urlscan.io logo urlscan.io
SecurityTrails logo

www.gallagherbassett.com Open in urlscan Pro
45.60.123.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
Effective URL: https://www.gallagherbassett.com/sso/App/Logon
Submission: On May 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 45 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is www.gallagherbassett.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.
This is the only time www.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 52.3.211.188 14618 (AMAZON-AES)
1 2 45.54.49.5 63911 (NETACTUAT...)
1 104.225.98.130 36236 (NETACTUATE)
1 52.222.190.31 16509 (AMAZON-02)
1 151.147.160.186 46342 (AJGCO)
22 45.60.123.80 19551 (INCAPSULA)
4 2a00:1450:400... 15169 (GOOGLE)
45 8
16    52.3.211.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-211-188.compute-1.amazonaws.com
gbtpa.sharefile.com
2    45.54.49.5 (West Hollywood, United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net
radar.cedexis.com
1    104.225.98.130 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 130.98.225.104.ptr.anycast.net
i2-byyxbdnimkupxzgsqqajjffwygacgz.init.cedexis-radar.net
1    52.222.190.31 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-31.ham50.r.cloudfront.net
cdn.pendo.io
1    151.147.160.186 (Schaumburg, United States)

ASN46342 (AJGCO, US)
sso.gallagherbassett.com
22    45.60.123.80 (United States)

ASN19551 (INCAPSULA, US)
www.gallagherbassett.com
4    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
22 www.gallagherbassett.com sso.gallagherbassett.com
www.gallagherbassett.com
16 gbtpa.sharefile.com 2 redirects gbtpa.sharefile.com
4 www.google-analytics.com www.gallagherbassett.com
2 radar.cedexis.com 1 redirects
1 sso.gallagherbassett.com gbtpa.sharefile.com
1 cdn.pendo.io gbtpa.sharefile.com
1 i2-byyxbdnimkupxzgsqqajjffwygacgz.init.cedexis-radar.net radar.cedexis.com
45 7

This site contains no links.

Subject Issuer Validity Valid
*.sharefile.com
DigiCert SHA2 Secure Server CA		 2020-03-25 -
2021-03-30		 a year crt.sh
radar.cedexis.com
Go Daddy Secure Certificate Authority - G2		 2019-06-26 -
2021-08-25		 2 years crt.sh
*.init.cedexis-radar.net
Go Daddy Secure Certificate Authority - G2		 2019-11-14 -
2022-01-13		 2 years crt.sh
cdn.pendo.io
DigiCert SHA2 Extended Validation Server CA		 2019-06-04 -
2021-09-02		 2 years crt.sh
sso.gallagherbassett.com
DigiCert SHA2 Secure Server CA		 2020-05-05 -
2021-05-31		 a year crt.sh
www.gallagherbassett.com
DigiCert SHA2 Secure Server CA		 2020-02-24 -
2022-03-10		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.gallagherbassett.com/sso/App/Logon
Frame ID: 003EA94A97A6E7844F9695F0DB661649
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8 Page URL
  2. https://gbtpa.sharefile.com/login?cmd=route&id=/d-a3032c0e611b4427&a=881dae36864f0ab8 HTTP 302
    https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=w... HTTP 302
    https://gbtpa.sharefile.com/Authentication/Login Page URL
  3. https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=t... Page URL
  4. https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
  5. https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
  6. https://www.gallagherbassett.com/sso/App/Logon Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

98 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

1966 kB
Transfer

5898 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8 Page URL
  2. https://gbtpa.sharefile.com/login?cmd=route&id=/d-a3032c0e611b4427&a=881dae36864f0ab8 HTTP 302
    https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wdQLXGWuo5VfYG2ox1QuyA--&redirect_uri=https%3a%2f%2fgbtpa.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&a=881dae36864f0ab8&device_id_supported=True HTTP 302
    https://gbtpa.sharefile.com/Authentication/Login Page URL
  3. https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=t45VNFkl.2w4CeMxIX6c1A--&redirect_uri=https%3A%2F%2Fgbtpa.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
  4. https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
  5. https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
  6. https://www.gallagherbassett.com/sso/App/Logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://gbtpa.sharefile.com/login?cmd=route&id=/d-a3032c0e611b4427&a=881dae36864f0ab8 HTTP 302
  • https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wdQLXGWuo5VfYG2ox1QuyA--&redirect_uri=https%3a%2f%2fgbtpa.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&a=881dae36864f0ab8&device_id_supported=True HTTP 302
  • https://gbtpa.sharefile.com/Authentication/Login
Request Chain 6
  • https://radar.cedexis.com/1/55156/radar.js HTTP 302
  • https://radar.cedexis.com/1571758301/radar.js

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
d-a3032c0e611b4427
gbtpa.sharefile.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
51a54db3f6556449ca7cf9414100591238fd59c2b531a148054783aa5dc3540a
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-eESk4Rh3tO6TqE7I/Zm3sA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/d-a3032c0e611b4427?a=881dae36864f0ab8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=3s2dgrc25yrdraxn54xg11sw; path=/; secure; HttpOnly; SameSite=None SFWEB_SRVNAME=i-062a8465ffeeeccfb; path=/
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-eESk4Rh3tO6TqE7I/Zm3sA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 11 May 2020 14:06:04 GMT
content-length
1250
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
spinner.css
gbtpa.sharefile.com/css/ 		1 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/css/spinner.css
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:04 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:56:24 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
etag
"0cc8aa4681ed61:0"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
425
x-content-type-options
nosniff
ShimSham
gbtpa.sharefile.com/javascript/bundles/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/javascript/bundles/ShimSham?v=A96NAG7CJ3JIKU4cEP9Rkgucaw4rvlwOpSLYUE0jHM41
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
b0aba32165027cfad4142e7f93cd40d2e3bf50ea427792f9a81c792f383e9910
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 14:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 May 2020 14:06:05 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
26055
x-xss-protection
1; mode=block
referrer-policy
same-origin
expires
Tue, 11 May 2021 14:06:05 GMT
index.bbf0dcbab6189fc17ccf.js
gbtpa.sharefile.com/bundles/ 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/bundles/index.bbf0dcbab6189fc17ccf.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
533928
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:59:08 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
etag
"0364b6691ed61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
spinner.svg
gbtpa.sharefile.com/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbtpa.sharefile.com/css/spinner.svg
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/css/spinner.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:05 GMT
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:56:24 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
etag
"0cc8aa4681ed61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1093
x-content-type-options
nosniff
Login
gbtpa.sharefile.com/Authentication/
Redirect Chain
  • https://gbtpa.sharefile.com/login?cmd=route&id=/d-a3032c0e611b4427&a=881dae36864f0ab8
  • https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=wdQLXGWuo5VfYG2ox1QuyA--&redirect_uri=https%3a%2f%2fgbtpa.sharefile.com%2flogin%2foauthlogin&s...
  • https://gbtpa.sharefile.com/Authentication/Login
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/Authentication/Login
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/bundles/index.bbf0dcbab6189fc17ccf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
572f08a1252a3232b73f63df89e6cf423e7bd1814dc7eea560e2901b172b9183
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-Ln9lzHwCkjukwpXg/tlOxA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/Authentication/Login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ASP.NET_SessionId=3s2dgrc25yrdraxn54xg11sw; SFWEB_SRVNAME=i-062a8465ffeeeccfb; SF_Subdomain=gbtpa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gbtpa.sharefile.com/d-a3032c0e611b4427?a=881dae36864f0ab8

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com https://www.recaptcha.net 'nonce-Ln9lzHwCkjukwpXg/tlOxA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'self'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 11 May 2020 14:06:10 GMT
content-length
2932
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

status
302
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
expires
0
location
/Authentication/Login
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 11 May 2020 14:06:05 GMT
content-length
138
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
radar.js
radar.cedexis.com/1571758301/
Redirect Chain
  • https://radar.cedexis.com/1/55156/radar.js
  • https://radar.cedexis.com/1571758301/radar.js
44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://radar.cedexis.com/1571758301/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.54.49.5 West Hollywood, United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
5.49.54.45.ptr.anycast.net
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 May 2020 14:06:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Oct 2019 15:40:31 GMT
Server
nginx
ETag
W/"5daf22ef-aed4"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 25 May 2020 14:06:05 GMT

Redirect headers

Date
Mon, 11 May 2020 14:06:05 GMT
Server
nginx
Vary
User-Agent,DNT
Content-Type
text/html
Location
/1571758301/radar.js
Cache-Control
max-age=600
Connection
keep-alive
Content-Length
154
Expires
Mon, 11 May 2020 14:16:05 GMT
providers.json
i2-byyxbdnimkupxzgsqqajjffwygacgz.init.cedexis-radar.net/i2/1/55156/j1/20/119/1589205965/0/0/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i2-byyxbdnimkupxzgsqqajjffwygacgz.init.cedexis-radar.net/i2/1/55156/j1/20/119/1589205965/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.225.98.130 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS
130.98.225.104.ptr.anycast.net
Software
nginx/1.10.3 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 May 2020 14:06:05 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/custom.css?v=M03heV2_swSSPZEjXgTZNhCNooNEYhhwEEZ20l63GN81
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
3c2c0de39b20207cc536762190a2dc7cfc1cc31a8ec0996efef7f9e8951cc491
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:10 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:57:32 GMT
x-sf-server
web_ssl/i-0fc95196017df9d41_us-east-1c
etag
"0c612cd681ed61:0"
vary
Accept-Encoding
content-type
text/css
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600, private
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
5116
x-content-type-options
nosniff
errorhandler.js
gbtpa.sharefile.com/_Auth/ 		548 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/_Auth/errorhandler.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:10 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:57:22 GMT
x-sf-server
web_ssl/i-0610243cd627d99fa_us-east-1c
etag
"0e51cc7681ed61:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600, private
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
349
x-content-type-options
nosniff
webpop
gbtpa.sharefile.com/cache/sha/javascript/bundles/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=ZlEgGlB6pn87-ulZEqWpstb912iew079N8i1OieQpdY1
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 14:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 May 2020 14:06:11 GMT
x-sf-server
web_ssl/i-0bb67ec1a4d812f84_us-east-1b
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
29743
x-xss-protection
1; mode=block
referrer-policy
same-origin
expires
Tue, 11 May 2021 14:06:11 GMT
webpoprequireconfig
gbtpa.sharefile.com/cache/sha/bundles/ 		901 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/sha/bundles/webpoprequireconfig?v=f_mmgl3PjDKmqY_XXTrAIsqDTRDJHCFUxQEjPPyC9H01
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
611b16fc56edbe8c6202316e35177b317d2770e98d80c6852c0b2b7559b8dc76
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
User-Agent,Accept-Encoding
content-length
424
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 11 May 2020 14:06:11 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
expires
Tue, 11 May 2021 14:06:11 GMT
1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbtpa.sharefile.com/styles/images/1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:11 GMT
referrer-policy
same-origin
last-modified
Mon, 06 Mar 2017 19:21:48 GMT
x-sf-server
web_ssl/i-0bb67ec1a4d812f84_us-east-1b
etag
"143bc5e6ae96d21:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
image/png
status
200
x-xss-protection
1; mode=block
accept-ranges
bytes
content-length
8438
x-content-type-options
nosniff
expires
Wed, 01 Jan 2020 00:00:00 GMT
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 		336 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/Authentication/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-31.ham50.r.cloudfront.net
Software
UploadServer /
Resource Hash
0be349a9e1d7fd42410439676461a0e2e7448037dfc60d7f355a2a5fe8fd3350

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 May 2020 14:05:19 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Age
52
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin
*
Last-Modified
Thu, 07 May 2020 18:07:49 GMT
Server
UploadServer
ETag
"349d0bd2f810a96e6d6b3ebac8c1a8bc"
Vary
Accept-Encoding
x-goog-hash
crc32c=l+RGKQ==, md5=NJ0L0vgQqW5taz66yMGovA==
x-goog-generation
1588874869530402
Via
1.1 8ba20463cf6d26f2beee0d9d3bd186ac.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
108510
X-Amz-Cf-Pop
HAM50-C2
Accept-Ranges
bytes
X-GUploader-UploadID
AAANsUldcyq3Dz9Jz4zLvNbJYXtJmmJ8pCHP6LllEP_P4UPaytr5VZ1Cksjt9vNkIX2EVASxpELi_l32gQeYjukGWA
X-Amz-Cf-Id
88SDuOgaMSKoDU6wGHVGsegXxhPM14nBKnUH8m5goNM1i9VI5xvgtw==
Expires
Mon, 11 May 2020 14:12:49 GMT
webpop.js
gbtpa.sharefile.com/cache/adf282bfb8/bundles/ 		699 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/adf282bfb8/bundles/webpop.js
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/sha/javascript/bundles/webpop?v=ZlEgGlB6pn87-ulZEqWpstb912iew079N8i1OieQpdY1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gbtpa.sharefile.com/Authentication/Login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
197004
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:57:32 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
etag
"0c612cd681ed61:0"
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
login
gbtpa.sharefile.com/saml/ 		5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=t45VNFkl.2w4CeMxIX6c1A--&redirect_uri=https%3A%2F%2Fgbtpa.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/adf282bfb8/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-09Ach2xYmjwYe+iPL4rERg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gbtpa.sharefile.com
:scheme
https
:path
/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=t45VNFkl.2w4CeMxIX6c1A--&redirect_uri=https%3A%2F%2Fgbtpa.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://gbtpa.sharefile.com/Authentication/Login
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SFWEB_SRVNAME=i-062a8465ffeeeccfb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gbtpa.sharefile.com/Authentication/Login

Response headers

status
200
cache-control
private,no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
0
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=yfjjp5313kp33klc4w0d1ei5; path=/; secure; HttpOnly; SameSite=None
x-frame-options
DENY
content-security-policy
style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-09Ach2xYmjwYe+iPL4rERg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
date
Mon, 11 May 2020 14:06:11 GMT
content-length
3162
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
strict-transport-security
max-age=16000000; includeSubDomains; preload;
en.json
gbtpa.sharefile.com/cache/4d92c4a085973b8df2a87623c7260a22250b713f/_Auth/locales/ 		23 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbtpa.sharefile.com/cache/4d92c4a085973b8df2a87623c7260a22250b713f/_Auth/locales/en.json
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/cache/adf282bfb8/bundles/webpop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.3.211.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-211-188.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gbtpa.sharefile.com/Authentication/Login
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:11 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 29 Apr 2020 20:57:32 GMT
x-sf-server
web_ssl/i-062a8465ffeeeccfb_us-east-1c
etag
"0c612cd681ed61:0"
vary
Accept-Encoding
content-type
application/json
status
200
x-xss-protection
1; mode=block
cache-control
max-age=1209600
strict-transport-security
max-age=16000000; includeSubDomains; preload;
accept-ranges
bytes
content-length
7874
x-content-type-options
nosniff
Cookie set startSSO.ping
sso.gallagherbassett.com/idp/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com
Requested by
Host: gbtpa.sharefile.com
URL: https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=t45VNFkl.2w4CeMxIX6c1A--&redirect_uri=https%3A%2F%2Fgbtpa.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
151.147.160.186 Schaumburg, United States, ASN46342 (AJGCO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;

Request headers

Host
sso.gallagherbassett.com
Connection
keep-alive
Content-Length
4270
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 May 2020 14:06:12 GMT
Referrer-Policy
origin
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com;
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=BW0VU3I4rRvQpHUO6b8IQZ;Path=/;Secure;HttpOnly;SameSite=None
Content-Length
5670
Sharefile
www.gallagherbassett.com/sso/app/startsso/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Requested by
Host: sso.gallagherbassett.com
URL: https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
POST
:authority
www.gallagherbassett.com
:scheme
https
:path
/sso/app/startsso/Sharefile
content-length
4526
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://sso.gallagherbassett.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://sso.gallagherbassett.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://sso.gallagherbassett.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://sso.gallagherbassett.com/

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
mKey=c4799498-61d1-4d43-9fc5-3a5d6d97af79; expires=Fri, 11-May-2040 14:06:13 GMT; path=/; HttpOnly visid_incap_1944542=b2G8BSfURYuqZF/wV19gCNRbuV4AAAAAQUIPAAAAAADeXiMzOvKSLwaT5hT10Irl; expires=Mon, 10 May 2021 15:39:37 GMT; HttpOnly; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None incap_ses_450_1944542=7KvoRSuUHFtx1WqspLg+BtVbuV4AAAAAr/+mFBeqpUTJ/Rdn4ZDnKg==; path=/; Domain=.gallagherbassett.com; Secure; SameSite=None
date
Mon, 11 May 2020 14:06:12 GMT
strict-transport-security
max-age=31536000
x-cdn
Incapsula
x-iinfo
2-48579273-48579274 NNNN CT(97 200 0) RT(1589205972625 0) q(0 0 3 1) r(5 5) U6
gbStyles2047
www.gallagherbassett.com/sso/lib/ 		259 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/lib/gbStyles2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 07:05:43 GMT
x-cdn
Incapsula
etag
"7b512c5c"
strict-transport-security
max-age=31536000
content-type
text/css; charset=utf-8
status
200
x-iinfo
2-48579294-0 0CNN RT(1589205973150 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30387570, public
content-length
47731
expires
Wed, 28 Apr 2021 07:05:43 GMT
preload2047
www.gallagherbassett.com/sso/bundles/lib/ 		296 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 10:28:33 GMT
x-cdn
Incapsula
etag
"c2abd5c8"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
2-48579295-0 0CNN RT(1589205973156 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30399740, public
content-length
103059
expires
Wed, 28 Apr 2021 10:28:33 GMT
startssojs2047
www.gallagherbassett.com/sso/bundles/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/startssojs2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 07:59:23 GMT
x-cdn
Incapsula
etag
"46d83c51"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
2-48579296-0 0CNN RT(1589205973160 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30390790, public
content-length
26034
expires
Wed, 28 Apr 2021 07:59:23 GMT
GBLogo400px.png
www.gallagherbassett.com/sso/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/GBLogo400px.png
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
last-modified
Wed, 04 Mar 2020 04:14:34 GMT
x-cdn
Incapsula
etag
"0b1e69dbf1d51:0"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
x-iinfo
2-48579299-48573214 2CNN RT(1589205973245 0) q(0 0 0 -1) r(0 0)
content-length
14208
spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 		0
0
postload2047
www.gallagherbassett.com/sso/bundles/lib/ 		390 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/postload2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 07:59:23 GMT
x-cdn
Incapsula
etag
"9c7bb35e"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
2-48579297-0 0CNN RT(1589205973219 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30390790, public
content-length
115846
expires
Wed, 28 Apr 2021 07:59:23 GMT
_Incapsula_Resource
www.gallagherbassett.com/ 		126 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1682952654
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
18534
content-type
application/javascript
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5258
date
Mon, 11 May 2020 12:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 11 May 2020 14:38:35 GMT
Primary Request Logon
www.gallagherbassett.com/sso/App/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/App/Logon
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/app/startsso/Sharefile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fc449a2e8b41949279a452bb85f72ac0c0c0f077e3b7daa582cd47a5ef4a6c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
POST
:authority
www.gallagherbassett.com
:scheme
https
:path
/sso/App/Logon
content-length
82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.gallagherbassett.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
mKey=c4799498-61d1-4d43-9fc5-3a5d6d97af79; visid_incap_1944542=b2G8BSfURYuqZF/wV19gCNRbuV4AAAAAQUIPAAAAAADeXiMzOvKSLwaT5hT10Irl; incap_ses_450_1944542=7KvoRSuUHFtx1WqspLg+BtVbuV4AAAAAr/+mFBeqpUTJ/Rdn4ZDnKg==
Upgrade-Insecure-Requests
1
Origin
https://www.gallagherbassett.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
date
Mon, 11 May 2020 14:06:13 GMT
strict-transport-security
max-age=31536000
x-cdn
Incapsula
x-iinfo
2-48579304-48579274 PNNN RT(1589205973272 0) q(0 0 0 -1) r(2 2) U6
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=526559192&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FSharefile&dr=https%3A%2F%2Fsso.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FSharefile&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAAB~&jid=2050576650&gjid=196008158&cid=487885767.1589205973&tid=UA-44339965-5&_gid=1852468492.1589205973&_r=1&z=418302282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/app/startsso/Sharefile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 May 2020 14:06:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
gbStyles2047
www.gallagherbassett.com/sso/lib/ 		259 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/lib/gbStyles2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fcfe5660da5d5d14221195af836815ecfdb434dbc11da9854e7419a295272382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 07:05:43 GMT
x-cdn
Incapsula
etag
"7b512c5c"
strict-transport-security
max-age=31536000
content-type
text/css; charset=utf-8
status
200
x-iinfo
2-48579312-0 0CNN RT(1589205973446 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30387570, public
content-length
47731
expires
Wed, 28 Apr 2021 07:05:43 GMT
preload2047
www.gallagherbassett.com/sso/bundles/lib/ 		296 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 10:28:33 GMT
x-cdn
Incapsula
etag
"c2abd5c8"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
2-48579313-0 0CNN RT(1589205973449 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30399740, public
content-length
103059
expires
Wed, 28 Apr 2021 10:28:33 GMT
logonjs2047
www.gallagherbassett.com/sso/bundles/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/logonjs2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4aa758e92af719f76a95072531f72ae7dbab782c6b5b3be98b70ccb1899de641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 07:59:30 GMT
x-cdn
Incapsula
etag
"2dea58f9"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
2-48579314-0 0CNN RT(1589205973452 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30390797, public
content-length
26803
expires
Wed, 28 Apr 2021 07:59:30 GMT
GBLogo400px.png
www.gallagherbassett.com/sso/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/GBLogo400px.png
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6c5a8c89c8039da5b78180e501c8b2ca6b47e347e51505896b4f63122cbdff3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
last-modified
Wed, 04 Mar 2020 04:14:34 GMT
x-cdn
Incapsula
etag
"0b1e69dbf1d51:0"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
x-iinfo
2-48579317-0 0CNN RT(1589205973493 0) q(0 -1 -1 -1) r(0 -1)
content-length
14208
spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
last-modified
Wed, 04 Mar 2020 04:14:36 GMT
server
Microsoft-IIS/8.0
etag
"0de3f6adbf1d51:0"
strict-transport-security
max-age=31536000
content-type
image/gif
status
200
x-iinfo
2-48579318-48575946 2NNN RT(1589205973515 0) q(0 0 0 -1) r(4 4)
accept-ranges
bytes
content-length
2704
x-cdn
Incapsula
Do_not_show_again.png
www.gallagherbassett.com/sso/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/Do_not_show_again.png
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e39e65775ff6018483e76169bc639c43e0fc016967cd853cd3b47217594cd6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
last-modified
Wed, 04 Mar 2020 04:14:34 GMT
x-cdn
Incapsula
etag
"0b1e69dbf1d51:0"
strict-transport-security
max-age=31536000
content-type
image/png
status
200
x-iinfo
2-48579319-48573216 2CNN RT(1589205973516 0) q(0 0 0 -1) r(0 0)
content-length
1652
postload2047
www.gallagherbassett.com/sso/bundles/lib/ 		390 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/bundles/lib/postload2047
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 07:59:23 GMT
x-cdn
Incapsula
etag
"9c7bb35e"
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
status
200
x-iinfo
2-48579316-0 0CNN RT(1589205973482 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=30390790, public
content-length
115846
expires
Wed, 28 Apr 2021 07:59:23 GMT
_Incapsula_Resource
www.gallagherbassett.com/ 		128 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=9&cb=1223550971
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7bda64de17d09f76bfb8bd050cc6df7727184f51fc2538106b3f11caf399d35a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
18818
content-type
application/javascript
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5258
date
Mon, 11 May 2020 12:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 11 May 2020 14:38:35 GMT
collect
www.google-analytics.com/ 		35 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1296371365&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gallagherbassett.com%2Fsso%2FApp%2FLogon&dp=%2FApp%2FLogon&ul=en-us&de=UTF-8&dt=Logon%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAAAB~&jid=&gjid=&cid=487885767.1589205973&tid=UA-44339965-5&_gid=1852468492.1589205973&z=432686701
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Apr 2020 02:22:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2202234
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cmPrivacyPolicyVw.html
www.gallagherbassett.com/sso/SPA/Common/privacyPolicy/ 		1 KB
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/SPA/Common/privacyPolicy/cmPrivacyPolicyVw.html
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
424728a2b3db2af33132b75621d6d1efa840a8a8c7768fff49b2b2eb4d15ffa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
last-modified
Wed, 04 Mar 2020 04:14:36 GMT
server
Microsoft-IIS/8.0
etag
"0de3f6adbf1d51:0"
vary
Accept-Encoding
content-type
text/html
status
200
x-iinfo
2-48579329-48579274 PNNN RT(1589205973617 0) q(0 0 0 -1) r(1 1) U12
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-cdn
Incapsula
BackgroundImage3.jpg
www.gallagherbassett.com/sso/images/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/sso/images/BackgroundImage3.jpg
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a5f63d83c1c0974831fa81e302e513c495097a2d37d9b9542ae8649f5b88af1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
last-modified
Wed, 04 Mar 2020 04:14:34 GMT
x-cdn
Incapsula
etag
"0b1e69dbf1d51:0"
strict-transport-security
max-age=31536000
content-type
image/jpeg
status
200
x-iinfo
2-48579330-48573214 2CNN RT(1589205973622 0) q(0 0 0 -1) r(0 0)
content-length
317403
glyphicons-halflings-regular.woff
www.gallagherbassett.com/sso/lib/bootstrap/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/sso/lib/bootstrap/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/logonjs2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.gallagherbassett.com/sso/lib/gbStyles2047
Origin
https://www.gallagherbassett.com

Response headers

date
Mon, 11 May 2020 14:06:13 GMT
last-modified
Wed, 04 Mar 2020 04:14:34 GMT
server
Microsoft-IIS/8.0
etag
"0b1e69dbf1d51:0"
strict-transport-security
max-age=31536000
content-type
font/x-woff
status
200
x-iinfo
2-48579331-48573214 2NNN RT(1589205973634 0) q(0 0 0 -1) r(4 4) U12
accept-ranges
bytes
content-length
23424
x-cdn
Incapsula
GetMessages
www.gallagherbassett.com/ssoapi/API/APP/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/ssoapi/API/APP/GetMessages
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c2fdd8128ab8551fbc652b60f996c1b08b265764602eec618264ebbb9b1df038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
RequestVerificationToken
YPaSjXE6pEuCqcP5FJKn42bGh-DJ8Xl_5Jj77YDxLS736Y0GRgsiT68luKmlwMg7I3OrGc8r0JzXriEu0whmTS2TwQQ1:rTOvYZXHJxzyA6IT0xXEkPMpQ_-c_qvoBnS4lJDc28PEJnk-00k76412ZQk1TpX2CzkU1tmesRLN5F1oaoDHaQz2fu41
Referer
https://www.gallagherbassett.com/sso/App/Logon
TabKey
.undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
x-cdn
Incapsula
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
x-iinfo
2-48579335-48579336 NNNY CT(0 0 0) RT(1589205973691 0) q(0 0 0 -1) r(3 3) U6
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
6070
expires
-1
GetMessages
www.gallagherbassett.com/ssoapi/API/APP/ 		971 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gallagherbassett.com/ssoapi/API/APP/GetMessages
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/bundles/lib/preload2047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0971b24137389134cddec07110c5479fe08115abd10d9c2a30ffed2e9585ff72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
RequestVerificationToken
YPaSjXE6pEuCqcP5FJKn42bGh-DJ8Xl_5Jj77YDxLS736Y0GRgsiT68luKmlwMg7I3OrGc8r0JzXriEu0whmTS2TwQQ1:rTOvYZXHJxzyA6IT0xXEkPMpQ_-c_qvoBnS4lJDc28PEJnk-00k76412ZQk1TpX2CzkU1tmesRLN5F1oaoDHaQz2fu41
Referer
https://www.gallagherbassett.com/sso/App/Logon
TabKey
.undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 May 2020 14:06:13 GMT
content-encoding
gzip
x-cdn
Incapsula
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
x-iinfo
2-48579337-48579338 NNNY CT(0 0 0) RT(1589205973725 0) q(0 0 0 -1) r(1 1) U6
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
515
expires
-1
_Incapsula_Resource
www.gallagherbassett.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6587862042501613
Requested by
Host: www.gallagherbassett.com
URL: https://www.gallagherbassett.com/sso/App/Logon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.123.80 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.gallagherbassett.com/sso/App/Logon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gallagherbassett.com
URL
https://www.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| logGa function| $ function| jQuery object| jQuery1110004314947407385761 object| angular string| GoogleAnalyticsObject function| ga function| loadMdl function| UAParser object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ngGridDoubleClick function| DP_jQuery_1589205973602 object| ngGrid function| printStackTrace

7 Cookies

Domain/Path Name / Value
www.gallagherbassett.com/ Name: ___utmvc
Value: sMxcEIhqTWTeo2i2O7EjLD50D7wK7MikGTqkBFo3UDFxiEW2NCWW4/A3RigJp2p+azSdpMtAKYOfNfXcQlzhfcaHfLXmdYhqJ+uy8xyHeh0om4ax4Bq+iAikC9IEG/ntyW3QiiOT/QFu4iWZVTZLpWkZwcCmiS8ltXELPkPWcXZ/fF22x2TIFlyQ56qEvUY7xqTh5ryIeZsWWHr5wddl89vdOJ/koErkgujYML4icLsnY7wzQF+xX69DB+4ZxHx+XNcJe8mLS8RF+oTffTx0GHNFnroU+6Q779M65HAd1VANHQzS0Hk1DWaTG4UrCluemwIuqF4+i95E2eCig9aDtgbLMro2EzaxHkoW8p9t3Kp+tSZfMZFz3Kz4q+E9E4+tt4LD2qmETUqHwIltj9Jht4KRzJxH1P67XY325wP0M+pMR954Kgl/vfGShyPXmREu270PmAmp6cwSblvXcFrK/3MQ1ETU/r+FFY7KD2ChgfxKHznfTTUZi7m/LWUBU0wvd8fF8vCqvfkNGZx93/JHxiBgVSHttqZGgRZIzNI1Ws85AD842wX2WIK63mtc98XuPMHUmn2zuh/lGsu0Ariufh9kHGG6wdTrkYSyPa2xCIGZJV5P2IAxY6Prwysk+/NsWMd0mEzc4b1YN6+vKiTvOfzf1QCcqKDDBA2wutos6TPU5kjQa6aIOUw7JK8/ANRH3G5Wn5X/oSBezyjp8A7RsygWysDQUkQJDhWvmopDBJGG0R4m3W6yHI7DH8AnLILwn0KJa2Vl1e/eIV/TR2jQoHxw9DpGgso7TWtSTx+A/W+ZVK2QIUqZulRn+Z8VBlKIRUsCZzjzje5bzISiuU0YG/DTW8zW8IJjL15rNVxD/TpmL3sefV/oHc8yQ1c5jS3wmM+Xxn4hCYzmEKLgCwvmCL5PJmAuTdGsQbCQm57CHGjCEj1jd7f050YriEfWpJSahwlG/ZkWUwiN/qRiE/xR76gsC3Bl4yyaEMTcYr795+jE5aIhmitlaAie1RzViDPh5J/zsb5B131KKd1yRHRE5wdqIZNpJvqoyzKn9Na8M2l7q2FSX5GThi37fPm3yXnFQs9n9E/tgtSxU/FH1RKkCig+d8ZwWroCw7Jb+UgBFjDZqpr5HOD6ZZsN7Wz04LP/1rZrasJvu2v9VxXdMPVFiRmKvhpSJ/nGO2gu6fYqDgRYZYtWChMyA/xTb8YT/iE/+rjdh11BhB3ljzsGDB4O5ZPqtwyGbmpKFB6DN8BPJZZJt2eieFxnY2B/ZNj2Qw8W9pYGhuOusTO9f3GUpIpQY958SSUIq9wriMJ8y8OoKl3unQL3qIhMe5NOsUaJkAn+0qynpjRaGH7eLoZ+Bojjt088at0COF6cG3Sgyas7YhKHSCqZguMcTFFRY5f8PG/DMyHqY9ybD8iGYqzN2309/xJObQ45hOTrAkaqpzltQ5sTpPo3dcbgyaQ+vDJwY08pZn55/30R9s3JAGSSy/2n6tCFC0Bx0HaU4U+jYPTT1ZQutfPPbt21SoxUQV5dCuM7QgSeKrlgshITquqW70CIMGtcje7YZDEF6A0moEnCtrYPzcdJDHCRZ+Hevt6XSrLClqn0SzJu09ogzew81H5swmWULkK/xLrhFd8QcyxkaWdlc3Q9MTEzOTM4LHM9ODU5OGFkNmQ5N2FjODg4MzdiYTI4MzdlOGE3N2E5YTZhMjhkOGFhNTVlOTNhMTgxYTg4OTg0YjM4YTZmNzM2Nzk3ODk1ZTg1OTJhODcwNzY=
.gallagherbassett.com/ Name: _ga
Value: GA1.2.487885767.1589205973
.gallagherbassett.com/ Name: _gat
Value: 1
.gallagherbassett.com/ Name: _gid
Value: GA1.2.1852468492.1589205973
.gallagherbassett.com/ Name: incap_ses_450_1944542
Value: 7KvoRSuUHFtx1WqspLg+BtVbuV4AAAAAr/+mFBeqpUTJ/Rdn4ZDnKg==
.gallagherbassett.com/ Name: visid_incap_1944542
Value: b2G8BSfURYuqZF/wV19gCNRbuV4AAAAAQUIPAAAAAADeXiMzOvKSLwaT5hT10Irl
www.gallagherbassett.com/ Name: mKey
Value: c4799498-61d1-4d43-9fc5-3a5d6d97af79

2 Console Messages

Source Level URL
Text
console-api log URL: https://gbtpa.sharefile.com/cache/adf282bfb8/bundles/webpop.js(Line 175)
Message:
Debug:Enabled
console-api log URL: https://gbtpa.sharefile.com/cache/adf282bfb8/bundles/webpop.js(Line 175)
Message:
Application:Starting

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-eESk4Rh3tO6TqE7I/Zm3sA==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pendo.io
gbtpa.sharefile.com
i2-byyxbdnimkupxzgsqqajjffwygacgz.init.cedexis-radar.net
radar.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
www.gallagherbassett.com
104.225.98.130
151.147.160.186
2a00:1450:4001:817::200e
45.54.49.5
45.60.123.80
52.222.190.31
52.3.211.188
0971b24137389134cddec07110c5479fe08115abd10d9c2a30ffed2e9585ff72
0be349a9e1d7fd42410439676461a0e2e7448037dfc60d7f355a2a5fe8fd3350
169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3c2c0de39b20207cc536762190a2dc7cfc1cc31a8ec0996efef7f9e8951cc491
424728a2b3db2af33132b75621d6d1efa840a8a8c7768fff49b2b2eb4d15ffa5
4aa758e92af719f76a95072531f72ae7dbab782c6b5b3be98b70ccb1899de641
51a54db3f6556449ca7cf9414100591238fd59c2b531a148054783aa5dc3540a
572f08a1252a3232b73f63df89e6cf423e7bd1814dc7eea560e2901b172b9183
611b16fc56edbe8c6202316e35177b317d2770e98d80c6852c0b2b7559b8dc76
6c5a8c89c8039da5b78180e501c8b2ca6b47e347e51505896b4f63122cbdff3e
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
7bda64de17d09f76bfb8bd050cc6df7727184f51fc2538106b3f11caf399d35a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a5f63d83c1c0974831fa81e302e513c495097a2d37d9b9542ae8649f5b88af1b
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
b0aba32165027cfad4142e7f93cd40d2e3bf50ea427792f9a81c792f383e9910
c2fdd8128ab8551fbc652b60f996c1b08b265764602eec618264ebbb9b1df038
c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767
d1ffb37fbb9f91f52dce0e749d85f9361adba3ccb844a383027f86e3b0d6527b
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
e39e65775ff6018483e76169bc639c43e0fc016967cd853cd3b47217594cd6bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc449a2e8b41949279a452bb85f72ac0c0c0f077e3b7daa582cd47a5ef4a6c4b
fcfe5660da5d5d14221195af836815ecfdb434dbc11da9854e7419a295272382