-0b972d7f408016a86_us-east-1c
x-frame-options: DENY
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-language: en
access-control-allow-origin: https://mybenefitskeeper492.sharefile.com
x-sfapi-requestid: 637262709134990276
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

GET
H/1.1 200
Ok providers.json Show response
i2-vsidoxvdkamlpnvvwalwpeswsfbede.init.cedexis-radar.net/i2/1/55156/j1/20/119/1590688506/0/0/ 3 KB
1 KB 255ms
59ms XHR
application/json 104.225.98.131
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-vsidoxvdkamlpnvvwalwpeswsfbede.init.cedexis-radar.net/i2/1/55156/j1/20/119/1590688506/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.131 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 131.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: f8e1dd30b9b903de5dd6a26aa9c79fc748b1016cf63961281d69ca86ba4bf5a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 17:55:06 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H/1.1 200
Ok 1590688505685 Show response
rpt.cedexis.com/n1/0/1590688502652/0/0/0/0/1590688502652/1590688502653/1590688502671/1590688502671/1590688502946/1590688502701/1590688502946/1590688505277/1590688505278/1590688505280/1590688506265/... 16 B
283 B 54ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1590688502652/0/0/0/0/1590688502652/1590688502653/1590688502671/1590688502671/1590688502946/1590688502701/1590688502946/1590688505277/1590688505278/1590688505280/1590688506265/1590688506265/1590688506265/1590688506625/1590688506625/1590688506625/_CgJqMRAUGHciBggBEPSuAyiEz6WiDDD69b_2BTj69b_2BUDYjK8UShAIAxA1GOzCASAAKO6DgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMy5hbXMuaHYucHJvZIIBEQgDELsBGILEAyAAKM6PgKAEiAGlz7ukApABAJgBAA/0/1590688505685
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 17:55:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET Branding
mybenefitskeeper492.sf-api.com/sf/v3/Accounts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mybenefitskeeper492.sf-api.com
URL: https://mybenefitskeeper492.sf-api.com/sf/v3/Accounts/Branding

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mybenefitskeeper492.sharefile.com/	1969-12-31 23:59:59	Name: SFWEB_SRVNAME Value: i-08ad3a697457120e9
			mybenefitskeeper492.sharefile.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: weuae0orxxib3z4apashfnia

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-GhuMngXdMy7TrKaaZh6IBg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
i2-vsidoxvdkamlpnvvwalwpeswsfbede.init.cedexis-radar.net
mybenefitskeeper492.sf-api.com
mybenefitskeeper492.sharefile.com
radar.cedexis.com
rpt.cedexis.com
mybenefitskeeper492.sf-api.com
100.24.163.216
104.225.98.131
13.224.95.26
2607:f740:e619::1
35.241.57.45
52.3.211.188
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
13d7e4a6feb503ef216e24c10183909750fc0ad27038cac89502f285e359b4aa
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
2d4bc9e5c7c94b708122d7e9a538acad6687b959875981d60dac16c4af93a337
747840443e63f5b7aa9b49232af0cb9a8e1ab893e95881438bc05cf7876d6571
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
923909fc7253b52a6130f8ced9af77f50f7466216ca3630f2e282cf49560dc0e
a76ebc08a661b026c3520cce069cf4548a79187459196b0250d7a2536d56e7e4
b0aba32165027cfad4142e7f93cd40d2e3bf50ea427792f9a81c792f383e9910
ca3a1636cdf7bce3e5c2b3e50ca2df08876c3662ea135e6b7b69dd84f38695d6
d750d0564c8358b6013e61b29e70a73695ab479cc34056048b74e10aaacdbfb5
dccb283cb247c875328103aa928977b4dfceed1c696a0469856cf8bf5c79669c
f8e1dd30b9b903de5dd6a26aa9c79fc748b1016cf63961281d69ca86ba4bf5a9

mybenefitskeeper492.sharefile.com Open in urlscan Pro 52.3.211.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

14 Requests

93 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

704 kBTransfer

2294 kBSize

2 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

mybenefitskeeper492.sharefile.com Open in urlscan Pro
52.3.211.188 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

704 kB
Transfer

2294 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions