urlscan.io logo urlscan.io
SecurityTrails logo

adfs.willis.com Open in urlscan Pro
89.28.188.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://willistowerswatson.brightidea.com/D3889
Effective URL: https://adfs.willis.com/adfs/ls/
Submission: On October 05 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 89.28.188.97, located in United Kingdom and belongs to WGSLEDC, GB. The main domain is adfs.willis.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 14th 2019. Valid for: 2 years.
This is the only time adfs.willis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 3.224.109.149 14618 (AMAZON-AES)
4 89.28.188.97 199675 (WGSLEDC)
7 2
Apex Domain
Subdomains		 Transfer
4 willis.com
adfs.willis.com
214 KB
4 brightidea.com
willistowerswatson.brightidea.com
3 KB
7 2
Domain Requested by
4 adfs.willis.com adfs.willis.com
4 willistowerswatson.brightidea.com 1 redirects willistowerswatson.brightidea.com
7 2

This site contains links to these domains. Also see Links.

Domain
aka.ms
Subject Issuer Validity Valid
*.brightidea.com
Amazon		 2021-02-06 -
2022-03-07		 a year crt.sh
adfs.willis.com
GlobalSign RSA OV SSL CA 2018		 2019-10-14 -
2021-12-26		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://adfs.willis.com/adfs/ls/
Frame ID: 5AD0E546AA64348137F575743C14D03A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://willistowerswatson.brightidea.com/D3889 HTTP 302
    https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613 Page URL
  2. https://adfs.willis.com/adfs/ls/ Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

216 kB
Transfer

214 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://willistowerswatson.brightidea.com/D3889 HTTP 302
    https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613 Page URL
  2. https://adfs.willis.com/adfs/ls/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://willistowerswatson.brightidea.com/D3889 HTTP 302
  • https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
28
willistowerswatson.brightidea.com/_saml/start/
Redirect Chain
  • https://willistowerswatson.brightidea.com/D3889
  • https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.109.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-109-149.compute-1.amazonaws.com
Software
/
Resource Hash
b090d4105bfc9f0451b2d9d3881fe482e81c5c9da363704abf7204f0934d65a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
willistowerswatson.brightidea.com
:scheme
https
:path
/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
csrf=Ybhqfn2Bxm1s27n1EKdPiFV%7EKAo8V72VFPD_ioPDs4yElqLHV6hYJlb; sso_target_url=https%3A%2F%2Fwillistowerswatson.brightidea.com%2FD3889; redirect=707417d952cd97fe8340e08c7d35da22dce44acd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 22:58:57 GMT
content-type
text/html; charset=UTF-8
content-length
1247
server
p3p
CP="brightidea_is_not_a_potato"
cache-control
no-cache, no-store
set-cookie
sso_target_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly SimpleSAMLSessionID=c2c977190c351a6c431564692a85c564; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip
x-instance-id
i-0e45f77f7c8240321
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

date
Tue, 05 Oct 2021 22:58:57 GMT
content-type
text/html; charset=UTF-8
content-length
0
server
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
p3p
CP="brightidea_is_not_a_potato"
strict-transport-security
max-age=8640000
set-cookie
csrf=Ybhqfn2Bxm1s27n1EKdPiFV%7EKAo8V72VFPD_ioPDs4yElqLHV6hYJlb; path=/; secure; HttpOnly sso_target_url=https%3A%2F%2Fwillistowerswatson.brightidea.com%2FD3889; expires=Tue, 05-Oct-2021 23:00:57 GMT; Max-Age=120; path=/; secure; HttpOnly redirect=707417d952cd97fe8340e08c7d35da22dce44acd; expires=Tue, 05-Oct-2021 23:00:57 GMT; Max-Age=120; path=/; secure; HttpOnly
location
/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
x-instance-id
i-063c9025de70839c0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
post.js
willistowerswatson.brightidea.com/CORE/JAVASCRIPT/saml/resources/ 		175 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://willistowerswatson.brightidea.com/CORE/JAVASCRIPT/saml/resources/post.js
Requested by
Host: willistowerswatson.brightidea.com
URL: https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.109.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-109-149.compute-1.amazonaws.com
Software
/
Resource Hash
8ce6fed116718a4c028e57b69a4a33b61cec7abce7b66a8d027160bff5043048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/CORE/JAVASCRIPT/saml/resources/post.js
pragma
no-cache
cookie
csrf=Ybhqfn2Bxm1s27n1EKdPiFV%7EKAo8V72VFPD_ioPDs4yElqLHV6hYJlb; redirect=707417d952cd97fe8340e08c7d35da22dce44acd; SimpleSAMLSessionID=c2c977190c351a6c431564692a85c564
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
willistowerswatson.brightidea.com
referer
https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 22:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 20:58:18 GMT
server
etag
"af-5cd2896ec2e80-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
161
x-xss-protection
1; mode=block
x-instance-id
i-0d3e09b5d6dab0630
post.css
willistowerswatson.brightidea.com/CORE/JAVASCRIPT/saml/resources/ 		49 B
288 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://willistowerswatson.brightidea.com/CORE/JAVASCRIPT/saml/resources/post.css
Requested by
Host: willistowerswatson.brightidea.com
URL: https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.109.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-109-149.compute-1.amazonaws.com
Software
/
Resource Hash
3f9d048692e5bd3124a58001bbe28baa05fafe0ef2f179fca97bc32ca0b1f640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/CORE/JAVASCRIPT/saml/resources/post.css
pragma
no-cache
cookie
csrf=Ybhqfn2Bxm1s27n1EKdPiFV%7EKAo8V72VFPD_ioPDs4yElqLHV6hYJlb; redirect=707417d952cd97fe8340e08c7d35da22dce44acd; SimpleSAMLSessionID=c2c977190c351a6c431564692a85c564
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
willistowerswatson.brightidea.com
referer
https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://willistowerswatson.brightidea.com/_saml/start/28?campaign_id=BB375896-799D-11EA-B522-0EE235045613
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 22:58:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 20:58:18 GMT
server
etag
"31-5cd2896ec2e80"
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
49
x-xss-protection
1; mode=block
x-instance-id
i-063c9025de70839c0
Primary Request Cookie set /
adfs.willis.com/adfs/ls/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfs.willis.com/adfs/ls/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.28.188.97 , United Kingdom, ASN199675 (WGSLEDC, GB),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
99ff6bced340ce322b90b00c80b7b34694343374407ca5bb7d251f1b8ae659bc
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
adfs.willis.com
Connection
keep-alive
Content-Length
822
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://willistowerswatson.brightidea.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://willistowerswatson.brightidea.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://willistowerswatson.brightidea.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://willistowerswatson.brightidea.com/

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Length
19184
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY
P3P
ADFS doesn't have P3P policy, please contact your site's admin for more details
Set-Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMud2lsbGlzLmNvbSUzYTQ0MyUyZmFkZnMlMmZscyUyZlxTQU1MUmVxdWVzdD1QSE5oYld4d09rRjFkR2h1VW1WeGRXVnpkQ0I0Yld4dWN6cHpZVzFzY0QwaWRYSnVPbTloYzJsek9tNWhiV1Z6T25Sak9sTkJUVXc2TWk0d09uQnliM1J2WTI5c0lpQjRiV3h1Y3pwellXMXNQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WVhOelpYSjBhVzl1SWlCSlJEMGlYekJqWW1VellXUTJZMk5oWlRFeE5qZG1OamhsWVdKbU5UWXlOV1ZsWm1ObU5ETXpObVkxTWprM1pDSWdWbVZ5YzJsdmJqMGlNaTR3SWlCSmMzTjFaVWx1YzNSaGJuUTlJakl3TWpFdE1UQXRNRFZVTWpJNk5UZzZOVGRhSWlCRVpYTjBhVzVoZEdsdmJqMGlhSFIwY0hNNkx5OWhaR1p6TG5kcGJHeHBjeTVqYjIwdllXUm1jeTlzY3k4aUlFRnpjMlZ5ZEdsdmJrTnZibk4xYldWeVUyVnlkbWxqWlZWU1REMGlhSFIwY0hNNkx5OTNhV3hzYVhOMGIzZGxjbk4zWVhSemIyNHVZbkpwWjJoMGFXUmxZUzVqYjIwdlgzTmhiV3dpSUZCeWIzUnZZMjlzUW1sdVpHbHVaejBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T21KcGJtUnBibWR6T2toVVZGQXRVRTlUVkNJJTJiUEhOaGJXdzZTWE56ZFdWeVBtaDBkSEJ6T2k4dmQybHNiR2x6ZEc5M1pYSnpkMkYwYzI5dUxtSnlhV2RvZEdsa1pXRXVZMjl0UEM5ellXMXNPa2x6YzNWbGNqNDhjMkZ0YkhBNlRtRnRaVWxFVUc5c2FXTjVJRVp2Y20xaGREMGlkWEp1T205aGMybHpPbTVoYldWek9uUmpPbE5CVFV3Nk1TNHhPbTVoYldWcFpDMW1iM0p0WVhRNmRXNXpjR1ZqYVdacFpXUWlJRUZzYkc5M1EzSmxZWFJsUFNKMGNuVmxJaTglMmJQQzl6WVcxc2NEcEJkWFJvYmxKbGNYVmxjM1ElMmJcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVA==; path=/adfs; HttpOnly; Secure; SameSite=None
Date
Tue, 05 Oct 2021 22:58:57 GMT
style.css
adfs.willis.com/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfs.willis.com/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Requested by
Host: adfs.willis.com
URL: https://adfs.willis.com/adfs/ls/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.28.188.97 , United Kingdom, ASN199675 (WGSLEDC, GB),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
adfs.willis.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://adfs.willis.com/adfs/ls/
Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMud2lsbGlzLmNvbSUzYTQ0MyUyZmFkZnMlMmZscyUyZlxTQU1MUmVxdWVzdD1QSE5oYld4d09rRjFkR2h1VW1WeGRXVnpkQ0I0Yld4dWN6cHpZVzFzY0QwaWRYSnVPbTloYzJsek9tNWhiV1Z6T25Sak9sTkJUVXc2TWk0d09uQnliM1J2WTI5c0lpQjRiV3h1Y3pwellXMXNQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WVhOelpYSjBhVzl1SWlCSlJEMGlYekJqWW1VellXUTJZMk5oWlRFeE5qZG1OamhsWVdKbU5UWXlOV1ZsWm1ObU5ETXpObVkxTWprM1pDSWdWbVZ5YzJsdmJqMGlNaTR3SWlCSmMzTjFaVWx1YzNSaGJuUTlJakl3TWpFdE1UQXRNRFZVTWpJNk5UZzZOVGRhSWlCRVpYTjBhVzVoZEdsdmJqMGlhSFIwY0hNNkx5OWhaR1p6TG5kcGJHeHBjeTVqYjIwdllXUm1jeTlzY3k4aUlFRnpjMlZ5ZEdsdmJrTnZibk4xYldWeVUyVnlkbWxqWlZWU1REMGlhSFIwY0hNNkx5OTNhV3hzYVhOMGIzZGxjbk4zWVhSemIyNHVZbkpwWjJoMGFXUmxZUzVqYjIwdlgzTmhiV3dpSUZCeWIzUnZZMjlzUW1sdVpHbHVaejBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T21KcGJtUnBibWR6T2toVVZGQXRVRTlUVkNJJTJiUEhOaGJXdzZTWE56ZFdWeVBtaDBkSEJ6T2k4dmQybHNiR2x6ZEc5M1pYSnpkMkYwYzI5dUxtSnlhV2RvZEdsa1pXRXVZMjl0UEM5ellXMXNPa2x6YzNWbGNqNDhjMkZ0YkhBNlRtRnRaVWxFVUc5c2FXTjVJRVp2Y20xaGREMGlkWEp1T205aGMybHpPbTVoYldWek9uUmpPbE5CVFV3Nk1TNHhPbTVoYldWcFpDMW1iM0p0WVhRNmRXNXpjR1ZqYVdacFpXUWlJRUZzYkc5M1EzSmxZWFJsUFNKMGNuVmxJaTglMmJQQzl6WVcxc2NEcEJkWFJvYmxKbGNYVmxjM1ElMmJcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVA==
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.willis.com/adfs/ls/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 22:58:57 GMT
Expires
Thu, 04 Nov 2021 23:58:58 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Content-Length
8144
Content-Type
text/css
logo.jpg
adfs.willis.com/adfs/portal/logo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.willis.com/adfs/portal/logo/logo.jpg?id=E8D1AF7B7A5F6AFC1E4D3D31E95E3340571DB22B1A4AFCC6A0D355FD022A1E65
Requested by
Host: adfs.willis.com
URL: https://adfs.willis.com/adfs/ls/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.28.188.97 , United Kingdom, ASN199675 (WGSLEDC, GB),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e8d1af7b7a5f6afc1e4d3d31e95e3340571db22b1a4afcc6a0d355fd022a1e65

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
adfs.willis.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://adfs.willis.com/adfs/ls/
Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMud2lsbGlzLmNvbSUzYTQ0MyUyZmFkZnMlMmZscyUyZlxTQU1MUmVxdWVzdD1QSE5oYld4d09rRjFkR2h1VW1WeGRXVnpkQ0I0Yld4dWN6cHpZVzFzY0QwaWRYSnVPbTloYzJsek9tNWhiV1Z6T25Sak9sTkJUVXc2TWk0d09uQnliM1J2WTI5c0lpQjRiV3h1Y3pwellXMXNQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WVhOelpYSjBhVzl1SWlCSlJEMGlYekJqWW1VellXUTJZMk5oWlRFeE5qZG1OamhsWVdKbU5UWXlOV1ZsWm1ObU5ETXpObVkxTWprM1pDSWdWbVZ5YzJsdmJqMGlNaTR3SWlCSmMzTjFaVWx1YzNSaGJuUTlJakl3TWpFdE1UQXRNRFZVTWpJNk5UZzZOVGRhSWlCRVpYTjBhVzVoZEdsdmJqMGlhSFIwY0hNNkx5OWhaR1p6TG5kcGJHeHBjeTVqYjIwdllXUm1jeTlzY3k4aUlFRnpjMlZ5ZEdsdmJrTnZibk4xYldWeVUyVnlkbWxqWlZWU1REMGlhSFIwY0hNNkx5OTNhV3hzYVhOMGIzZGxjbk4zWVhSemIyNHVZbkpwWjJoMGFXUmxZUzVqYjIwdlgzTmhiV3dpSUZCeWIzUnZZMjlzUW1sdVpHbHVaejBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T21KcGJtUnBibWR6T2toVVZGQXRVRTlUVkNJJTJiUEhOaGJXdzZTWE56ZFdWeVBtaDBkSEJ6T2k4dmQybHNiR2x6ZEc5M1pYSnpkMkYwYzI5dUxtSnlhV2RvZEdsa1pXRXVZMjl0UEM5ellXMXNPa2x6YzNWbGNqNDhjMkZ0YkhBNlRtRnRaVWxFVUc5c2FXTjVJRVp2Y20xaGREMGlkWEp1T205aGMybHpPbTVoYldWek9uUmpPbE5CVFV3Nk1TNHhPbTVoYldWcFpDMW1iM0p0WVhRNmRXNXpjR1ZqYVdacFpXUWlJRUZzYkc5M1EzSmxZWFJsUFNKMGNuVmxJaTglMmJQQzl6WVcxc2NEcEJkWFJvYmxKbGNYVmxjM1ElMmJcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVA==
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.willis.com/adfs/ls/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 22:58:57 GMT
Expires
Thu, 04 Nov 2021 23:58:58 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
E8D1AF7B7A5F6AFC1E4D3D31E95E3340571DB22B1A4AFCC6A0D355FD022A1E65
Content-Length
5728
Content-Type
image/jpg
illustration.jpg
adfs.willis.com/adfs/portal/illustration/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.willis.com/adfs/portal/illustration/illustration.jpg?id=8F4980AEA6C24E938C044C272D51FEBCDCC11A1A3C0C1A2BA7A42EB8E86253A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.28.188.97 , United Kingdom, ASN199675 (WGSLEDC, GB),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8f4980aea6c24e938c044c272d51febcdcc11a1a3c0c1a2ba7a42eb8e86253a1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
adfs.willis.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://adfs.willis.com/adfs/ls/
Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMud2lsbGlzLmNvbSUzYTQ0MyUyZmFkZnMlMmZscyUyZlxTQU1MUmVxdWVzdD1QSE5oYld4d09rRjFkR2h1VW1WeGRXVnpkQ0I0Yld4dWN6cHpZVzFzY0QwaWRYSnVPbTloYzJsek9tNWhiV1Z6T25Sak9sTkJUVXc2TWk0d09uQnliM1J2WTI5c0lpQjRiV3h1Y3pwellXMXNQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WVhOelpYSjBhVzl1SWlCSlJEMGlYekJqWW1VellXUTJZMk5oWlRFeE5qZG1OamhsWVdKbU5UWXlOV1ZsWm1ObU5ETXpObVkxTWprM1pDSWdWbVZ5YzJsdmJqMGlNaTR3SWlCSmMzTjFaVWx1YzNSaGJuUTlJakl3TWpFdE1UQXRNRFZVTWpJNk5UZzZOVGRhSWlCRVpYTjBhVzVoZEdsdmJqMGlhSFIwY0hNNkx5OWhaR1p6TG5kcGJHeHBjeTVqYjIwdllXUm1jeTlzY3k4aUlFRnpjMlZ5ZEdsdmJrTnZibk4xYldWeVUyVnlkbWxqWlZWU1REMGlhSFIwY0hNNkx5OTNhV3hzYVhOMGIzZGxjbk4zWVhSemIyNHVZbkpwWjJoMGFXUmxZUzVqYjIwdlgzTmhiV3dpSUZCeWIzUnZZMjlzUW1sdVpHbHVaejBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T21KcGJtUnBibWR6T2toVVZGQXRVRTlUVkNJJTJiUEhOaGJXdzZTWE56ZFdWeVBtaDBkSEJ6T2k4dmQybHNiR2x6ZEc5M1pYSnpkMkYwYzI5dUxtSnlhV2RvZEdsa1pXRXVZMjl0UEM5ellXMXNPa2x6YzNWbGNqNDhjMkZ0YkhBNlRtRnRaVWxFVUc5c2FXTjVJRVp2Y20xaGREMGlkWEp1T205aGMybHpPbTVoYldWek9uUmpPbE5CVFV3Nk1TNHhPbTVoYldWcFpDMW1iM0p0WVhRNmRXNXpjR1ZqYVdacFpXUWlJRUZzYkc5M1EzSmxZWFJsUFNKMGNuVmxJaTglMmJQQzl6WVcxc2NEcEJkWFJvYmxKbGNYVmxjM1ElMmJcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVA==
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.willis.com/adfs/ls/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 22:58:57 GMT
Expires
Thu, 04 Nov 2021 23:58:58 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
8F4980AEA6C24E938C044C272D51FEBCDCC11A1A3C0C1A2BA7A42EB8E86253A1
Content-Length
183445
Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage string| domain_hint string| mfaSecondFactorErr string| mfaProofupMessage object| authArea object| errorMessage undefined| openingMessage undefined| errorDetailsLink undefined| mfaRegisterUrl

4 Cookies

Domain/Path Name / Value
adfs.willis.com/adfs Name: MSISSamlRequest
Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMud2lsbGlzLmNvbSUzYTQ0MyUyZmFkZnMlMmZscyUyZlxTQU1MUmVxdWVzdD1QSE5oYld4d09rRjFkR2h1VW1WeGRXVnpkQ0I0Yld4dWN6cHpZVzFzY0QwaWRYSnVPbTloYzJsek9tNWhiV1Z6T25Sak9sTkJUVXc2TWk0d09uQnliM1J2WTI5c0lpQjRiV3h1Y3pwellXMXNQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WVhOelpYSjBhVzl1SWlCSlJEMGlYekJqWW1VellXUTJZMk5oWlRFeE5qZG1OamhsWVdKbU5UWXlOV1ZsWm1ObU5ETXpObVkxTWprM1pDSWdWbVZ5YzJsdmJqMGlNaTR3SWlCSmMzTjFaVWx1YzNSaGJuUTlJakl3TWpFdE1UQXRNRFZVTWpJNk5UZzZOVGRhSWlCRVpYTjBhVzVoZEdsdmJqMGlhSFIwY0hNNkx5OWhaR1p6TG5kcGJHeHBjeTVqYjIwdllXUm1jeTlzY3k4aUlFRnpjMlZ5ZEdsdmJrTnZibk4xYldWeVUyVnlkbWxqWlZWU1REMGlhSFIwY0hNNkx5OTNhV3hzYVhOMGIzZGxjbk4zWVhSemIyNHVZbkpwWjJoMGFXUmxZUzVqYjIwdlgzTmhiV3dpSUZCeWIzUnZZMjlzUW1sdVpHbHVaejBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T21KcGJtUnBibWR6T2toVVZGQXRVRTlUVkNJJTJiUEhOaGJXdzZTWE56ZFdWeVBtaDBkSEJ6T2k4dmQybHNiR2x6ZEc5M1pYSnpkMkYwYzI5dUxtSnlhV2RvZEdsa1pXRXVZMjl0UEM5ellXMXNPa2x6YzNWbGNqNDhjMkZ0YkhBNlRtRnRaVWxFVUc5c2FXTjVJRVp2Y20xaGREMGlkWEp1T205aGMybHpPbTVoYldWek9uUmpPbE5CVFV3Nk1TNHhPbTVoYldWcFpDMW1iM0p0WVhRNmRXNXpjR1ZqYVdacFpXUWlJRUZzYkc5M1EzSmxZWFJsUFNKMGNuVmxJaTglMmJQQzl6WVcxc2NEcEJkWFJvYmxKbGNYVmxjM1ElMmJcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUE9TVA==
willistowerswatson.brightidea.com/ Name: csrf
Value: Ybhqfn2Bxm1s27n1EKdPiFV%7EKAo8V72VFPD_ioPDs4yElqLHV6hYJlb
willistowerswatson.brightidea.com/ Name: redirect
Value: 707417d952cd97fe8340e08c7d35da22dce44acd
willistowerswatson.brightidea.com/ Name: SimpleSAMLSessionID
Value: c2c977190c351a6c431564692a85c564

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block