www.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9
Effective URL:
https://www.gallagherbassett.com/sso/App/Logon
Submission: On July 02 via api (July 2nd 2020, 2:12:33 am UTC) from US

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 54 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is www.gallagherbassett.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.

This is the only time www.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 17	52.22.72.157 52.22.72.157	14618 (AMAZON-AES) (AMAZON-AES)
1 2	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
2	13.224.102.24 13.224.102.24	16509 (AMAZON-02) (AMAZON-02)
5	100.24.163.216 100.24.163.216	14618 (AMAZON-AES) (AMAZON-AES)
1	104.225.98.130 104.225.98.130	36236 (NETACTUATE) (NETACTUATE)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	151.147.160.186 151.147.160.186	46342 (AJGCO) (AJGCO)
21	45.60.123.80 45.60.123.80	19551 (INCAPSULA) (INCAPSULA)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
54	10

17 52.22.72.157 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-72-157.compute-1.amazonaws.com

gbtpa.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.54.49.5 (West Hollywood, United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.102.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-24.zrh50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 100.24.163.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-163-216.compute-1.amazonaws.com

gbtpa.sf-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.130 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 130.98.225.104.ptr.anycast.net

i2-lwmqcytpkqkwkkyptibbtkoexrqdsm.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.147.160.186 (Schaumburg, United States)

ASN46342 (AJGCO, US)

sso.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 45.60.123.80 (United States)

ASN19551 (INCAPSULA, US)

www.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	gallagherbassett.com sso.gallagherbassett.com www.gallagherbassett.com	1 MB
17	sharefile.com 2 redirects gbtpa.sharefile.com	824 KB
5	google-analytics.com www.google-analytics.com	37 KB
5	sf-api.com gbtpa.sf-api.com	7 KB
3	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	19 KB
2	pendo.io cdn.pendo.io	219 KB
1	cedexis-radar.net i2-lwmqcytpkqkwkkyptibbtkoexrqdsm.init.cedexis-radar.net	1 KB
54	7

	Domain	Requested by
21	www.gallagherbassett.com	sso.gallagherbassett.com www.gallagherbassett.com
17	gbtpa.sharefile.com	2 redirects gbtpa.sharefile.com
5	www.google-analytics.com	www.gallagherbassett.com
5	gbtpa.sf-api.com	gbtpa.sharefile.com
2	cdn.pendo.io	gbtpa.sharefile.com
2	radar.cedexis.com	1 redirects gbtpa.sharefile.com
1	sso.gallagherbassett.com	gbtpa.sharefile.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-lwmqcytpkqkwkkyptibbtkoexrqdsm.init.cedexis-radar.net	radar.cedexis.com
54	9

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com DigiCert SHA2 Secure Server CA	`2020-03-25` - `2021-03-30`	a year	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.sf-api.com DigiCert SHA2 Secure Server CA	`2019-12-02` - `2020-12-09`	a year	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh
sso.gallagherbassett.com DigiCert SHA2 Secure Server CA	`2020-05-05` - `2021-05-31`	a year	crt.sh
www.gallagherbassett.com DigiCert SHA2 Secure Server CA	`2020-02-24` - `2022-03-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gallagherbassett.com/sso/App/Logon
Frame ID: 1DCDDBD921FA4E3A503E4B0EBA730301
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9 Page URL
https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa2cceb-3a18-423f-b4c6-575cf... HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=i... HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=w... Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

54
Requests

96 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

2156 kB
Transfer

6351 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9 Page URL
https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa2cceb-3a18-423f-b4c6-575cf2086ff9 HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=iRhu6Vg1LaBaZcS1zaQFmA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wuFZS_eMeqcgK992A8rcIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
https://www.gallagherbassett.com/sso/App/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1593429750/radar.js

Request Chain 14

https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa2cceb-3a18-423f-b4c6-575cf2086ff9 HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=iRhu6Vg1LaBaZcS1zaQFmA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 foa2cceb-3a18-423f-b4c6-575cf2086ff9 Show response
gbtpa.sharefile.com/f/ 2 KB
2 KB 470ms
166ms Document
text/html 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

1a36391102d948fdbab194dcb9a0f4e8d443e82f9a6a494ff102472adae5d64a

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-rW+7waxsz/DtgV655t1DuA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /f/foa2cceb-3a18-423f-b4c6-575cf2086ff9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=lavzbbb2wyuewujf34tbvpen; path=/; secure; HttpOnly SFWEB_SRVNAME=i-073ceabddc2227c24; path=/
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-rW+7waxsz/DtgV655t1DuA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Thu, 02 Jul 2020 02:12:04 GMT
content-length: 1249
x-sf-server: web_ssl/i-073ceabddc2227c24_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 spinner.css
gbtpa.sharefile.com/css/ 1 KB
789 B 150ms
149ms Stylesheet
text/css 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/css/spinner.css

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:04 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:55:06 GMT
x-sf-server: web_ssl/i-073ceabddc2227c24_us-east-1b
etag: "0e958d43f4ad61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 ShimSham Show response
gbtpa.sharefile.com/javascript/bundles/ 86 KB
26 KB 507ms
506ms Script
text/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jul 2020 02:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Jul 2020 02:12:05 GMT
x-sf-server: web_ssl/i-073ceabddc2227c24_us-east-1b
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 25784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: Fri, 02 Jul 2021 02:12:05 GMT

GET
H2 200 index.2971619b014af8597ae9.js Show response
gbtpa.sharefile.com/bundles/ 2 MB
527 KB 264ms
264ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

451776b8e5768df39b98b2c0cc292633f9104c6bca4e333ed259f195b51d2e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 539199
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:58:04 GMT
x-sf-server: web_ssl/i-073ceabddc2227c24_us-east-1b
etag: "08e713e404ad61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 spinner.svg
gbtpa.sharefile.com/css/ 1 KB
1 KB 568ms
568ms Image
image/svg+xml 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/css/spinner.svg

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/f/foa2cceb-3a18-423f-b4c6-575cf2086ff9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:04 GMT
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:55:06 GMT
x-sf-server: web_ssl/i-073ceabddc2227c24_us-east-1b
etag: "0e958d43f4ad61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: image/svg+xml
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1593429750/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1593429750/radar.js

44 KB
19 KB

79ms
78ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1593429750/radar.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/home/findroute/foa2cceb-3a18-423f-b4c6-575cf2086ff9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.5 West Hollywood, United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 02:12:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jun 2020 11:30:35 GMT
Server: nginx
ETag: W/"5ef9d0db-af5c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 16 Jul 2020 02:12:06 GMT

Redirect headers

Date: Thu, 02 Jul 2020 02:12:06 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1593429750/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Thu, 02 Jul 2020 02:22:06 GMT

GET
H2 200 21c6ba61ed050a240d7e.js Show response
gbtpa.sharefile.com/bundles/ 17 KB
7 KB 149ms
148ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/bundles/21c6ba61ed050a240d7e.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

27b6311698517437efedbc2c49d400fc0baadebf7ad574263cc330629cdc9f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/home/findroute/foa2cceb-3a18-423f-b4c6-575cf2086ff9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 6548
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:58:04 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
etag: "08e713e404ad61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600, private
accept-ranges: bytes

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 343 KB
109 KB 221ms
80ms Script
application/javascript 13.224.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/home/findroute/foa2cceb-3a18-423f-b4c6-575cf2086ff9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.102.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-24.zrh50.r.cloudfront.net
Software: UploadServer /
Resource Hash: e0c3f76057f94ee2ab337584fda75f57ba58a27dd1c454641158c446bff6d52e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 02:12:06 GMT
Content-Encoding: gzip
Content-Type: application/javascript
X-Amz-Cf-Pop: ZRH50-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 25 Jun 2020 19:07:59 GMT
Server: UploadServer
ETag: "574ddbe66aee1d9200c4f2eba3ea6519"
Vary: Accept-Encoding
x-goog-hash: crc32c=v+u/XQ==, md5=V03b5mruHZIAxPLro+plGQ==
x-goog-generation: 1593112079270742
Via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 110778
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUljxFGS7R0nUuJyEkiuC1nvqtxh24d-pv5YKNsAsawXkG2F7beRrpLeZGu5qSYBJ7Ow7WXr7oT1O_UtwzzPKlA
X-Amz-Cf-Id: BbM56Q99UHMRG9DHvAXbYstUJFBOrhyFkDw9br3qIv3DaSpZHUTSyw==
Expires: Thu, 02 Jul 2020 02:17:30 GMT

GET
H2 200 Branding Show response
gbtpa.sf-api.com/sf/v3/Accounts/ 4 KB
2 KB 910ms
626ms XHR
application/json 100.24.163.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

100.24.163.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-163-216.compute-1.amazonaws.com

Software

Resource Hash

32527d5847451790dc85210ccf81593e618fbaa7d0cecf84577696df12a4e4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

date: Thu, 02 Jul 2020 02:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
status: 200
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
vary: Accept-Encoding
content-length: 1755
x-xss-protection: 1; mode=block
pragma: no-cache
x-sf-server: api_ssl_v3/i-0e0f27c27af76c5a8_us-east-1b
x-frame-options: DENY
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637292383271870952
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

GET
H/1.1 200
Ok providers.json Show response
i2-lwmqcytpkqkwkkyptibbtkoexrqdsm.init.cedexis-radar.net/i2/1/55156/j1/20/122/1593655926/0/0/ 3 KB
1 KB 214ms
56ms XHR
application/json 104.225.98.130
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-lwmqcytpkqkwkkyptibbtkoexrqdsm.init.cedexis-radar.net/i2/1/55156/j1/20/122/1593655926/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1593429750/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.130 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 130.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 6ede8695adbf5d3422f57a2aaa899687d0f2e7486f910023f9cd399e0363c0e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 02:12:06 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H/1.1 200
Ok 1593655925374 Show response
rpt.cedexis.com/n1/0/1593655924743/0/0/0/0/1593655924743/1593655924744/1593655924756/1593655924756/1593655925047/1593655924787/1593655925047/1593655925214/1593655925214/1593655925216/1593655926117/... 16 B
283 B 50ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1593655924743/0/0/0/0/1593655924743/1593655924744/1593655924756/1593655924756/1593655925047/1593655924787/1593655925047/1593655925214/1593655925214/1593655925216/1593655926117/1593655926117/1593655926117/1593655926462/1593655926462/1593655926462/_CgJqMRAUGHoiBggBEPSuAyjf0_SXATD2hPX3BTj2hPX3BUDYjK8kShAIAxA1GOzCASAAKO6DgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMi5hbXMuaHYucHJvZIIBEAgDEKsBGLFGIAAo-I2AoASIAcLHpZsGkAEAmAEA/0/1593655925374
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1593429750/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 02:12:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 401 Users
gbtpa.sf-api.com/sf/v3/ 118 B
690 B 158ms
157ms XHR
application/json 100.24.163.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Users?%24expand=Preferences%2CIntegrations%2CHomeFolder%2CDefaultZone

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

100.24.163.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-163-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

date: Thu, 02 Jul 2020 02:12:07 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
status: 401
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
x-sf-server: api_ssl_v3/i-0e0f27c27af76c5a8_us-east-1b
x-frame-options: DENY
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637292383279892305
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 Accounts
gbtpa.sf-api.com/sf/v3/ 118 B
690 B 240ms
240ms XHR
application/json 100.24.163.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts?%24expand=Preferences%2CPreferences%2FAccountMessageCode%2CPreferences%2FDefaultZone%2CPreferences%2FIntegrationProviders%2CPreferences%2FTwoFactorSettings%2CAccountFeatures%2CUserUsage%2CDiskSpace%2CServices%2CSignupParams

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

100.24.163.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-163-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

date: Thu, 02 Jul 2020 02:12:07 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
status: 401
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
x-sf-server: api_ssl_v3/i-0e0f27c27af76c5a8_us-east-1b
x-frame-options: DENY
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637292383280731079
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2 401 WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ 118 B
690 B 247ms
247ms XHR
application/json 100.24.163.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/WorkspaceConfig

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

100.24.163.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-163-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

date: Thu, 02 Jul 2020 02:12:07 GMT
www-authenticate: Bearer
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
status: 401
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
x-sf-server: api_ssl_v3/i-0e0f27c27af76c5a8_us-east-1b
x-frame-options: DENY
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637292383280912041
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
x-content-type-options: nosniff
expires: -1

GET
H2

200

https://gbtpa.sharefile.com/login?cmd=route&id=%252Fhome%252Ffindroute%252Ffoa2cceb-3a18-423f-b4c6-575cf2086ff9
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=iRhu6Vg1LaBaZcS1zaQFmA--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&...
https://gbtpa.sharefile.com/Authentication/Login

7 KB
4 KB

2238ms
2238ms

Document
text/html

52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/Authentication/Login

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

fcadee56afd3bc1e598730da4a70d6339d1c75d1a9675b791cbfae51819b714a

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-DmR7/q3odjDDk3aIAHCPrg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /Authentication/Login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbtpa.sharefile.com/home/findroute/foa2cceb-3a18-423f-b4c6-575cf2086ff9
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SFWEB_SRVNAME=i-01db2e9b29db8816a; ASP.NET_SessionId=kdgetc1inm4vfdsatclxvg1r; SF_Subdomain=gbtpa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gbtpa.sharefile.com/home/findroute/foa2cceb-3a18-423f-b4c6-575cf2086ff9

Response headers

status: 200
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-DmR7/q3odjDDk3aIAHCPrg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Thu, 02 Jul 2020 02:12:10 GMT
content-length: 2937
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;

Redirect headers

status: 302
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
expires: 0
location: /Authentication/Login
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Thu, 02 Jul 2020 02:12:08 GMT
content-length: 138
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 Branding
gbtpa.sf-api.com/sf/v3/Accounts/ 4 KB
2 KB 285ms
284ms XHR
application/json 100.24.163.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

100.24.163.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-163-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: en
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

date: Thu, 02 Jul 2020 02:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
x-sfapi-appcode: _None
status: 200
x-sfapi-accountid: ab07c419-1355-4210-b1e8-4d380d8c3695
vary: Accept-Encoding
content-length: 1755
x-xss-protection: 1; mode=block
pragma: no-cache
x-sf-server: api_ssl_v3/i-0e0f27c27af76c5a8_us-east-1b
x-frame-options: DENY
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-language: en
access-control-allow-origin: https://gbtpa.sharefile.com
x-sfapi-requestid: 637292383285660862
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: -1

GET
H2 200 custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ 27 KB
6 KB 152ms
151ms Stylesheet
text/css 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=uWcZk3rz021FI1Qe0WxxRCTCK-RreYlAOmlCKdTPlhI1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

2d1fc60b7fcdd4edaf56237039d8ee9d4371542be87cfe39fa60da0dff70e4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:10 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:56:26 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
etag: "0f174404ad61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 5314
x-content-type-options: nosniff

GET
H2 200 errorhandler.js Show response
gbtpa.sharefile.com/_Auth/ 548 B
727 B 151ms
150ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/_Auth/errorhandler.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:10 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:56:16 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
etag: "01012fe3f4ad61:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 349
x-content-type-options: nosniff

GET
H2 200 webpop Show response
gbtpa.sharefile.com/cache/sha/javascript/bundles/ 91 KB
29 KB 156ms
156ms Script
text/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jul 2020 02:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Jul 2020 02:12:11 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 29743
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: Fri, 02 Jul 2021 02:12:11 GMT

GET
H2 200 webpoprequireconfig Show response
gbtpa.sharefile.com/cache/sha/bundles/ 1 KB
888 B 152ms
151ms Script
text/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=8ArI5YbrtFWI47nTzUz3GCM1NXVshFeSFyPYpnwerjI1

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

02173cef255728358468214fb718745c90f46ec86c383c28ee5f96570ac6b959

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: User-Agent,Accept-Encoding
content-length: 476
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 02 Jul 2020 02:12:11 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
expires: Fri, 02 Jul 2021 02:12:11 GMT

GET
H2 200 1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ 8 KB
9 KB 151ms
151ms Image
image/png 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:10 GMT
referrer-policy: same-origin
last-modified: Mon, 06 Mar 2017 19:21:48 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
etag: "143bc5e6ae96d21:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: image/png
status: 200
x-xss-protection: 1; mode=block
accept-ranges: bytes
content-length: 8438
x-content-type-options: nosniff
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 343 KB
109 KB 72ms
72ms Script
application/javascript 13.224.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.102.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-24.zrh50.r.cloudfront.net
Software: UploadServer /
Resource Hash: e0c3f76057f94ee2ab337584fda75f57ba58a27dd1c454641158c446bff6d52e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 02:12:11 GMT
Content-Encoding: gzip
Content-Type: application/javascript
X-Amz-Cf-Pop: ZRH50-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Thu, 25 Jun 2020 19:07:59 GMT
Server: UploadServer
ETag: "574ddbe66aee1d9200c4f2eba3ea6519"
Vary: Accept-Encoding
x-goog-hash: crc32c=v+u/XQ==, md5=V03b5mruHZIAxPLro+plGQ==
x-goog-generation: 1593112079270742
Via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 110778
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUnTazq84v8T3n0QYnUraDz33zQ5XGYsK6YsOgkHUnuQtjlwwqEOTLvdlCGfSMfTyvhRscYxrY41d26Jp06Tkg
X-Amz-Cf-Id: vOs3kU4fg782sJTUZXEs6IgMnqf0ZziZ26xnxgqrHHFCgFtuz0MmwA==
Expires: Thu, 02 Jul 2020 02:17:30 GMT

GET
H2 200 webpop.js Show response
gbtpa.sharefile.com/cache/88c1025c0e/bundles/ 730 KB
197 KB 151ms
151ms Script
application/javascript 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/88c1025c0e/bundles/webpop.js

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=1pS-OJBLTO2YPGuRqEjxdbfUWEAjM2thARCa-F_IHNU1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

4d6614eb0ce4d87b1999f5cc3e7817efe0330e1823cb4cf47d505695dc3c19a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbtpa.sharefile.com/Authentication/Login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 201057
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:56:26 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
etag: "0f174404ad61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 login Show response
gbtpa.sharefile.com/saml/ 5 KB
4 KB 236ms
235ms Document
text/html 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wuFZS_eMeqcgK992A8rcIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/88c1025c0e/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

3adf96bf8199ce2a054386c6c4b528578a1d64cdbc0e723dfeb784a93bcf6570

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-bANl+xBdWmzBqC/apX4fLw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gbtpa.sharefile.com
:scheme: https
:path: /saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wuFZS_eMeqcgK992A8rcIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://gbtpa.sharefile.com/Authentication/Login
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SFWEB_SRVNAME=i-01db2e9b29db8816a; ASP.NET_SessionId=kdgetc1inm4vfdsatclxvg1r; SF_Subdomain=gbtpa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gbtpa.sharefile.com/Authentication/Login

Response headers

status: 200
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-bANl+xBdWmzBqC/apX4fLw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Thu, 02 Jul 2020 02:12:10 GMT
content-length: 3164
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 en.json
gbtpa.sharefile.com/cache/92459c320a3b84d9e0d35f8028a287e397189133/_Auth/locales/ 25 KB
8 KB 149ms
149ms XHR
application/json 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gbtpa.sharefile.com/cache/92459c320a3b84d9e0d35f8028a287e397189133/_Auth/locales/en.json

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/88c1025c0e/bundles/webpop.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:10 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Wed, 24 Jun 2020 15:56:26 GMT
x-sf-server: web_ssl/i-01db2e9b29db8816a_us-east-1b
etag: "0f174404ad61:0"
vary: Accept-Encoding
content-type: application/json
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 8269
x-content-type-options: nosniff

POST
H/1.1 200
OK Cookie set startSSO.ping
sso.gallagherbassett.com/idp/ 6 KB
6 KB 1129ms
293ms Document
text/html 151.147.160.186
AJGCO

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Requested by

Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wuFZS_eMeqcgK992A8rcIg--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

151.147.160.186 Schaumburg, United States, ASN46342 (AJGCO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;

Request headers

Host: sso.gallagherbassett.com
Connection: keep-alive
Content-Length: 4270
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 02:12:12 GMT
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: PF=v767oEmpjOX2gQiCIAGpRm;Path=/;Secure;HttpOnly;SameSite=None
Content-Length: 5670

POST
H2 200 Sharefile Show response
www.gallagherbassett.com/sso/app/startsso/ 5 KB
2 KB 889ms
701ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Requested by

Host: sso.gallagherbassett.com
URL: https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1d7694f19dd172b3855fc5a15f9f4a421427fcd0a83a6d1f377942127252dc1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: POST
:authority: www.gallagherbassett.com
:scheme: https
:path: /sso/app/startsso/Sharefile
content-length: 4526
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://sso.gallagherbassett.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://sso.gallagherbassett.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://sso.gallagherbassett.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sso.gallagherbassett.com/

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: mKey=cbd0673f-317b-4a03-afee-3765746f61a9; expires=Mon, 02-Jul-2040 02:12:13 GMT; path=/; HttpOnly visid_incap_1944542=epoJcBtMSA+SQ9dxeVvqq3xC/V4AAAAAQUIPAAAAAAAf37EK8aj46TN7fArQA1UZ; expires=Thu, 01 Jul 2021 11:42:26 GMT; HttpOnly; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None incap_ses_687_1944542=9UwcFuCPPS3u3LzV57aICXxC/V4AAAAATYkYrbtS5rc+F6c2wudwLA==; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None
date: Thu, 02 Jul 2020 02:12:13 GMT
strict-transport-security: max-age=31536000
x-cdn: Incapsula
x-iinfo: 1-4022787-4022788 NNNN CT(127 258 0) RT(1593655932334 0) q(0 0 4 0) r(6 6) U6

GET
H2 200 gbStyles2048
www.gallagherbassett.com/sso/lib/ 260 KB
47 KB 175ms
173ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/lib/gbStyles2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f96553827739ebabf96b58c9a0b89a47801f19adbf102a26a3d1d2858271ae11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:13 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:13 GMT
x-cdn: Incapsula
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
x-iinfo: 1-4022789-4022788 PNNN RT(1593655933049 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
strict-transport-security: max-age=31536000
content-length: 47866
expires: Fri, 02 Jul 2021 02:12:13 GMT

GET
H2 200 preload2048 Show response
www.gallagherbassett.com/sso/bundles/lib/ 296 KB
101 KB 449ms
447ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:13 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:14 GMT
x-cdn: Incapsula
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 1-4022790-4022791 NNNN CT(128 129 0) RT(1593655933052 0) q(0 0 3 -1) r(4 4) U18
cache-control: public
strict-transport-security: max-age=31536000
expires: Fri, 02 Jul 2021 02:12:14 GMT

GET
H2 200 startssojs2048 Show response
www.gallagherbassett.com/sso/bundles/ 70 KB
21 KB 444ms
442ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/startssojs2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2e5f54080aae1173182915ffa5b8d3b84267605608bac4479f4a5ccfe7ab7d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:13 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:14 GMT
x-cdn: Incapsula
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 1-4022792-4022793 NNNN CT(127 129 0) RT(1593655933052 0) q(0 0 3 -1) r(4 4) U18
cache-control: public
strict-transport-security: max-age=31536000
content-length: 21083
expires: Fri, 02 Jul 2021 02:12:14 GMT

GET GBLogo400px.png
www.gallagherbassett.com/sso/images/ 0
0

GET spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 0
0

GET
H2 200 postload2048
www.gallagherbassett.com/sso/bundles/lib/ 390 KB
114 KB 176ms
176ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/postload2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:14 GMT
x-cdn: Incapsula
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 1-4022795-4022793 PNNN RT(1593655933785 0) q(0 0 0 -1) r(2 2) U18
cache-control: public
strict-transport-security: max-age=31536000
expires: Fri, 02 Jul 2021 02:12:14 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 119 KB
17 KB 39ms
38ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1465536666

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 17313
content-type: application/javascript

POST
H2 200 Primary Request Logon Show response
www.gallagherbassett.com/sso/App/ 12 KB
4 KB 211ms
210ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/App/Logon

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8becb6ebdda38b35f6299099ba6cc0babe7bad374b3800a2cb4cf21ac5814979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: POST
:authority: www.gallagherbassett.com
:scheme: https
:path: /sso/App/Logon
content-length: 82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.gallagherbassett.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: mKey=cbd0673f-317b-4a03-afee-3765746f61a9; visid_incap_1944542=epoJcBtMSA+SQ9dxeVvqq3xC/V4AAAAAQUIPAAAAAAAf37EK8aj46TN7fArQA1UZ; incap_ses_687_1944542=9UwcFuCPPS3u3LzV57aICXxC/V4AAAAATYkYrbtS5rc+F6c2wudwLA==
Upgrade-Insecure-Requests: 1
Origin: https://www.gallagherbassett.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 02 Jul 2020 02:12:15 GMT
strict-transport-security: max-age=31536000
x-cdn: Incapsula
x-iinfo: 1-4022799-4022791 PNNN RT(1593655934306 0) q(0 0 0 -1) r(1 1) U6

GET
H2 200 analytics.js
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3398
date: Thu, 02 Jul 2020 01:15:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 02 Jul 2020 03:15:37 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1901694528&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=1335456398&gjid=516462912&cid=574460216.1593655935&tid=UA-44339965-5&_gid=1934847578.1593655935&_r=1&z=270253418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jul 2020 02:12:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gbStyles2048
www.gallagherbassett.com/sso/lib/ 260 KB
47 KB 34ms
33ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/lib/gbStyles2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f96553827739ebabf96b58c9a0b89a47801f19adbf102a26a3d1d2858271ae11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:13 GMT
x-cdn: Incapsula
etag: "6fb6828e"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
status: 200
x-iinfo: 1-4022800-0 0CNN RT(1593655934517 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31535999, public
content-length: 47866
expires: Fri, 02 Jul 2021 02:12:13 GMT

GET
H2 200 preload2048 Show response
www.gallagherbassett.com/sso/bundles/lib/ 296 KB
101 KB 48ms
47ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:14 GMT
x-cdn: Incapsula
etag: "7a9f1370"
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 1-4022801-0 0CNN RT(1593655934518 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 103052
expires: Fri, 02 Jul 2021 02:12:14 GMT

GET
H2 200 logonjs2048 Show response
www.gallagherbassett.com/sso/bundles/ 74 KB
22 KB 169ms
169ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/logonjs2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

81cffeb91b77e2c6933384d44636fe59aa9da33f47918004ed173436c4a7f02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:15 GMT
x-cdn: Incapsula
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 1-4022802-4022791 PNNN RT(1593655934519 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
strict-transport-security: max-age=31536000
content-length: 22000
expires: Fri, 02 Jul 2021 02:12:15 GMT

GET
H2 200 GBLogo400px.png
www.gallagherbassett.com/sso/images/ 15 KB
15 KB 556ms
555ms Image
image/png 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/images/GBLogo400px.png

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

71806028fa500df60ecccbc3ab9a794f748dca5f7d8ef960afcee030b8c27d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:15 GMT
last-modified: Tue, 12 May 2020 15:37:10 GMT
server: Microsoft-IIS/8.0
etag: "0173d337328d61:0"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-iinfo: 1-4022804-4022805 2NNN RT(1593655934645 0) q(0 0 0 -1) r(0 5) U18
accept-ranges: bytes
content-length: 15469
x-cdn: Incapsula

GET
H2 200 spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 3 KB
3 KB 558ms
558ms Image
image/gif 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:15 GMT
last-modified: Tue, 12 May 2020 15:37:16 GMT
server: Microsoft-IIS/8.0
etag: "09ed0367328d61:0"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-iinfo: 1-4022806-4022807 2NNN RT(1593655934690 0) q(0 0 0 -1) r(0 6) U18
accept-ranges: bytes
content-length: 2704
x-cdn: Incapsula

GET
H2 200 Do_not_show_again.png
www.gallagherbassett.com/sso/images/ 2 KB
3 KB 551ms
550ms Image
image/png 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/images/Do_not_show_again.png

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

cb54ea14bc6be2f4ad52a2b6b27c35b71ae95b78e9eef0465d2f8d8d5c0caba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:15 GMT
last-modified: Tue, 12 May 2020 15:37:10 GMT
server: Microsoft-IIS/8.0
etag: "0173d337328d61:0"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
x-iinfo: 1-4022808-4019483 2NNN RT(1593655934701 0) q(0 0 0 -1) r(5 5) U18
accept-ranges: bytes
content-length: 2558
x-cdn: Incapsula

GET
H2 200 postload2048 Show response
www.gallagherbassett.com/sso/bundles/lib/ 390 KB
113 KB 33ms
33ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/bundles/lib/postload2048

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 02:12:14 GMT
x-cdn: Incapsula
etag: "c80fd7a2"
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 1-4022803-0 0CNN RT(1593655934598 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 115841
expires: Fri, 02 Jul 2021 02:12:14 GMT

GET
H2 200 _Incapsula_Resource Show response
www.gallagherbassett.com/ 117 KB
17 KB 40ms
39ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=129411837

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a2fe2f3c00f4e82f1b2a60bd425af1dd8a1a2d665c0c54539c6f81ec97578656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=31536000
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 17149
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3398
date: Thu, 02 Jul 2020 01:15:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 02 Jul 2020 03:15:37 GMT

GET
H2 200 cmPrivacyPolicyVw.html Show response
www.gallagherbassett.com/sso/SPA/Common/privacyPolicy/ 1 KB
611 B 164ms
164ms XHR
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/SPA/Common/privacyPolicy/cmPrivacyPolicyVw.html

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

424728a2b3db2af33132b75621d6d1efa840a8a8c7768fff49b2b2eb4d15ffa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:15 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 15:37:16 GMT
server: Microsoft-IIS/8.0
etag: "09ed0367328d61:0"
vary: Accept-Encoding
content-type: text/html
status: 200
x-iinfo: 1-4022810-4022791 PNNN RT(1593655934789 0) q(0 0 0 -1) r(2 2) U12
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cdn: Incapsula

GET
H2 200 BackgroundImage1.jpg
www.gallagherbassett.com/sso/images/ 386 KB
388 KB 552ms
552ms Image
image/jpeg 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/sso/images/BackgroundImage1.jpg

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

55db66f14cd8f179b4241e7174eb319dfd5ff86e13c9558ffe066b85daf99150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 02 Jul 2020 02:12:15 GMT
last-modified: Tue, 12 May 2020 15:37:10 GMT
server: Microsoft-IIS/8.0
etag: "0173d337328d61:0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
status: 200
x-iinfo: 1-4022811-4022812 2NNN RT(1593655934793 0) q(0 0 0 -1) r(0 6) U18
accept-ranges: bytes
content-length: 394886
x-cdn: Incapsula

GET
H2 200 glyphicons-halflings-regular.woff
www.gallagherbassett.com/sso/lib/bootstrap/fonts/ 23 KB
23 KB 558ms
558ms Font
font/x-woff 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/sso/lib/bootstrap/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 /

Resource Hash

a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.gallagherbassett.com/sso/lib/gbStyles2048
Origin: https://www.gallagherbassett.com

Response headers

date: Thu, 02 Jul 2020 02:12:15 GMT
last-modified: Tue, 12 May 2020 15:37:12 GMT
server: Microsoft-IIS/8.0
etag: "0446e347328d61:0"
strict-transport-security: max-age=31536000
content-type: font/x-woff
status: 200
x-iinfo: 1-4022813-4022814 2NNN RT(1593655934801 0) q(0 0 0 -1) r(0 5) U12
accept-ranges: bytes
content-length: 23424
x-cdn: Incapsula

POST
H2 200 GetMessages Show response
www.gallagherbassett.com/ssoapi/API/APP/ 22 KB
6 KB 247ms
246ms XHR
application/json 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/ssoapi/API/APP/GetMessages

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

08eb17a629eba4d3db8c9d6fef6534e393f7d9fba1b9da8bed22e524e11e2285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
RequestVerificationToken: Rkmq9oJRR-Ze37mvU6o_H-w1L--1K5BByzxNyWzG074j26hsTIMXfBZC_dEC8I1FuAWFmhjhRAWHEsfWmRehTIejQNo1:eSSa3JedF7iEJszNSZdrtNaA2UuCw5V8zKGf97CGItUIkyNJEDZa8XKjDa0XHzi4gIKgaQeLLAIgZ0Hb6IzGhy3jo9Y1
Referer: https://www.gallagherbassett.com/sso/App/Logon
TabKey: .undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Jul 2020 02:12:15 GMT
content-encoding: gzip
x-cdn: Incapsula
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
x-iinfo: 1-4022815-4022791 PNNN RT(1593655934844 0) q(0 1 1 -1) r(2 2) U6
cache-control: no-cache
strict-transport-security: max-age=31536000
content-length: 6141
expires: -1

POST
H2 200 GetMessages Show response
www.gallagherbassett.com/ssoapi/API/APP/ 971 B
603 B 379ms
379ms XHR
application/json 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gallagherbassett.com/ssoapi/API/APP/GetMessages

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

24a6b7ec0ca4fa0c4da38b9cef1e55567fa2a539c31d2eb7855be572abf50290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
RequestVerificationToken: Rkmq9oJRR-Ze37mvU6o_H-w1L--1K5BByzxNyWzG074j26hsTIMXfBZC_dEC8I1FuAWFmhjhRAWHEsfWmRehTIejQNo1:eSSa3JedF7iEJszNSZdrtNaA2UuCw5V8zKGf97CGItUIkyNJEDZa8XKjDa0XHzi4gIKgaQeLLAIgZ0Hb6IzGhy3jo9Y1
Referer: https://www.gallagherbassett.com/sso/App/Logon
TabKey: .undefined
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Jul 2020 02:12:14 GMT
content-encoding: gzip
x-cdn: Incapsula
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
x-iinfo: 1-4022816-4022791 PNNN RT(1593655934845 0) q(0 2 2 -1) r(3 3) U6
cache-control: no-cache
strict-transport-security: max-age=31536000
content-length: 516
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 6ms
5ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=206922745&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FLogon&dp=%2FApp%2FLogon&ul=en-us&de=UTF-8&dt=Logon%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAAAB~&jid=&gjid=&cid=574460216.1593655935&tid=UA-44339965-5&_gid=1934847578.1593655935&z=1724007824

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 22:46:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1826752
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.gallagherbassett.com/ 1 B
36 B 33ms
32ms Image
text/plain 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6617268929740912

Requested by

Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
5ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=206922745&t=timing&_s=2&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FLogon&ul=en-us&de=UTF-8&dt=Gallagher%20Bassett%20-%20Logon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2068&pdt=1&dns=0&rrt=0&srt=210&tcp=0&dit=438&clt=438&_gst=306&_gbt=547&_u=AACAAAAB~&jid=&gjid=&cid=574460216.1593655935&tid=UA-44339965-5&_gid=1934847578.1593655935&z=498086686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gallagherbassett.com/sso/App/Logon
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 22:46:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1826754
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/images/GBLogo400px.png

Domain: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gallagherbassett.com/	1970-01-19 10:40:55	Name: ___utmvc Value: UJ7KyPCHnn/S5Hj3uDLTffUyZ4AWMWFfjLnk8W35BE1Nv6ifD9qCZ1B4JOqVM2fKKmz6x8nGwQwKGId9qwNdkgsiJb40xlA10LsFLMNfAjKk3QPejtoGUimbapgl8BnnOflGjL9HW2ujThgrfyPWBtcDz+XItw7YGMSDyfzSB7A4bWIF5pHAQfOqlJLVPyGHwhLN1riJPyzNyhvvQo7QxZty7sOhpzbQeM3w60lGsFWeDWtwu3o3JYbKXlr7ug+YU19ONjDsk2iBgr5Gu6HzJIGgKMolZxzOP9oTaO0E9ouj+7jyOsvtyaDSMciZfByfE1QEUPLEaHKGEFOLKDFeEhIh70S8oIexvFlXBqj/O1+RjvxG+Gg1oxTncA5B/wQXespmFKRZNWjWcgZ5nc6INlcH4MmXgMBEa9RnjxO5xL68LjJhP8IB+ensIX2ooBA7C1g51wnCiqsAY+dsiaymxNY8XoH54yk4Kx6p3vPmmb2wZV1/WUL8NMPTmrVHs0AwAb0qeDsqN4Z5JhD1aNHRZ8u4SExjs3gQ9IThK0ZcJndvojeqBeQFA9d3iQXdSattaATB4vmBsN/3PUliBh7Z7Yma3wlJvo4bxIb+LJ7jdB9DrH848HhYl/KT83O9tY7yE5qG0lJnjK8/Pm/JrYARwojPkayaEw6YpKuND0z/THdLL5UFWWefmyZfE6bWMM9VdXUtk31QzjIGfnJdyfxDD3y6YIVy5asiR0czpLlqTg0DSANArT632DxA7B6PMcBSDHFZxO9wNRGm7zPftUEWJOSLUIUnHHRTQTm8WS45N03JSO8R8mPkWzuMB0FN6cBDLA4m5XNXw5fJO/WfhgX2BGiaRQC2SdAFXbFzfsPxvRwyAGmvbbjeHVY7At2eBW4N99xwQULZ3smFQjsWsq7P0E319Pr4rPvjUEMtwK/1inpyvxhwmVC8pmxEJGnCMT9Kff6ZwqGmRcbfiKDYx4rSCoCtrLK55OGmWJn0sBXvRgJRmlx4OR3IIIRExaT2slgi8ctEIlFDEf0CwzrMGdRJwDago1tPxTSFpz3NXe/YjkZrV1zTT2phL2vUUeBHnPDylNP+t2qbMdsQwSWvqsRz+G4YXGcMq7SGebVTKigYC0qJNh9j7yqHBkCqNAC82WbRhrcI8Mrr4lhu3GVDtAWEfyIixQn3R+Q+EICO2/eNd0cKUT1ijTUcNrzcqrtw+v+UzA9FHM+Qrl4o2KKC+4fy8SmQRVj0yKVSk6MRRGXjKRZ+c9JRrKZz4yx3dG64NPDArBb6XeRxWzCiS9NdOOHPWbQ+T0iSf7eFQerdI1TNAVBKEdkEjUcDWZlVeV2VqIJ5PxuKZHAVzls1ARuvozuwHtFoItkL8XUyCc3TVS5phC7hgioRBJgwhZsS9RtSCJMqDdGZpJbqDjbOoGHL7EwQU5P4KoVIP2uEs0jv9wiE6Pq4S1Zau88vSOHx2vbhIVtgtoGypknaZ8bCPYoZAkrw6t4Nz/WEPt/SG1uo3yE6OsCqIs1pEOueX9gXQUQalrqulX1ZWBD/1IfEoGgLfGUp+KRYVvIrjADO423QHjMYwtkSivnoDrcvjBvB5zLbGrFXBmFjUo9nhKb5QLnxURybZ/wK3gCVMD6Sl3k4DyxkaWdlc3Q9MTE0MjA1LHM9ODM4YWE5N2E4YThkNjY2NThkOWI3ZmFmYTY4YTdhOWU1ZmFmOTc5ODc5OTQ3NjdmYTk4OGFhYTk5ZDdiN2FhNTk1Nzk5ZDgxODQ3MjcxNmY=
.gallagherbassett.com/	1970-01-19 10:40:55	Name: _gat Value: 1
.gallagherbassett.com/	1970-01-19 10:42:22	Name: _gid Value: GA1.2.1934847578.1593655935
.gallagherbassett.com/	1970-01-20 04:12:07	Name: _ga Value: GA1.2.574460216.1593655935
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_687_1944542 Value: 9UwcFuCPPS3u3LzV57aICXxC/V4AAAAATYkYrbtS5rc+F6c2wudwLA==
.gallagherbassett.com/	1970-01-19 19:25:39	Name: visid_incap_1944542 Value: epoJcBtMSA+SQ9dxeVvqq3xC/V4AAAAAQUIPAAAAAAAf37EK8aj46TN7fArQA1UZ
www.gallagherbassett.com/	1970-01-26 18:00:07	Name: mKey Value: cbd0673f-317b-4a03-afee-3765746f61a9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gbtpa.sharefile.com/cache/88c1025c0e/bundles/webpop.js(Line 175) Message: Debug:Enabled
console-api	log	URL: https://gbtpa.sharefile.com/cache/88c1025c0e/bundles/webpop.js(Line 175) Message: Application:Starting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-rW+7waxsz/DtgV655t1DuA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
gbtpa.sf-api.com
gbtpa.sharefile.com
i2-lwmqcytpkqkwkkyptibbtkoexrqdsm.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
www.gallagherbassett.com
100.24.163.216
104.225.98.130
13.224.102.24
151.147.160.186
2607:f740:e619::1
2a00:1450:4001:809::200e
45.54.49.5
45.60.123.80
52.22.72.157
02173cef255728358468214fb718745c90f46ec86c383c28ee5f96570ac6b959
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
08eb17a629eba4d3db8c9d6fef6534e393f7d9fba1b9da8bed22e524e11e2285
169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1a36391102d948fdbab194dcb9a0f4e8d443e82f9a6a494ff102472adae5d64a
1d7694f19dd172b3855fc5a15f9f4a421427fcd0a83a6d1f377942127252dc1a
24a6b7ec0ca4fa0c4da38b9cef1e55567fa2a539c31d2eb7855be572abf50290
27b6311698517437efedbc2c49d400fc0baadebf7ad574263cc330629cdc9f90
2d1fc60b7fcdd4edaf56237039d8ee9d4371542be87cfe39fa60da0dff70e4cc
2e5f54080aae1173182915ffa5b8d3b84267605608bac4479f4a5ccfe7ab7d0c
32527d5847451790dc85210ccf81593e618fbaa7d0cecf84577696df12a4e4c1
3adf96bf8199ce2a054386c6c4b528578a1d64cdbc0e723dfeb784a93bcf6570
424728a2b3db2af33132b75621d6d1efa840a8a8c7768fff49b2b2eb4d15ffa5
451776b8e5768df39b98b2c0cc292633f9104c6bca4e333ed259f195b51d2e70
4d6614eb0ce4d87b1999f5cc3e7817efe0330e1823cb4cf47d505695dc3c19a4
55db66f14cd8f179b4241e7174eb319dfd5ff86e13c9558ffe066b85daf99150
6ede8695adbf5d3422f57a2aaa899687d0f2e7486f910023f9cd399e0363c0e6
71806028fa500df60ecccbc3ab9a794f748dca5f7d8ef960afcee030b8c27d75
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
81cffeb91b77e2c6933384d44636fe59aa9da33f47918004ed173436c4a7f02e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8becb6ebdda38b35f6299099ba6cc0babe7bad374b3800a2cb4cf21ac5814979
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a2fe2f3c00f4e82f1b2a60bd425af1dd8a1a2d665c0c54539c6f81ec97578656
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
cb54ea14bc6be2f4ad52a2b6b27c35b71ae95b78e9eef0465d2f8d8d5c0caba0
d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
e0c3f76057f94ee2ab337584fda75f57ba58a27dd1c454641158c446bff6d52e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f96553827739ebabf96b58c9a0b89a47801f19adbf102a26a3d1d2858271ae11
fcadee56afd3bc1e598730da4a70d6339d1c75d1a9675b791cbfae51819b714a
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.gallagherbassett.com Open in urlscan Pro 45.60.123.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

96 %HTTPS

22 %IPv6

7 Domains

9 Subdomains

10 IPs

3 Countries

2156 kBTransfer

6351 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

2156 kB
Transfer

6351 kB
Size

7
Cookies

54 HTTP transactions
0 data transactions