www.gallagherbassett.com
Open in
urlscan Pro
45.60.123.80
Public Scan
Effective URL: https://www.gallagherbassett.com/sso/App/Logon
Submission Tags: falconsandbox
Submission: On March 21 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 24th 2020. Valid for: 2 years.
This is the only time www.gallagherbassett.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 17 | 52.3.211.188 52.3.211.188 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 151.101.14.217 151.101.14.217 | 54113 (FASTLY) (FASTLY) | |
1 2 | 35.241.57.45 35.241.57.45 | 15169 (GOOGLE) (GOOGLE) | |
2 | 13.226.159.15 13.226.159.15 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 52.1.177.90 52.1.177.90 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 104.225.98.129 104.225.98.129 | 36236 (NETACTUATE) (NETACTUATE) | |
1 | 2607:f740:e61... 2607:f740:e619::1 | 63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate) | |
2 | 151.147.160.186 151.147.160.186 | 46342 (AJGCO) (AJGCO) | |
12 | 45.60.123.80 45.60.123.80 | 19551 (INCAPSULA) (INCAPSULA) | |
2 | 2a00:1450:400... 2a00:1450:4001:803::200e | 15169 (GOOGLE) (GOOGLE) | |
50 | 10 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-211-188.compute-1.amazonaws.com
gbtpa.sharefile.com |
ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com
radar.cedexis.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-15.dus51.r.cloudfront.net
cdn.pendo.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-177-90.compute-1.amazonaws.com
gbtpa.sf-api.com |
ASN36236 (NETACTUATE, US)
PTR: 129.98.225.104.ptr.anycast.net
i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
sharefile.com
2 redirects
gbtpa.sharefile.com |
855 KB |
14 |
gallagherbassett.com
sso.gallagherbassett.com www.gallagherbassett.com |
564 KB |
10 |
sf-api.com
gbtpa.sf-api.com |
7 KB |
4 |
launchdarkly.com
app.launchdarkly.com |
625 B |
3 |
cedexis.com
1 redirects
radar.cedexis.com rpt.cedexis.com |
19 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
pendo.io
cdn.pendo.io |
243 KB |
1 |
cedexis-radar.net
i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net |
1 KB |
50 | 8 |
Domain | Requested by | |
---|---|---|
17 | gbtpa.sharefile.com |
2 redirects
gbtpa.sharefile.com
|
12 | www.gallagherbassett.com |
www.gallagherbassett.com
|
10 | gbtpa.sf-api.com |
gbtpa.sharefile.com
|
4 | app.launchdarkly.com |
gbtpa.sharefile.com
|
2 | www.google-analytics.com |
www.gallagherbassett.com
www.google-analytics.com |
2 | sso.gallagherbassett.com |
www.gallagherbassett.com
|
2 | cdn.pendo.io |
gbtpa.sharefile.com
|
2 | radar.cedexis.com |
1 redirects
gbtpa.sharefile.com
|
1 | rpt.cedexis.com |
radar.cedexis.com
|
1 | i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net |
radar.cedexis.com
|
50 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sharefile.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-08 - 2022-03-16 |
a year | crt.sh |
c3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-03-09 - 2021-04-20 |
a month | crt.sh |
radar.cedexis.com Go Daddy Secure Certificate Authority - G2 |
2019-06-26 - 2021-08-25 |
2 years | crt.sh |
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA |
2019-06-04 - 2021-09-02 |
2 years | crt.sh |
*.sf-api.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-17 - 2021-11-21 |
a year | crt.sh |
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2 |
2019-11-14 - 2022-01-13 |
2 years | crt.sh |
sso.gallagherbassett.com DigiCert SHA2 Secure Server CA |
2020-05-05 - 2021-05-31 |
a year | crt.sh |
www.gallagherbassett.com DigiCert SHA2 Secure Server CA |
2020-02-24 - 2022-03-10 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-02-23 - 2021-05-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.gallagherbassett.com/sso/App/Logon
Frame ID: A84DA0186D0360C614C8B3D18D6A8BD2
Requests: 43 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://gbtpa.sharefile.com/ Page URL
-
https://gbtpa.sharefile.com/login
HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=X... HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
- https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=9... Page URL
- https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
- https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
- https://www.gallagherbassett.com/sso/App/Logon Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://gbtpa.sharefile.com/ Page URL
-
https://gbtpa.sharefile.com/login
HTTP 302
https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Xgzt8I5Yuc2Ho9eml2Fgmg--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
https://gbtpa.sharefile.com/Authentication/Login Page URL
- https://gbtpa.sharefile.com/saml/login?oauth=1&email=&client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=9enmm3tlfplXMZToGcykeQ--&redirect_uri=https%3A%2F%2Fsecure.sharefile.com%2Flogin%2Foauthlogin&response_type=code&h=&subdomain=gbtpa&appcp=sharefile.com&apicp=sf-api.com Page URL
- https://sso.gallagherbassett.com/idp/startSSO.ping?PartnerSpId=https://gbtpa.sharefile.com Page URL
- https://www.gallagherbassett.com/sso/app/startsso/Sharefile Page URL
- https://www.gallagherbassett.com/sso/App/Logon Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://radar.cedexis.com/1/55156/radar.js HTTP 302
- https://radar.cedexis.com/1593429750/radar.js
- https://gbtpa.sharefile.com/login HTTP 302
- https://gbtpa.sharefile.com/Authentication/StartLogin?client_id=Dzi4UPUAg5l8beKdioecdcnmHUTWWln6&state=Xgzt8I5Yuc2Ho9eml2Fgmg--&redirect_uri=https%3a%2f%2fsecure.sharefile.com%2flogin%2foauthlogin&saml_noiframe=False&subdomain=gbtpa&autoredirect=False&requirev3=False&fix_mie_viewport=False&device_id_supported=True HTTP 302
- https://gbtpa.sharefile.com/Authentication/Login
50 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
gbtpa.sharefile.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.css
gbtpa.sharefile.com/css/ |
1 KB 788 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ShimSham
gbtpa.sharefile.com/javascript/bundles/ |
86 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.78534fe2a04db73d4257.js
gbtpa.sharefile.com/bundles/ |
2 MB 557 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.svg
gbtpa.sharefile.com/css/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ |
2 B 171 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
radar.js
radar.cedexis.com/1593429750/ Redirect Chain
|
44 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
REPORT H2 |
user
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ |
1 KB 454 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e008d67143b94c744ce.js
gbtpa.sharefile.com/bundles/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ |
385 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Branding
gbtpa.sf-api.com/sf/v3/Accounts/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Branding
gbtpa.sf-api.com/sf/v3/Accounts/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
providers.json
i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net/i2/1/55156/j1/20/122/1616308345/0/0/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1616308345213
rpt.cedexis.com/n1/0/1616308344543/0/0/0/0/1616308344543/1616308344544/1616308344552/1616308344552/1616308344762/1616308344566/1616308344762/1616308345092/1616308345093/1616308345095/1616308345837/... |
16 B 283 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Users
gbtpa.sf-api.com/sf/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Accounts
gbtpa.sf-api.com/sf/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Users
gbtpa.sf-api.com/sf/v3/ |
118 B 830 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Accounts
gbtpa.sf-api.com/sf/v3/ |
118 B 830 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WorkspaceConfig
gbtpa.sf-api.com/sf/v3/Accounts/ |
118 B 830 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login
gbtpa.sharefile.com/Authentication/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Branding
gbtpa.sf-api.com/sf/v3/Accounts/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Branding
gbtpa.sf-api.com/sf/v3/Accounts/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
gbtpa.sharefile.com/cache/sha/_Auth/Styles/custom/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
errorhandler.js
gbtpa.sharefile.com/_Auth/ |
548 B 726 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpop
gbtpa.sharefile.com/cache/sha/javascript/bundles/ |
91 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpoprequireconfig
gbtpa.sharefile.com/cache/sha/bundles/ |
1 KB 930 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pendo.js
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ |
385 KB 121 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1afd7148-d699-4d3e-9bbe-40ef7fbd0ede.png
gbtpa.sharefile.com/styles/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpop.js
gbtpa.sharefile.com/cache/73a4e0bf68/bundles/ |
731 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
gbtpa.sharefile.com/saml/ |
5 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
gbtpa.sharefile.com/cache/7603b8f2074c9bfdf6d434933669fcf4e18c75b4/_Auth/locales/ |
25 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
startSSO.ping
sso.gallagherbassett.com/idp/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Sharefile
www.gallagherbassett.com/sso/app/startsso/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gbStyles2055
www.gallagherbassett.com/sso/lib/ |
260 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preload2055
www.gallagherbassett.com/sso/bundles/lib/ |
697 KB 211 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
startssojs2055
www.gallagherbassett.com/sso/bundles/ |
67 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GBLogo400px.png
www.gallagherbassett.com/sso/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.gif
www.gallagherbassett.com/sso/SPA/Common/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postload2055
www.gallagherbassett.com/sso/bundles/lib/ |
390 KB 113 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.gallagherbassett.com/ |
142 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
Logon
www.gallagherbassett.com/sso/App/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 194 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logonjs2055
www.gallagherbassett.com/sso/bundles/ |
355 KB 102 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.gallagherbassett.com/ |
140 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openid-configuration
sso.gallagherbassett.com/.well-known/ |
3 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.gallagherbassett.com/ |
1 B 36 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Oidc object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| settings object| mgr7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gallagherbassett.com/ | Name: _gat Value: 1 |
|
.gallagherbassett.com/ | Name: _gid Value: GA1.2.557532403.1616308350 |
|
.gallagherbassett.com/ | Name: _ga Value: GA1.2.130536333.1616308350 |
|
www.gallagherbassett.com/ | Name: ___utmvc Value: TXG7ZRqcgJgB8BS5VrtUCQ/FymXfXHdZccvy/VCrjCBYcMjmVJJOyZG5WCwpQgFxlFDuIFF0SOxv0CNiC7z2XvyK6xtB3MDVlrzBQwHfiDaPjfUhWU9ojOV3yhF8ar0hl/JU1TyerwOKTP71PClDNXAlp/+4N1k+MF7My6E1eyv2jCiw1NQVD5EeQB+xbC2BaBVZsalK9Ve3t+i0anHHKulLqSVdxilZaaR5mhKnPAKP2U1GUWhZQzZ/Rr8wXyjD9LVEpkfqUWpVkpxLaiekzBEtTLgJ3mUxF5T6GrfBswTKkKVSyIzT/rL+7Kwuqvy3hRrKsnIZvi2aS8U6uuOUEX/JbcNRIEbeyj5t4ErM/8ZVLZdEALo19+7e0pC2SKqkjiaMT9eeCtlmFeSL5cl9Ol98mt7qKlbJ7yMC2y48E953SAjMTZCBIVhgeFhrHSICVnAS4a+j5KQixtbOg8olzWTo7rCAK/shQrV3JPx91hLjOxW82dxTn7khAu8YbDnMSCHhTF1NVAwR9Ny0t+1q3eF40wFq/okMTOFM0u7Ae2XsEUNAvIyKJuVDmQLMaU0Vr9/HE+qPQs5DSEfcsyBlDVDu6aAFnPjzeQ79ZOE3eweRZAwK748N+OutY9FX8lf+mZXHP+nidV1ivhTu3Z3jGWF9x4W1haMF9tIQvukgcb0OAdcO9NS2Pzgo1hT/te14Zd8EoaAKr7NqCObdcKtUW5ir7yIoKbqZItwx4MJP9yGw0sn7HpEzOwVyFHhh4cyKnF+W59k6dIIO29nst6M/vFaW2XNhknMs6/HRdkgp4yzw5VDD2o+mHvI0MyT/bvl+xviCPd5rxI/0+jQhKSzwGQdopZP+1ugP2mlKOVrdQvl/bFLFYhdwV5mDRFPQU74E4vMex6WsbndMF26lrW48E1mb+BmbKiq92y6ahw34H7PuiKQl4xTtfMJkdvlnzFyaWy9GZrAB4BBlk5LJl9vsOYqw+BEtEP4xayxjHrAW61QWV3kVrSPPDYfQb1gahukJwelAcalyQ9Bmnc92nsubTBllEzsC8USO3cnr8X84lWleKqsRUNfi0wT13OuK+p2L3d7bLO7N2ghO5jmXCP4UF1BomGEZ1hn4eJUmMd7cVSiOGRVfWN06JlE27cw7YPvcMRpwb51gEejkab5DjQsjXnU8v8gpIX8EfMLzbUfK+dhmWXj+7AXHlEQar0kFyGQc0i1ZP5HT9F/yyaRHNclWK4T/oapYzGYdHFrcLjwlNYc24ImVby0jgY6/d+f9Nk7QtEeuIzZ41uGmA5PzSHFYK+GowBQoYRdvCAwa33n27Ced0Phmv5T7D4mOR0vXvNbfaOQ2jY9a8VgSNuyToG2IPqKwqfzr5Gx2TcZGkcYG/0d6rDG6KrWSzZYnmQ16oWOo0pw2nh9Yd6MBCZpRFCXqf9Q3vaEw5YsX9a8aRNoe3MYATbHXOYnXtS9mQZ+VeJsmnCdVFudfgL9mI/biqnlPKSe64Yi/qiq+9aBKhKCDBTJpm6rZWwkem/RKIb2adPAEPt+IKTI7OlgRT8ogMICq/UEY2+srwfZ7KWn47s3poSCQD4a8a2k9vE15wsokTLSvhzhG89jmyg3cyt9ua2SKSwCFB1B53rcosOkL9v7pYzN80UD6p0r2PhElvdFQWlffEIQ3xmaHIAxeY/oywuw/v6yRmHjqxBODMy5uUwXdiB4W9JYYvNR48ywk9oJAgrTlsySzWQyvRJJ8Qe/yUJ02FNWmThwDvxLlckUEvgR/0Cq0OMBKmVZeZkMbWisDnJ6+X9ht80rUaSsxbCliZYnqlAGomIdACp1Oh33em53P4a01o9dkE5dyNi6toN52GwNMGCx7UBT7CSMtl0OfHMy8BK8u9nFsGc5pEAxVZbKoGliwPQ1Lf912Q56LLnchQPP/5zmf/vyS/inTpCDfS8t9m4deD2xsGcx4nJ7TXpDXSVCfkVGli/G5kH2AYxpY+fuQ5MeZutKHXXVorLPel4ALIwnQ1zZl/EV+DI8t+KWggGwWSuksZGlnZXN0PTEzOTQ1OCxzPTkyNjY2YTVmNzlhNjYxOThhZjc3ODdiMTc1ODFhNWEyNjVhNmEwOWI2YTY3ODc5YTgwYTc3YmFjNmQ5YTc3N2E4ZTdiNzk2YTk0NzQ3Njcx |
|
.gallagherbassett.com/ | Name: incap_ses_449_1944542 Value: aQYMc8mvkgOYk0s0fCs7BnzoVmAAAAAAaq40KdcjGRVYoStBDMz2/Q== |
|
.gallagherbassett.com/ | Name: visid_incap_1944542 Value: z+h4JzSTTwW7w+qFCq0dGHzoVmAAAAAAQUIPAAAAAAB0xqflODfGLsBvrQZfUkHJ |
|
www.gallagherbassett.com/ | Name: mKey Value: 750b0128-fcfd-45d0-9894-5baf0a2984d9 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-WrccWu9wfsmw5wJZK02lkQ==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation |
Strict-Transport-Security | max-age=16000000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.launchdarkly.com
cdn.pendo.io
gbtpa.sf-api.com
gbtpa.sharefile.com
i2-nqpaypfofgacjvdykydwyenlhkkeif.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
sso.gallagherbassett.com
www.gallagherbassett.com
www.google-analytics.com
104.225.98.129
13.226.159.15
151.101.14.217
151.147.160.186
2607:f740:e619::1
2a00:1450:4001:803::200e
35.241.57.45
45.60.123.80
52.1.177.90
52.3.211.188
0255f99991321bfd05720b5ff62032a3fc6333b9e0cd2c9fd2b712271d844757
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
0769cfe464db9e83c76e8c2c12af036a00a5bc1f2996a4cb7d896740b8087b4a
07d02fc074456846d2a6e2c2a1b135914c7c0941cd0a66a0254b853ab746fffb
16b4183175766ca41c7a7bd667ef9c758c3816cae54bc2015c91c2f8183f9e48
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1940fd591442bfaa6647c47e22682dd9a8f9849b2c190e6e028113ec48f4db64
4966da8c058159782499f7a543297fa3672e19b834a0af23d6a3a829c551804a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292
5a1bfdeb70de990937536bd03c2fd462aeb08efded039c353c789295245e8360
5b1ea5e8e2ab7e458a012b91b643ae271cc11190719e06829d658fcfd22813bf
5d3c0eee606d78fe60dc44cb73595c5e2c9d65d78b04e07d6e08c55e7deb6dfc
69ad1dfc4fa85b0781e450e01673ee860cd14e800755099da23ab3f008f12aa2
750bc684bc3145a7d983dc230e4405982702a9d561851d738d592637ff130ee8
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
7abb827a0bf979a7bfe47f2147e3b2076224db866c72f95cf3f38273bd8380c9
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8c574085e01380629adbc10ef94b8ae2adef6616e8a3e05500e2a38baa55a0f5
8cabba3d55d6af6259875cd3365b79fc96a4ebc12bfdd2cbafa5f0bd396a3cbe
aa8acf86363a9016cdf6ec5d3e37aebdfc7c340b75783e0f0159703285e0031a
c35537e2f527395fb0136031cfc59bb877952ecb4e2ab773c2cceec1cea8a3c2
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba
ca27116239c1ae0a907eabb4a530e047abb821e36758d416f920f4e57d239879
d65bc31f8775e478df629fbdc3b4205f7779501f6b4eeb5fda147ce55a09ef3e
dcbfbae7300938be8202c1b277ef4f3c61293113a8af8e9ed54cd109ddd304c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70c9fe2c57c9cac96696fbc4d4c31eb51536b819c5029c8964a33c82797914f
ed58d1a35e7c9f662166491d420937c8868a048ff3063c5d1938d070ad22ef72
fa5f137a79380aa128b66b8f7495375dda04fbcfa6d5fb2c28815fb031ad7c73
ff6a92cb1b37f26367c5940f0296b7e052e268fd9d2fcbded633e151c227cc98