stage.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rfmodstage.risxfacs.com/
Effective URL:
https://stage.gallagherbassett.com/sso/App/SignIn
Submission: On October 25 via manual (October 25th 2023, 8:45:06 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 57 HTTP transactions. The main IP is 45.60.123.80, located in United States and belongs to INCAPSULA, US. The main domain is stage.gallagherbassett.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 7th 2023. Valid for: a year.

This is the only time stage.gallagherbassett.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 45	45.60.123.80 45.60.123.80	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
57	6

45 45.60.123.80 (United States) 4 redirects

ASN19551 (INCAPSULA, US)

rfmodstage.risxfacs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssostage.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stage.gallagherbassett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gallagherbassett.com ssostage.gallagherbassett.com stage.gallagherbassett.com	1 MB
21	risxfacs.com 4 redirects rfmodstage.risxfacs.com	1 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	42 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1600 syndication.twitter.com — Cisco Umbrella Rank: 1900	132 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	43 KB
57	5

	Domain	Requested by
21	rfmodstage.risxfacs.com	4 redirects rfmodstage.risxfacs.com
19	stage.gallagherbassett.com	stage.gallagherbassett.com
5	ssostage.gallagherbassett.com	rfmodstage.risxfacs.com ssostage.gallagherbassett.com
3	www.google-analytics.com	stage.gallagherbassett.com
2	platform.twitter.com	rfmodstage.risxfacs.com platform.twitter.com
2	www.googletagmanager.com	rfmodstage.risxfacs.com www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
57	7

This site contains no links.

Subject Issuer	Validity	Valid
rfmodstage.risxfacs.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-23` - `2024-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
ssostage.gallagherbassett.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
stage.gallagherbassett.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-07` - `2024-04-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://stage.gallagherbassett.com/sso/App/SignIn
Frame ID: 0585084E1639235783146FD2F72163EC
Requests: 55 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Frfmodstage.risxfacs.com
Frame ID: 369A364AEBEFD7E4C88CA97F9982C1F9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://rfmodstage.risxfacs.com/ HTTP 301
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ Page URL
https://ssostage.gallagherbassett.com/as/authorization.oauth2?client_id=GBRFSTG&redirect_uri=https%3A%2F%2Frfmodst... Page URL
https://stage.gallagherbassett.com/sso/app/startsso/IdPApp Page URL
https://stage.gallagherbassett.com/sso/App/SignIn Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

57
Requests

86 %
HTTPS

60 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

2846 kB
Transfer

9064 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rfmodstage.risxfacs.com/ HTTP 301
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ Page URL
https://ssostage.gallagherbassett.com/as/authorization.oauth2?client_id=GBRFSTG&redirect_uri=https%3A%2F%2Frfmodstage.risxfacs.com%2Fcode&response_type=code&scope=edit&state=dbad92efaa324969af4bc099f180f5a6&code_challenge=Dlh5iB1r3o455voDPevVG5lEnoVNyjvtXHntkjtGr8g&code_challenge_method=S256&prompt=login&response_mode=query Page URL
https://stage.gallagherbassett.com/sso/app/startsso/IdPApp Page URL
https://stage.gallagherbassett.com/sso/App/SignIn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://rfmodstage.risxfacs.com/ HTTP 301
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/ HTTP 302
https://rfmodstage.risxfacs.com/

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
rfmodstage.risxfacs.com/
Redirect Chain

http://rfmodstage.risxfacs.com/
https://rfmodstage.risxfacs.com/
https://rfmodstage.risxfacs.com/
https://rfmodstage.risxfacs.com/
https://rfmodstage.risxfacs.com/

3 KB
2 KB

399ms
398ms

Document
text/html

45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

8110f06c9499a2fdd399d30e584211486144fd6b2f27d073027f735bb3a01bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html
date: Wed, 25 Oct 2023 20:45:01 GMT
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
pragma: no-cache
server: Microsoft-IIS/8.0
server-timing: dtSInfo;desc="0", dtRpid;desc="-1254240870"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 14-67174630-67174834 NNNN CT(120 111 0) RT(1698266699284 912) q(0 0 3 -1) r(4 4) U12
x-oneagent-js-injection: true
x-powered-by: ASP.NET
x-ruxit-js-agent: true

Redirect headers

cache-control: no-cache, no-store
content-length: 122
content-type: text/html
location: https://rfmodstage.risxfacs.com/
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 14-67174630-0 NNNN RT(1698266699284 646) q(0 0 -1 -1) r(2 -1) b6 U18

GET
H2 200 SourceSansPro-Regular.woff
rfmodstage.risxfacs.com/assets/SourceSansProFonts/ 117 KB
117 KB 338ms
335ms Font
application/font-woff 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/assets/SourceSansProFonts/SourceSansPro-Regular.woff

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

afadf555b734ddc0ce5f7e97510558b910515edbccbd148df2c08511d4225eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
x-powered-by: ASP.NET
content-type: application/font-woff
x-iinfo: 14-67174630-67172501 3NYN RT(1698266699284 1344) q(0 0 0 -1) r(2 2) U12
x-incap-sess-cookie-hdr: H5SkKFkatG83MoHdNgVPZEx+OWUAAAAAa2oFuEtNC9MhUWbc3knlMg==
server-timing: dtSInfo;desc="0", dtRpid;desc="-1880528114", dtTao;desc="1"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 SourceSansPro-Semibold.woff
rfmodstage.risxfacs.com/assets/SourceSansProFonts/ 117 KB
117 KB 388ms
385ms Font
application/font-woff 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/assets/SourceSansProFonts/SourceSansPro-Semibold.woff

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

337b72d488e45cf7b40593e55b3b857c4e6d613210b69bb063bfd76ed359a7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
x-powered-by: ASP.NET
content-type: application/font-woff
x-iinfo: 14-67174630-67152562 3NYN RT(1698266699284 1358) q(0 0 0 -1) r(2 2) U12
x-incap-sess-cookie-hdr: dteKIh8S3A83MoHdNgVPZEx+OWUAAAAAt6nQA6lB3NGHWaCXCeQE4Q==
server-timing: dtSInfo;desc="0", dtRpid;desc="-847238131", dtTao;desc="1"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 SourceSansPro-Bold.woff
rfmodstage.risxfacs.com/assets/SourceSansProFonts/ 116 KB
116 KB 388ms
385ms Font
application/font-woff 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/assets/SourceSansProFonts/SourceSansPro-Bold.woff

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

406aef1045dfbca29016bc4b33d57401f06f144529c89d6e9d08937537b83d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
x-powered-by: ASP.NET
content-type: application/font-woff
x-iinfo: 14-67174630-67153429 3NYN RT(1698266699284 1367) q(0 0 0 -1) r(2 2) U12
x-incap-sess-cookie-hdr: 4b+sI9W5dVI3MoHdNgVPZEx+OWUAAAAAm6Ee+65fuBP84lHKqXh9wg==
server-timing: dtSInfo;desc="0", dtRpid;desc="-871501298", dtTao;desc="1"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MaterialIcons-Regular.woff2
rfmodstage.risxfacs.com/assets/ 59 KB
60 KB 223ms
221ms Font
application/font-woff2 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/assets/MaterialIcons-Regular.woff2

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
x-powered-by: ASP.NET
content-type: application/font-woff2
x-iinfo: 14-67174630-67174834 PNNN RT(1698266699284 1375) q(0 0 0 -1) r(1 1) U12
x-incap-sess-cookie-hdr: XQ/XaJ7n7xo3MoHdNgVPZEx+OWUAAAAAYVFPI/QlQBwbTIVXP/4stA==
server-timing: dtSInfo;desc="0", dtRpid;desc="-1226006380", dtTao;desc="1"
accept-ranges: bytes
timing-allow-origin: *
content-length: 60840

GET
H2 200 MaterialIcons-Regular.woff
rfmodstage.risxfacs.com/assets/ 78 KB
78 KB 388ms
386ms Font
application/font-woff 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/assets/MaterialIcons-Regular.woff

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

4c463e02509bd9ab8787f6e37f2e926d405e5e22be38643264746c4ddc6755cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
x-powered-by: ASP.NET
content-type: application/font-woff
x-iinfo: 14-67174630-67173075 3NYN RT(1698266699284 1381) q(0 0 0 -1) r(2 2) U12
x-incap-sess-cookie-hdr: aqRtHY/VZwA3MoHdNgVPZEx+OWUAAAAA6EgtNhULeaB3FkgsFRUSOw==
server-timing: dtSInfo;desc="0", dtRpid;desc="747109655", dtTao;desc="1"
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js Show response
rfmodstage.risxfacs.com/sso/ 315 KB
116 KB 632ms
629ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6acf8d509e628a6a672effce8b5ab1d1797001eb69b3fb95c3cb321d567d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
x-cdn: Imperva
etag: "0d055084"
content-type: text/javascript; charset=utf-8
x-iinfo: 14-67174630-67172604 3CNN RT(1698266699284 1382) q(0 3 3 -1) r(4 5) U18
cache-control: max-age=29997800, public
content-length: 118056
expires: Mon, 07 Oct 2024 01:28:21 GMT

GET
H2 200 styles.2b6e41972814db69671c.css
rfmodstage.risxfacs.com/ 548 KB
86 KB 288ms
286ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/styles.2b6e41972814db69671c.css

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ad857a56b926e3199a3c306038b934e9f0150df591e5ca8165c04ed63050bcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 17:28:12 GMT
x-cdn: Imperva
etag: "01e749078b6d91:0"
content-type: text/css
x-iinfo: 14-67174630-67153455 3VNN RT(1698266699284 1347) q(0 0 0 -1) r(2 2) U18
content-length: 87693

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 138ms
50ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id={{GoogleUserId}}

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72b93cb90be7a9dc02a439c345b4b962ee4f83a2231ca4fcc652941c55188ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43690
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 20:07:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Oct 2023 20:45:01 GMT

GET
H2 200 runtime-es2015.7b09debbb384a74cacb4.js Show response
rfmodstage.risxfacs.com/ 3 KB
2 KB 827ms
824ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/runtime-es2015.7b09debbb384a74cacb4.js

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4b68ee97c87ce20ae728365d76955459f0059b4db1bbc816c606c9936c8294df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 17:28:12 GMT
x-cdn: Imperva
etag: "01e749078b6d91:0"
content-type: application/javascript
x-iinfo: 14-67174630-67166198 3VNN RT(1698266699284 1385) q(0 5 5 -1) r(7 7) U18
x-incap-sess-cookie-hdr: R5MBZ3s8mWc3MoHdNgVPZE1+OWUAAAAAunmVSkWtQDsS2VVQfNyYlA==
content-length: 1966

GET
H2 200 polyfills-es2015.e617d2383b56ba33818d.js Show response
rfmodstage.risxfacs.com/ 134 KB
47 KB 820ms
818ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/polyfills-es2015.e617d2383b56ba33818d.js

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d4a62404c654c495e71c753712e8d9d6ad99dcb28963b95f88a4f2eee836691c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 17:28:12 GMT
x-cdn: Imperva
etag: "01e749078b6d91:0"
content-type: application/javascript
x-iinfo: 14-67174630-67172501 3VNN RT(1698266699284 1388) q(0 5 5 -1) r(7 7) U18
x-incap-sess-cookie-hdr: mlirG/kJeQ43MoHdNgVPZE1+OWUAAAAAnz5FuNCGoKOOaTROE7OoGA==
content-length: 47995

GET
H2 200 scripts.249b57f742e05943bb06.js Show response
rfmodstage.risxfacs.com/ 145 KB
47 KB 234ms
233ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/scripts.249b57f742e05943bb06.js

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

68aedabc8b6e44b150c9aea7de9fefba61b69a0c29b9ff4fb121785660f8e6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 17:28:12 GMT
x-cdn: Imperva
etag: "01e749078b6d91:0"
content-type: application/javascript
x-iinfo: 14-67174630-67173496 3VNN RT(1698266699284 2205) q(0 0 0 -1) r(2 2) U18
content-length: 47963

GET
H2 200 main-es2015.efc858dad8687e83bb92.js Show response
rfmodstage.risxfacs.com/ 2 MB
537 KB 827ms
825ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/main-es2015.efc858dad8687e83bb92.js

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c9459b981593c623ae08809f5dfda47802786fb554174fa23e994aa5033a40c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rfmodstage.risxfacs.com/
Origin: https://rfmodstage.risxfacs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 17:28:12 GMT
x-cdn: Imperva
etag: "01e749078b6d91:0"
content-type: application/javascript
x-iinfo: 14-67174630-67172580 3VNN RT(1698266699284 1391) q(0 5 5 -1) r(7 7) U18
x-incap-sess-cookie-hdr: fE2kEMd8qBg3MoHdNgVPZE1+OWUAAAAAfPXzLSK9kwAZXuaOyQQMPQ==
content-length: 546132

GET
H2 200 _Incapsula_Resource Show response
rfmodstage.risxfacs.com/ 146 KB
21 KB 73ms
73ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=4&cb=1189607413

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20b4c46d198e3026b59a896d221495f96985e0b0447958ead647f819ddf49388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21069
content-type: application/javascript

GET
H2 200 ruxitagentjs_D_10275230919171419.js
rfmodstage.risxfacs.com/sso/ 42 KB
16 KB 243ms
243ms Other
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/sso/ruxitagentjs_D_10275230919171419.js

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

314a9a0fdb5542d4958b53b8048157e1d66b214178781135c3a27e25adbc6a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
x-iinfo: 14-67174630-67166198 3NNN RT(1698266699284 2191) q(0 0 0 -1) r(2 2) U18
cache-control: public, max-age=31536000, immutable
content-length: 15815
expires: Thu, 24 Oct 2024 20:45:02 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 160ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:01 GMT
Content-Encoding: gzip
Age: 735
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/669F)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 _Incapsula_Resource
rfmodstage.risxfacs.com/ 1 B
36 B 76ms
76ms Image
text/plain 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rfmodstage.risxfacs.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8922159626930619

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 369A 319 KB
104 KB 125ms
125ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Frfmodstage.risxfacs.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://rfmodstage.risxfacs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1383145
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 20:45:01 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 369A 869 B
659 B 279ms
167ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=02b35c561bfab12229f1350640bfecbaef66715c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Frfmodstage.risxfacs.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 117
date: Wed, 25 Oct 2023 20:45:01 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 25 Oct 2023 20:45:02 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 5884775e570e1ea4
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: d639f02d4d6a59b965ff995252981dcb0ab81dc86ea9b5de4dea4e9871019bec
content-length: 337

GET
H2 200 config.json Show response
rfmodstage.risxfacs.com/assets/config/ 353 B
510 B 399ms
398ms XHR
application/json 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/assets/config/config.json

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

b86a3a0b2685c566eeba11805cb2b9033dd9c3430046934214d2a692f63dad66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://rfmodstage.risxfacs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
x-dtpc: 6$266701648_664h2vNNRAMRKAKOMKWUFQOQNRWBOPLJIHHKSW-0e0, 6$266701648_664h2vTAUKWIUHVVMIFBIKODFNCQBKVSMUPTND-0e0, 6$266701648_664h2vPHQNIHKHNFFMGQGNBKRIFUPCUBJCFLEH-0e0

Response headers

date: Wed, 25 Oct 2023 20:45:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 19 Jul 2023 19:46:18 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "5c5d77b079bad91:0:dtagent10275230919171419vn1c"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json
x-iinfo: 14-67174630-67175146 NNNN CT(109 114 0) RT(1698266699284 2689) q(0 0 3 -1) r(4 4) U12
server-timing: dtSInfo;desc="0", dtRpid;desc="38442988"
accept-ranges: bytes
content-length: 227

GET
H2 200 / Show response
rfmodstage.risxfacs.com/ 3 KB
2 KB 170ms
170ms Script
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://rfmodstage.risxfacs.com/

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/main-es2015.efc858dad8687e83bb92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/8.0 / ASP.NET

Resource Hash

c07036ddb80d0dbb055960e3d527a69a13507f569434e4c690b3f3ce5bd988d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-powered-by: ASP.NET
x-oneagent-js-injection: true
x-iinfo: 14-67174630-67175146 PNNN RT(1698266699284 3087) q(0 0 0 -1) r(1 1) U12
server-timing: dtSInfo;desc="0", dtRpid;desc="736442375"
content-length: 1319
pragma: no-cache
last-modified: Fri, 14 Jul 2023 17:28:11 GMT
server: Microsoft-IIS/8.0
etag: "01e749078b6d91:0:dtagent10275230919171419vn1c"
vary: Accept-Encoding
content-type: text/html
cache-control: no-cache, no-store
accept-ranges: bytes
x-ruxit-js-agent: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openid-configuration
ssostage.gallagherbassett.com/.well-known/ 4 KB
2 KB 585ms
424ms XHR
application/json 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ssostage.gallagherbassett.com/.well-known/openid-configuration

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://*.luminos-gb.com https://staging.origamirisk.com/;
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rfmodstage.risxfacs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:02 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://*.luminos-gb.com https://staging.origamirisk.com/;
content-encoding: gzip
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-oneagent-js-injection: true
x-iinfo: 10-38148236-38148248 NNYN CT(108 113 0) RT(1698266702509 59) q(0 0 2 2) r(4 4) U4
server-timing: dtRpid;desc="1404964036", dtTao;desc="1", dtSInfo;desc="0"
pragma: no-cache
referrer-policy: origin
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rfmodstage.risxfacs.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: ef1kMaS94h1LOIHdNgVPZE5+OWUAAAAAhQsZwpIIvuQK+WqVNJ2Lqw==
timing-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 authorization.oauth2 Show response
ssostage.gallagherbassett.com/as/ 3 KB
2 KB 654ms
542ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ssostage.gallagherbassett.com/as/authorization.oauth2?client_id=GBRFSTG&redirect_uri=https%3A%2F%2Frfmodstage.risxfacs.com%2Fcode&response_type=code&scope=edit&state=dbad92efaa324969af4bc099f180f5a6&code_challenge=Dlh5iB1r3o455voDPevVG5lEnoVNyjvtXHntkjtGr8g&code_challenge_method=S256&prompt=login&response_mode=query

Requested by

Host: rfmodstage.risxfacs.com
URL: https://rfmodstage.risxfacs.com/main-es2015.efc858dad8687e83bb92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ac0c1ff7f2859ae2f24b043e4df580e8ce1ea527a1b4da6e79736ee7be565507

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.risxfacs.com https://.gallagherbassett.com https://*.luminos-gb.com https://staging.origamirisk.com/;
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rfmodstage.risxfacs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.risxfacs.com https://*.gallagherbassett.com https://*.luminos-gb.com https://staging.origamirisk.com/;
content-type: text/html;charset=utf-8
date: Wed, 25 Oct 2023 20:45:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
referrer-policy: origin
server-timing: dtRpid;desc="-1941046635", dtSInfo;desc="0"
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 14-67175347-67175361 NNYN CT(106 113 0) RT(1698266703070 64) q(0 0 2 -1) r(5 5) U12
x-incap-sess-cookie-hdr: TAZXL5OjSydLOIHdNgVPZE9+OWUAAAAA1Md2578tHty6b1GLDAaBkQ==
x-oneagent-js-injection: true

GET
H2 200 ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js Show response
ssostage.gallagherbassett.com/sso/ 315 KB
116 KB 167ms
166ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ssostage.gallagherbassett.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Requested by

Host: ssostage.gallagherbassett.com
URL: https://ssostage.gallagherbassett.com/as/authorization.oauth2?client_id=GBRFSTG&redirect_uri=https%3A%2F%2Frfmodstage.risxfacs.com%2Fcode&response_type=code&scope=edit&state=dbad92efaa324969af4bc099f180f5a6&code_challenge=Dlh5iB1r3o455voDPevVG5lEnoVNyjvtXHntkjtGr8g&code_challenge_method=S256&prompt=login&response_mode=query

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6acf8d509e628a6a672effce8b5ab1d1797001eb69b3fb95c3cb321d567d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssostage.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
x-cdn: Imperva
etag: "017ff7c0"
content-type: text/javascript; charset=utf-8
x-iinfo: 14-67175347-67172580 3CNN RT(1698266703070 615) q(0 0 0 2) r(1 1) U18
cache-control: max-age=29740486, public
content-length: 118056
expires: Fri, 04 Oct 2024 01:59:48 GMT

GET
H2 200 ruxitagentjs_D_10275230919171419.js
ssostage.gallagherbassett.com/sso/ 42 KB
16 KB 162ms
162ms Other
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ssostage.gallagherbassett.com/sso/ruxitagentjs_D_10275230919171419.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssostage.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
x-cdn: Imperva
etag: "3e77e981"
content-type: text/javascript; charset=utf-8
x-iinfo: 14-67175347-67172580 3CNN RT(1698266703070 966) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=29740485, public
content-length: 15815
expires: Fri, 04 Oct 2024 01:59:48 GMT

GET
H2 200 _Incapsula_Resource
ssostage.gallagherbassett.com/ 151 KB
21 KB 67ms
67ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ssostage.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1103399894

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssostage.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21604
content-type: application/javascript

POST
H/1.1 200
OK IdPApp Show response
stage.gallagherbassett.com/sso/app/startsso/ 5 KB
4 KB 562ms
394ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7633e7559141bf5b3a0bf63db8f4636e584d7bd298c7c8edcdf213fd25deea91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ssostage.gallagherbassett.com
Referer: https://ssostage.gallagherbassett.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 20:45:05 GMT
Server-Timing: dtSInfo;desc="0", dtRpid;desc="961466537", dtTao;desc="1"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Iinfo: 5-11036747-11036748 NNNN CT(106 113 0) RT(1698266704237 48) q(0 0 3 0) r(4 4) U6
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
x-incap-sess-cookie-hdr: wXs7cvgga0HQO4HdNgVPZFB+OWUAAAAAkSNciHn7CBpUsb8s/fOVew==

GET
H/1.1 200
OK ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js Show response
stage.gallagherbassett.com/sso/ 315 KB
116 KB 156ms
155ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6acf8d509e628a6a672effce8b5ab1d1797001eb69b3fb95c3cb321d567d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-CDN: Imperva
Etag: "0d055084"
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 5-11036747-11031228 3CNN RT(1698266704237 451) q(0 0 0 -1) r(1 1) U18
Cache-Control: max-age=29748819, public
Content-Length: 118056
Expires: Fri, 04 Oct 2024 04:18:42 GMT

GET
H/1.1 200
OK gbStyles3
stage.gallagherbassett.com/sso/lib/ 260 KB
48 KB 480ms
392ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/lib/gbStyles3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be532b88c5b02663e0240b914427e011b6cce820d1105300807a3e9fcc3d0c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
ETag: "1698266705:dtagent10275230919171419vn1c"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
X-Iinfo: 14-67175694-67175705 NNNN CT(105 108 0) RT(1698266704728 36) q(0 0 2 -1) r(4 4) U18
Cache-Control: public
Server-Timing: dtSInfo;desc="0", dtRpid;desc="377591575"
Content-Length: 47951
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK preload3 Show response
stage.gallagherbassett.com/sso/bundles/lib/ 697 KB
211 KB 494ms
406ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/bundles/lib/preload3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
ETag: "1698266705:dtagent10275230919171419vn1c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 12-54827082-54827090 NNNN CT(103 108 0) RT(1698266704728 36) q(0 0 2 -1) r(4 4) U18
Cache-Control: public
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1503805073"
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK startssojs3 Show response
stage.gallagherbassett.com/sso/bundles/ 68 KB
21 KB 478ms
386ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/bundles/startssojs3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

61576d149f5f791761087e7c32533056fc08b613de19879299a7920bf077892f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
ETag: "1698266705:dtagent10275230919171419vn1c"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 14-67175695-67175706 NNNN CT(108 114 0) RT(1698266704729 40) q(0 0 2 -1) r(4 4) U18
Cache-Control: public
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-115510879"
Content-Length: 20983
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK spinner.gif
stage.gallagherbassett.com/sso/SPA/Common/images/ 3 KB
3 KB 236ms
145ms Image
image/gif 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stage.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 09 Mar 2023 10:07:40 GMT
X-CDN: Imperva
Etag: "0be4afb6e52d91:0"
Content-Type: image/gif
X-Iinfo: 12-54827083-54822092 3CNN RT(1698266704729 40) q(0 0 0 -1) r(1 1) U18
Content-Length: 2704

GET
H/1.1 200
OK postload3 Show response
stage.gallagherbassett.com/sso/bundles/lib/ 390 KB
114 KB 503ms
412ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/bundles/lib/postload3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
ETag: "1698266705:dtagent10275230919171419vn1c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 9-29077327-29077340 NNNN CT(108 113 0) RT(1698266704729 40) q(0 0 2 -1) r(4 4) U18
Cache-Control: public
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-646885480"
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
stage.gallagherbassett.com/ 152 KB
22 KB 37ms
36ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1617014756

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2262bffb7f00fb5c4de0e4252205d3a4514aec7ba01ea737960d5b184d0dc221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 21887
Content-Type: application/javascript

GET
H/1.1 200
OK ruxitagentjs_D_10275230919171419.js
stage.gallagherbassett.com/sso/ 42 KB
16 KB 146ms
145ms Other
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/ruxitagentjs_D_10275230919171419.js

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

314a9a0fdb5542d4958b53b8048157e1d66b214178781135c3a27e25adbc6a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-CDN: Imperva
Etag: "974f6220"
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 5-11036747-11033224 3CNN RT(1698266704237 825) q(0 0 0 -1) r(1 1) U18
Cache-Control: max-age=29748820, public
Content-Length: 15815
Expires: Fri, 04 Oct 2024 04:18:45 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 91ms
27ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/bundles/lib/preload3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 19:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3213
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 21:51:33 GMT

POST
H/1.1 200
OK Primary Request SignIn Show response
stage.gallagherbassett.com/sso/App/ 13 KB
5 KB 165ms
165ms Document
text/html 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

adbb1619d72c217576cdec3b6fb856511dd7363d7a1f58f0a64ba8b6ae0a95ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://stage.gallagherbassett.com
Referer: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 20:45:06 GMT
Server-Timing: dtSInfo;desc="0", dtRpid;desc="170408709", dtTao;desc="1"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-CDN: Imperva
X-Iinfo: 12-54827082-54827090 SNNN RT(1698266704728 1079) q(0 0 0 -1) r(1 1) U6
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
x-incap-sess-cookie-hdr: j6CFXBzdMAnQO4HdNgVPZFF+OWUAAAAAjETIrjwviXllsszopawDCw==

POST
H2 200 collect
www.google-analytics.com/j/ 15 B
228 B 36ms
36ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=814860888&t=pageview&_s=1&dl=https%3A%2F%2Fstage.gallagherbassett.com%2Fsso%2Fapp%2Fstartsso%2FIdPApp&dr=https%3A%2F%2Fssostage.gallagherbassett.com%2F&dp=%2Fapp%2Fstartsso%2FIdPApp&ul=en-us&de=UTF-8&dt=startsso%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAC~&jid=617097990&gjid=1150070433&cid=96178262.1698266706&tid=UA-44339965-12&_gid=421086431.1698266706&_r=1&_slc=1&z=1473083827

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stage.gallagherbassett.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 20:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stage.gallagherbassett.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 128 KB
0 47ms
46ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HE9KEENWV3&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 20:45:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 20:45:06 GMT

GET
H/1.1 200
OK ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js Show response
stage.gallagherbassett.com/sso/ 315 KB
116 KB 39ms
38ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/ruxitagentjs_ICA27NQVfgqrux_10275230919171419.js

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b6acf8d509e628a6a672effce8b5ab1d1797001eb69b3fb95c3cb321d567d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-CDN: Imperva
Etag: "0d055084"
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 12-54827082-0 0CNN RT(1698266704728 1247) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=29748818, public
Content-Length: 118056
Expires: Fri, 04 Oct 2024 04:18:43 GMT

GET
H/1.1 200
OK gbStyles3
stage.gallagherbassett.com/sso/lib/ 260 KB
47 KB 54ms
44ms Stylesheet
text/css 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/lib/gbStyles3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be532b88c5b02663e0240b914427e011b6cce820d1105300807a3e9fcc3d0c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
Etag: "1698266705:dtagent10275230919171419vn1c"
Content-Type: text/css; charset=utf-8
X-Iinfo: 9-29077327-0 0CNN RT(1698266704729 1254) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=31536000, public
Content-Length: 47951
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK preload3 Show response
stage.gallagherbassett.com/sso/bundles/lib/ 697 KB
211 KB 50ms
41ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/bundles/lib/preload3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
Etag: "1698266705:dtagent10275230919171419vn1c"
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 14-67175694-0 0CNN RT(1698266704728 1255) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=31536000, public
Content-Length: 215365
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK signinjs3
stage.gallagherbassett.com/sso/bundles/ 73 KB
22 KB 169ms
160ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/bundles/signinjs3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:05 GMT
X-CDN: Imperva
ETag: "1698266706:dtagent10275230919171419vn1c"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 5-11036747-11036748 SNNN RT(1698266704237 1746) q(0 0 0 -1) r(2 2) U18
Cache-Control: public
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1524096541"
Content-Length: 21931
Expires: Thu, 24 Oct 2024 20:45:06 GMT

GET
H/1.1 200
OK spinner.gif
stage.gallagherbassett.com/sso/SPA/Common/images/ 3 KB
3 KB 54ms
45ms Image
image/gif 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stage.gallagherbassett.com/sso/SPA/Common/images/spinner.gif

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 09 Mar 2023 10:07:40 GMT
X-CDN: Imperva
Etag: "0be4afb6e52d91:0"
Content-Type: image/gif
X-Iinfo: 14-67175695-0 0CNN RT(1698266704729 1257) q(0 -1 -1 -1) r(0 -1)
Content-Length: 2704

GET
H/1.1 200
OK Do_not_show_again.png
stage.gallagherbassett.com/sso/images/ 2 KB
2 KB 154ms
145ms Image
image/png 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stage.gallagherbassett.com/sso/images/Do_not_show_again.png

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e39e65775ff6018483e76169bc639c43e0fc016967cd853cd3b47217594cd6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 09 Mar 2023 10:07:36 GMT
X-CDN: Imperva
Etag: "064e8f86e52d91:0"
Content-Type: image/png
X-Iinfo: 12-54827083-54822326 3CNN RT(1698266704729 1255) q(0 0 0 -1) r(1 1) U18
Content-Length: 1652

GET
H/1.1 200
OK postload3
stage.gallagherbassett.com/sso/bundles/lib/ 390 KB
114 KB 46ms
46ms Script
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/bundles/lib/postload3

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 25 Oct 2023 20:45:04 GMT
X-CDN: Imperva
Etag: "1698266705:dtagent10275230919171419vn1c"
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 9-29077327-0 0CNN RT(1698266704729 1317) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=31535999, public
Content-Length: 115841
Expires: Thu, 24 Oct 2024 20:45:05 GMT

GET
H/1.1 200
OK _Incapsula_Resource
stage.gallagherbassett.com/ 142 KB
20 KB 47ms
47ms Script
application/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=10&cb=1388258073

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 20384
Content-Type: application/javascript

GET
H/1.1 200
OK ruxitagentjs_D_10275230919171419.js
stage.gallagherbassett.com/sso/ 42 KB
16 KB 46ms
45ms Other
text/javascript 45.60.123.80
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://stage.gallagherbassett.com/sso/ruxitagentjs_D_10275230919171419.js

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/App/SignIn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.123.80 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

314a9a0fdb5542d4958b53b8048157e1d66b214178781135c3a27e25adbc6a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/sso/App/SignIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 20:45:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-CDN: Imperva
Etag: "974f6220"
Content-Type: text/javascript; charset=utf-8
X-Iinfo: 14-67175695-0 0CNN RT(1698266704729 1320) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=29748819, public
Content-Length: 15815
Expires: Fri, 04 Oct 2024 04:18:45 GMT

GET
H3 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/bundles/lib/preload3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stage.gallagherbassett.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 19:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3213
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 25 Oct 2023 21:51:33 GMT

GET cmPrivacyPolicyVw.html
stage.gallagherbassett.com/sso/SPA/Common/privacyPolicy/ 0
0

GET gbBg5.jpg
stage.gallagherbassett.com/sso/images/ 0
0

GET glyphicons-halflings-regular.woff
stage.gallagherbassett.com/sso/lib/bootstrap/fonts/ 0
0

GET gbLogo.png
stage.gallagherbassett.com/sso/images/ 0
0

POST GetMessages
stage.gallagherbassett.com/ssoapi/API/APP/ 0
0

POST collect
www.google-analytics.com/j/ 0
0

GET _Incapsula_Resource
stage.gallagherbassett.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/SPA/Common/privacyPolicy/cmPrivacyPolicyVw.html

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/images/gbBg5.jpg

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/lib/bootstrap/fonts/glyphicons-halflings-regular.woff

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/sso/images/gbLogo.png

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/ssoapi/API/APP/GetMessages

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/ssoapi/API/APP/GetMessages

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1328667509&t=pageview&_s=1&dl=https%3A%2F%2Fstage.gallagherbassett.com%2Fsso%2FApp%2FSignIn&dp=%2FApp%2FSignIn&ul=en-us&de=UTF-8&dt=SignIn%20SPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAAABAAAAACAC~&jid=&gjid=&cid=96178262.1698266706&tid=UA-44339965-12&_gid=421086431.1698266706&_slc=1&z=105443981

Domain: stage.gallagherbassett.com
URL: https://stage.gallagherbassett.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5897276729884966

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dT_ object| dtrum object| dynatrace

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.risxfacs.com/	1970-01-21 00:28:44	Name: visid_incap_2456713 Value: 9EApTx+HSJuCUZQQxqZt20t+OWUAAAAAQUIPAAAAAAD8txE0pnEwnlVsZi0d58CI
.risxfacs.com/	1969-12-31 23:59:59	Name: incap_ses_7228_2456713 Value: anYtd7nYxBM3MoHdNgVPZEt+OWUAAAAA+j6qyKjT1eaKykd07iIYRQ==
.risxfacs.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_6_sn_241306319F15B328ED0675C4FD5984A9_perc_100000_ol_0_mul_1_app-3Ab630504825da2131_0_rcs-3Acss_0
rfmodstage.risxfacs.com/	1969-12-31 23:59:59	Name: BIGipServerrfmodstage.risxfacs.com.tcp.80 Value: 2758867466.20480.0000
.risxfacs.com/	1969-12-31 23:59:59	Name: nlbi_2456713 Value: u2e5Dy9Ujzqsu2uXqHBdJgAAAADDPaW8dW+My5uqt/wiJowW
.gallagherbassett.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_4_sn_5F469D45298196562C101E8356C46763_perc_100000_ol_0_mul_1_app-3Ab630504825da2131_0_rcs-3Acss_0
ssostage.gallagherbassett.com/	1969-12-31 23:59:59	Name: PF Value: jskWpBQO2G6NS61zsw31tS
.gallagherbassett.com/	1970-01-21 00:28:44	Name: visid_incap_2617458 Value: ldQ5vaUCRQeZ3nxQl1+cyk9+OWUAAAAAQUIPAAAAAABl1QKZLj+I7RS2p1TWLWns
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_7228_2617458 Value: ZBygfGToBXpsOoHdNgVPZE9+OWUAAAAAIqMW62+D+zO2DnTzH+wW7w==
stage.gallagherbassett.com/	1970-01-21 01:20:26	Name: mKey Value: 1651e5e9-8ab8-41d1-b098-475ded39934e
.gallagherbassett.com/	1970-01-21 00:28:44	Name: visid_incap_2456712 Value: 7Zp3GdemRdavFd5NBuI9p1B+OWUAAAAAQUIPAAAAAACV237TuAgtF8OsNqH/6mwz
.gallagherbassett.com/	1969-12-31 23:59:59	Name: incap_ses_7228_2456712 Value: OhhBFhFctlnQO4HdNgVPZFB+OWUAAAAAkKJSTaE/lhq/+0lB2mp44w==
.stage.gallagherbassett.com/	1970-01-21 01:20:26	Name: _ga Value: GA1.3.96178262.1698266706
.stage.gallagherbassett.com/	1970-01-20 15:45:53	Name: _gid Value: GA1.3.421086431.1698266706
.stage.gallagherbassett.com/	1970-01-20 15:44:26	Name: _gat Value: 1
.gallagherbassett.com/	1969-12-31 23:59:59	Name: nlbi_2456712 Value: csouBxNzL3PNIeeAAYvSbgAAAADLNshg3taT2dtOMCUD15nj

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://stage.gallagherbassett.com/sso/app/startsso/IdPApp(Line 9) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.
security	error	URL: https://stage.gallagherbassett.com/sso/App/SignIn(Line 9) Message: X-Frame-Options may only be set via an HTTP header sent along with a document. It may not be set inside <meta>.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

platform.twitter.com
rfmodstage.risxfacs.com
ssostage.gallagherbassett.com
stage.gallagherbassett.com
syndication.twitter.com
www.google-analytics.com
www.googletagmanager.com
stage.gallagherbassett.com
www.google-analytics.com
104.244.42.200
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
45.60.123.80
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
169bf67dc0fb6aeb760bb00b820f337d9878e898d58129358c623d97ce854b21
20b4c46d198e3026b59a896d221495f96985e0b0447958ead647f819ddf49388
2262bffb7f00fb5c4de0e4252205d3a4514aec7ba01ea737960d5b184d0dc221
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
314a9a0fdb5542d4958b53b8048157e1d66b214178781135c3a27e25adbc6a0a
337b72d488e45cf7b40593e55b3b857c4e6d613210b69bb063bfd76ed359a7ed
406aef1045dfbca29016bc4b33d57401f06f144529c89d6e9d08937537b83d40
4b68ee97c87ce20ae728365d76955459f0059b4db1bbc816c606c9936c8294df
4c463e02509bd9ab8787f6e37f2e926d405e5e22be38643264746c4ddc6755cb
575c5c6b47d3c4cc664eabe26b1172c5a54ec94da14d77c5acdc1d2677bed292
61576d149f5f791761087e7c32533056fc08b613de19879299a7920bf077892f
68aedabc8b6e44b150c9aea7de9fefba61b69a0c29b9ff4fb121785660f8e6f8
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
72b93cb90be7a9dc02a439c345b4b962ee4f83a2231ca4fcc652941c55188ebd
7633e7559141bf5b3a0bf63db8f4636e584d7bd298c7c8edcdf213fd25deea91
8110f06c9499a2fdd399d30e584211486144fd6b2f27d073027f735bb3a01bd7
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
ac0c1ff7f2859ae2f24b043e4df580e8ce1ea527a1b4da6e79736ee7be565507
ad857a56b926e3199a3c306038b934e9f0150df591e5ca8165c04ed63050bcab
adbb1619d72c217576cdec3b6fb856511dd7363d7a1f58f0a64ba8b6ae0a95ea
afadf555b734ddc0ce5f7e97510558b910515edbccbd148df2c08511d4225eef
b6acf8d509e628a6a672effce8b5ab1d1797001eb69b3fb95c3cb321d567d500
b86a3a0b2685c566eeba11805cb2b9033dd9c3430046934214d2a692f63dad66
be532b88c5b02663e0240b914427e011b6cce820d1105300807a3e9fcc3d0c21
c07036ddb80d0dbb055960e3d527a69a13507f569434e4c690b3f3ce5bd988d6
c48c53c7c8a30b331c618dac2828af05d6771713141a624a7d6b6958dc88f767
c9459b981593c623ae08809f5dfda47802786fb554174fa23e994aa5033a40c1
d4a62404c654c495e71c753712e8d9d6ad99dcb28963b95f88a4f2eee836691c
e39e65775ff6018483e76169bc639c43e0fc016967cd853cd3b47217594cd6bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

stage.gallagherbassett.com Open in urlscan Pro 45.60.123.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

86 %HTTPS

60 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

2846 kBTransfer

9064 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stage.gallagherbassett.com Open in urlscan Pro
45.60.123.80 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

86 %
HTTPS

60 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

2846 kB
Transfer

9064 kB
Size

16
Cookies

57 HTTP transactions
0 data transactions