retiree.aon.com Open in urlscan Pro
74.205.61.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://retiree.aon.com/att
Effective URL:
https://retiree.aon.com/att
Submission: On February 14 via manual (February 14th 2020, 5:20:43 pm UTC) from US

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 40 HTTP transactions. The main IP is 74.205.61.46, located in San Antonio, United States and belongs to RMH-14, US. The main domain is retiree.aon.com.
TLS certificate: Issued by DigiCert Global CA G2 on January 19th 2020. Valid for: a year.

This is the only time retiree.aon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 24	74.205.61.46 74.205.61.46	33070 (RMH-14) (RMH-14)
1	104.80.15.44 104.80.15.44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2.19.39.221 2.19.39.221	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	95.101.176.176 95.101.176.176	16625 (AKAMAI-AS) (AKAMAI-AS)
3	192.229.221.253 192.229.221.253	15133 (EDGECAST) (EDGECAST)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1 2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	45.60.87.226 45.60.87.226	19551 (INCAPSULA) (INCAPSULA)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
40	13

24 74.205.61.46 (San Antonio, United States) 3 redirects

ASN33070 (RMH-14, US)

retiree.aon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.80.15.44 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-80-15-44.deploy.static.akamaitechnologies.com

sadmin.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.39.221 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-39-221.deploy.static.akamaitechnologies.com

seal.websecurity.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.253 (United States)

ASN15133 (EDGECAST, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

382-wio-584.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.87.226 (United States)

ASN19551 (INCAPSULA, US)

sd.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
post.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

art.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	aon.com 3 redirects retiree.aon.com	2 MB
7	iperceptions.com universal.iperceptions.com api.iperceptions.com sd.iperceptions.com post.iperceptions.com	10 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	marketo.net munchkin.marketo.net	6 KB
2	norton.com seal.websecurity.norton.com	8 KB
1	azureedge.net art.azureedge.net	2 KB
1	doubleclick.net stats.g.doubleclick.net	102 B
1	mktoresp.com 382-wio-584.mktoresp.com	303 B
1	googletagmanager.com www.googletagmanager.com	29 KB
1	brightcove.com sadmin.brightcove.com	12 KB
0	newrelic.com Failed js-agent.newrelic.com Failed
0	fullstory.com Failed edge.fullstory.com Failed
40	12

	Domain	Requested by
24	retiree.aon.com	3 redirects retiree.aon.com
3	universal.iperceptions.com	retiree.aon.com
2	api.iperceptions.com	retiree.aon.com
2	www.google-analytics.com	1 redirects retiree.aon.com
2	munchkin.marketo.net	retiree.aon.com
2	seal.websecurity.norton.com	retiree.aon.com
1	post.iperceptions.com	retiree.aon.com
1	art.azureedge.net	retiree.aon.com
1	sd.iperceptions.com	retiree.aon.com
1	stats.g.doubleclick.net
1	382-wio-584.mktoresp.com	retiree.aon.com
1	www.googletagmanager.com	retiree.aon.com
1	sadmin.brightcove.com	retiree.aon.com
0	js-agent.newrelic.com Failed	retiree.aon.com
0	edge.fullstory.com Failed	retiree.aon.com
40	15

This site contains links to these domains. Also see Links.

Domain
myretireehealthexchange.com
www.websecurity.symantec.com

Subject Issuer	Validity	Valid
retiree.aon.com DigiCert Global CA G2	`2020-01-19` - `2021-02-15`	a year	crt.sh
sadmin.brightcove.com DigiCert SHA2 Secure Server CA	`2020-01-19` - `2021-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
seal.websecurity.norton.com DigiCert SHA2 Extended Validation Server CA	`2018-04-04` - `2020-04-03`	2 years	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
sa38gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2017-10-20` - `2020-04-13`	2 years	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.iperceptions.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-07` - `2021-05-06`	2 years	crt.sh
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-16` - `2020-09-03`	8 months	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://retiree.aon.com/att
Frame ID: B43F1A34318A44DBF0C25F3174B1C5CC
Requests: 60 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 25E0E20F2B8CC302C0E6FB60ADD03771
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://retiree.aon.com/att HTTP 301
https://retiree.aon.com/att Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

40
Requests

95 %
HTTPS

33 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

2385 kB
Transfer

3943 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://myretireehealthexchange.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.websecurity.symantec.com/ssl-certificate
Title: ABOUT SSL CERTIFICATES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://retiree.aon.com/att HTTP 301
https://retiree.aon.com/att Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1790686630&t=pageview&_s=1&dl=https%3A%2F%2Fretiree.aon.com%2Fatt&ul=en-us&de=UTF-8&dt=CompanyLanding%20%7C%20Aon%20Retiree%20Health%20Exchange&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=496966554&gjid=1673006632&cid=167217081.1581700823&tid=UA-35873408-1&_gid=807257718.1581700823&_r=1&gtm=2wg250N6N7FP7&cd3=00000000-0000-0000-0000-000000000000&cd17=00000000-0000-0000-0000-000000000000&cd1=167217081.1581700823&z=1441393303 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35873408-1&cid=167217081.1581700823&jid=496966554&_gid=807257718.1581700823&gjid=1673006632&_v=j81&z=1441393303

Request Chain 56

https://retiree.aon.com/CMSPages/GetFile.aspx?guid=e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48 HTTP 301
https://retiree.aon.com/AonExchange/files/e0/e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48.png

Request Chain 57

https://retiree.aon.com/CMSPages/GetFile.aspx?guid=4cbdbec2-30d7-45ca-a4c8-c733c919b9bf&1581700824580 HTTP 301
https://retiree.aon.com/AonExchange/files/4c/4cbdbec2-30d7-45ca-a4c8-c733c919b9bf.jpg

40 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set att Show response
retiree.aon.com/
Redirect Chain

http://retiree.aon.com/att
https://retiree.aon.com/att

672 KB
548 KB

586ms
191ms

Document
text/html

74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

71a949585c0292a4d659687014028ee2c5ec91d480eb9b89371088c438831989

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: retiree.aon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Set-Cookie: CMSPreferredCulture=en-US; expires=Sun, 14-Feb-2021 17:20:20 GMT; path=/; secure; HttpOnly CMSCsrfCookie=21AiIylRTlB9ruzHxu1r2KUhPe2LIHkz9nLMXONV; path=/; secure; HttpOnly ASP.NET_SessionId=4mgnglgblgwjazuxvnnynobp; path=/; secure; HttpOnly BigIP_Cookie=!phE4UleTfWa1UBxk3xLDr88Sb6Uu+jB0iu4xv1ywcNv2LhI8wD1li5FreH2TPsgklRKVVV6KxFgIUYo=; path=/; Httponly; Secure
X-UA-Compatible: IE=Edge
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Date: Fri, 14 Feb 2020 17:20:19 GMT

Redirect headers

Location: https://retiree.aon.com/att
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK ArheMainCssCombined_6353A3F3EB2A6D20FAAFC12A6F884798.css
retiree.aon.com/CMSCSSStyleSheets/Arhe/ 529 KB
76 KB 1377ms
133ms Stylesheet
text/css 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSCSSStyleSheets/Arhe/ArheMainCssCombined_6353A3F3EB2A6D20FAAFC12A6F884798.css

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

be126c27107f3bbff55533e1cdc88be036dc9a96ac94ac790625b2ce85c071e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
ETag: "80bb6dc61be3d51:0"
Last-Modified: Fri, 14 Feb 2020 09:47:31 GMT
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
includeSubDomains: preload
Content-Length: 76584
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Arhe_ARHE_CompanyLandingCssCombined_E00CDF80C3E91B5880B9CD5F5F7F17D8.css
retiree.aon.com/CMSCSSStyleSheets/Arhe/ 5 KB
2 KB 1453ms
155ms Stylesheet
text/css 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSCSSStyleSheets/Arhe/Arhe_ARHE_CompanyLandingCssCombined_E00CDF80C3E91B5880B9CD5F5F7F17D8.css

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

02dffb520dc302e901721ab6a2a1b601e6a4784d02c10d0e9c79c86f49f9e00b

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
ETag: "ae6c59e81be3d51:0"
Last-Modified: Fri, 14 Feb 2020 09:48:27 GMT
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
includeSubDomains: preload
Content-Length: 1616
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK WebResource.axd Show response
retiree.aon.com/ 23 KB
7 KB 1587ms
133ms Script
application/x-javascript 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/WebResource.axd?d=VRye66N46GYmJkLCJpgq4_XwRgnX7hsG_iSgy_hSyyWwmnco_BR_VqQTuxQSmSPldjFYSpTwRLS7_SIQx-TrZ_UokuFcW3rx0&t=636041074380000000

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 14 Jul 2016 20:37:18 GMT
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 6007
Expires: Sat, 13 Feb 2021 10:03:30 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
retiree.aon.com/ 100 KB
26 KB 1634ms
132ms Script
application/x-javascript 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/ScriptResource.axd?d=Oz0wpEp1Bd9hKmgXL1py1DPAWKsbYgnW7tH3ek9lpDT447qDtI4LkjR22my_XTAU8aD59-UWsd-abNMjvxAwneDQf0mJ7oCkUcRKR6O9U6fK0aIboTdaCcy5gtPuQlw12tef9l-vPxsI3gAfJ1AQDh0BlHa2_iU6GEapLro_TQk1&t=ffffffffd416f7fc

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 14 Feb 2020 10:03:30 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 25609
Expires: Sat, 13 Feb 2021 10:03:30 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
retiree.aon.com/ 39 KB
11 KB 1724ms
137ms Script
application/x-javascript 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/ScriptResource.axd?d=WTZsf9KlUjuWUJxwaa7S7aLIP0qziYOMWpBgEk7_HU32mF9biRLQNRIvhSKQNve1biNfyUARxBC8S3PZ9TNOgqqdroamWmm2XpvzBKmJzpNIAs64YuQm62PSuRgQR9Vxryi0UBgHxVQ_9fgneWrQAn_KRCWhEJeTIgiKe-_KDWDnnaDaXHAgrQ2&t=ffffffffd416f7fc

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 14 Feb 2020 13:41:11 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 9984
Expires: Sat, 13 Feb 2021 13:41:11 GMT

GET
H/1.1 200
OK ArheMainScriptsCombined_CE3CF83BE4173943F0E3A8A2C6147F70.js Show response
retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/ 489 KB
154 KB 522ms
130ms Script
application/x-javascript 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/ArheMainScriptsCombined_CE3CF83BE4173943F0E3A8A2C6147F70.js

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a4a71d51038b457609057190f59e392979cc9ddbec9538421bffca6e0d216730

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
ETag: "8061bc41be3d51:0"
Last-Modified: Fri, 14 Feb 2020 09:47:27 GMT
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
includeSubDomains: preload
Content-Length: 157224
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Arhe_ARHE_CompanyLandingScriptsCombined_25050D017DDAF260F85215EF33EC3534.js Show response
retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/ 406 KB
125 KB 656ms
174ms Script
application/x-javascript 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/Arhe_ARHE_CompanyLandingScriptsCombined_25050D017DDAF260F85215EF33EC3534.js

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

fac0211c03ef03910d88ed666ce20391b330faf34856cbec3fb56bb94b01a66d

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
ETag: "9fb154e81be3d51:0"
Last-Modified: Fri, 14 Feb 2020 09:48:27 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
includeSubDomains: preload
Vary: Accept-Encoding
Date: Fri, 14 Feb 2020 17:20:21 GMT

GET
H/1.1 200
OK BrightcoveExperiences.js Show response
sadmin.brightcove.com/js/ 48 KB
12 KB 635ms
243ms Script
application/x-javascript 104.80.15.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/BrightcoveExperiences.js

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.80.15.44 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-80-15-44.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 15:36:45 GMT
Server: Apache
ETag: "08117b928b93481e76c055da3748401b:1528299406"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=3156000
Content-Type: application/x-javascript
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12140

GET
H/1.1 200
OK arheLoading.gif
retiree.aon.com/AonExchange/media/Image-Gallery/SiteImages/ 4 KB
5 KB 1034ms
130ms Image
image/gif 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retiree.aon.com/AonExchange/media/Image-Gallery/SiteImages/arheLoading.gif

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

51ea57da0a7cc207043715dec4b600c90554fbdcd6a5614be0d877610a95ce2c

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Sat, 12 May 2018 13:20:44 GMT
X-Powered-By: ASP.NET
ETag: "efb43a8f4e9d31:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 3889
X-Content-Type-Options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
29 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N6N7FP7

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ca15e8115586d59cb27644aa3cbbb7ef7d059203482b2d3afd7d7ea74ba9fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 17:20:22 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29740
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 17:20:22 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf47e49423967ba3d4af98ce977774c86863a787d04d1720aebcc681470440bb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 1 KB
1 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f48b8c68cfa949c363f6bb2654e0ef46f800f39adf412bf45c755ce0861de00

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 767 B
767 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8687627cf52049bac6e3a169a0b2ce17c9c73307b10e5ab590d035820137501d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 275 B
275 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96362c4e2c543bb580f1a2a5dcc4a38c9b01b1945a9ff678ee1623f8549c275a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 276 B
276 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8864e3b70bd66dd305646ce399605da35305cd03583cc4e92820dac800e54c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 19 KB
19 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1d650211c62243a2e035d40c09b7a2f788272689cd4137de49fe41f19527b7e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 22 KB
22 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0ac5da1a50ae59e0fa538d74c87f6a2a2b67c302262ac656d14b8dd6f037946

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 13 KB
13 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27ce7c0e92ec04e8caad9b99f698c0d722ea2f5fc18c41ed0ef86d8584ca60dc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 2 KB
2 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b46eb8ced9fbf98d6500c9a6d5538a12638d0347b53998b6bc9241f0bd993882

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 2 KB
2 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd260f1245bca9f35babe648bf2c20302f1713fa0ad6d0b6263451770d16f924

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 1 KB
1 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9487f65f4e7619665ea6453230873148c007efd4086c12cbaf81594b3383b8b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 13 KB
13 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c15b10745e344f1795ad4810c96f0fd1dec492f524f005e5773ed166f81bcfb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 175 KB
175 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a22e20cc90f4444f8fc18b319e519be54f418a74bf6e9c8104e809a7c7860660

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 12 KB
12 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c364f26f9e540927b6a31835b0110152964dad05fc50ddf50b5c299281ae6df4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 446 B
446 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b12edb384183937e29144888a2a63a027e44efb5a4f43facc9d2c065cb042c52

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 1020 B
1020 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4d68de83684c000c55db110f0ad8942c912f41b40419ea6445726bc9efeba10

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 10 KB
10 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81015bbab8119a851f5ebfc89748edabcec41a4608697326ce5ac53a1938f703

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 476 B
476 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add8209df7fa41ddffb28f1e32628f1a9a8a4c6223a601015847ec014dcd8fa0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 6 KB
6 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aa488df9cbaf702449280f2cecf1ea20a285e4aadb77fbb227da6bb18c610e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 24 KB
24 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37ac95aeac56b8725b006883bc240ac5d3d889ad84dc2b605d3e5c5c281cfdda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
DATA 200
OK truncated
/ 37 KB
37 KB Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a513b64b35736a8c2b2f63be80c2a6a3c0d67e80b1d5a23753b27b3455aa5795

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: img/png

GET
H/1.1 200
OK PreloSlab-ExtraBold.otf
retiree.aon.com/CMSCSSStyleSheets/fonts/ 103 KB
103 KB 397ms
130ms Font
application/x-font-opentype 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSCSSStyleSheets/fonts/PreloSlab-ExtraBold.otf

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

8521fc17ae5b78067a2dfc435335f66d1010a0d6c0010af416cffc0e91a5daa4

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/CMSCSSStyleSheets/Arhe/ArheMainCssCombined_6353A3F3EB2A6D20FAAFC12A6F884798.css
Origin: https://retiree.aon.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Mon, 27 Jan 2020 20:11:00 GMT
X-Powered-By: ASP.NET
ETag: "0a27ee44dd5d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-opentype
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 105116
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK StoneSans-Light.woff
retiree.aon.com/CMSCSSStyleSheets/fonts/ 103 KB
104 KB 528ms
130ms Font
application/x-font-woff 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSCSSStyleSheets/fonts/StoneSans-Light.woff

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

ed3cdc83c1642656af06e86d48854cd7e43be9255245a31983d67474cd7ae696

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/CMSCSSStyleSheets/Arhe/ArheMainCssCombined_6353A3F3EB2A6D20FAAFC12A6F884798.css
Origin: https://retiree.aon.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Tue, 21 Jan 2020 10:36:58 GMT
X-Powered-By: ASP.NET
ETag: "01fcb446d0d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:21 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 105856
X-Content-Type-Options: nosniff

GET fs.js
edge.fullstory.com/s/ 0
0

GET
H/1.1 200
OK getseal
seal.websecurity.norton.com/ 4 KB
4 KB 151ms
128ms Image
image/gif 2.19.39.221
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal.websecurity.norton.com/getseal?at=0&sealid=0&dn=retiree.aon.com&lang=en&tpt=opaque
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.39.221 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-221.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 276d4e9f6272de1f2bd94950e6e5f2e1c379580bfe1b66dd91fecbbca05f5098

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 17:20:22 GMT
Cache-Control: must-revalidate, max-age=3381
Server: nginx/1.14.0
Connection: keep-alive
ETag: TRUST-20181030193203
Content-Length: 4037
Content-Type: image/gif

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 32ms
14ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37d3a4e166c1ac159b88faf4c86c36f67289628a8d65fb57546126396508bbf7

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 02:37:09 GMT
Server: Apache
ETag: "8cf9a98cedf9b6907e48743aa92f726a:1581043029"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 760

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
3 KB 34ms
7ms Script
application/javascript 192.229.221.253
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.253 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCB) /
Resource Hash: a0542d11d5210be91654a0ba2043a7221c55a660f484cccb3197077918a3aa92

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 Feb 2020 17:20:22 GMT
content-encoding: gzip
content-md5: GyvxSS23CvRizDwXnipiRg==
age: 263373
x-cache: HIT
status: 200
content-length: 3033
x-ms-lease-status: unlocked
last-modified: Tue, 28 Jan 2020 16:04:00 GMT
server: ECAcc (frc/8FCB)
etag: 0x8D7A40BB0087AD6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dec24883-301e-0109-3ef5-e0ac46000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

POST
H/1.1 200
OK GetSecurityTokenViewModel Show response
retiree.aon.com/API/SecurityToken/ 226 B
2 KB 272ms
171ms XHR
application/json 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/API/SecurityToken/GetSecurityTokenViewModel

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

6ffa0284161f60d126e4cd3c3ee76e396ac9d84a4af7ea79c751b5240fe98545

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQEEVlRWDBABVFVVAwMGVFc=
Origin: https://retiree.aon.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=utf-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://retiree.aon.com/att
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-NewRelic-App-Data: PxQGVlVUCgYER1BSAwYDVFUDBRFORDQHUjZKA1ZLVVFHDFYPHixlIUtlUgITEVFHSTAOCVJfdAkKRURcDgoGEB8lXRZrXVdHQQxNGGUOWAcKYF4EES5XV1UIQ04HHwdKVB8GB1JVVFAJThVTFBpxC3ZWAFJyWAtXXQ8BVV5VGh9WBQ0RUmw=
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: private
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 219

POST
H/1.1 200
OK GetArhePageSetupClientViewModel Show response
retiree.aon.com/API/PageSetup/ 63 KB
16 KB 221ms
221ms XHR
application/json 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/API/PageSetup/GetArhePageSetupClientViewModel

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

93e7f0bed38bbf7eec033c5fca626f2970b775bacb3be515e5f5fdc8aafc7020

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQEEVlRWDBABVFVVAwMGVFc=
Origin: https://retiree.aon.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://retiree.aon.com/att
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
__RequestVerificationToken: +YcYmvmJZmYUgmpaaNbkEXoWtY5ExcnLp0HyJ6/srVAovgCWGuK8whGfTYC8QYm3aaE4Tu6tgOT+RsdXlv/kP+XoQ+bAgoCbYb4rfJwzQCg=

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-NewRelic-App-Data: PxQGVlVUCgYER1BSAwYDVFUDBRFORDQHUjZKA1ZLVVFHDFYPHixlIUtmVgYDMF1HRRQiDVlFRQkIXVNBTSEGFnEQUAdoWVNXYABNFEEiXwsBWEM3DwZPfl8ABA4VHQdIVB0GHVJfU1YDUgxOFQkYEHYhAVJ0UQBSV3cPUCVTegESSAcDW0JSOw==
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: private
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 15658

POST
H/1.1 200
OK ArheCompanyLandingPageViewModels Show response
retiree.aon.com/API/CompanyLanding/ 7 KB
4 KB 720ms
720ms XHR
application/json 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/API/CompanyLanding/ArheCompanyLandingPageViewModels

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

5188c2a18861bafe76b232d8169d38a94cbb4992d1293b876a296f52308ab5a3

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQEEVlRWDBABVFVVAwMGVFc=
Origin: https://retiree.aon.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://retiree.aon.com/att
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
__RequestVerificationToken: +YcYmvmJZmYUgmpaaNbkEXoWtY5ExcnLp0HyJ6/srVAovgCWGuK8whGfTYC8QYm3aaE4Tu6tgOT+RsdXlv/kP+XoQ+bAgoCbYb4rfJwzQCg=

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-NewRelic-App-Data: PxQGVlVUCgYER1BSAwYDVFUDBRFORDQHUjZKA1ZLVVFHDFYPHixlIUt1WAwWAlZKfAUPBl5fUCULX0JBDQoPB0JNeRBQXXddXhVYD0gtUgwAX1kGNgJfVmYNBBV6XlMDCEIUH1JIU04ATA1aAQkDAQpJFFAdQwNXU3ACIyJUDnYIV1lbA3AVSgJQWkAHOw==
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: private
Date: Fri, 14 Feb 2020 17:20:23 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 3030

POST
H/1.1 200
OK ArheLoginClientViewModel Show response
retiree.aon.com/API/Login/ 2 KB
2 KB 259ms
188ms XHR
application/json 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/API/Login/ArheLoginClientViewModel

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

17ec73eb22274d4d62a23d5b05a69753c3f8ec59ed6a030553c8893cf462c188

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-NewRelic-ID: VQEEVlRWDBABVFVVAwMGVFc=
Origin: https://retiree.aon.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://retiree.aon.com/att
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
__RequestVerificationToken: +YcYmvmJZmYUgmpaaNbkEXoWtY5ExcnLp0HyJ6/srVAovgCWGuK8whGfTYC8QYm3aaE4Tu6tgOT+RsdXlv/kP+XoQ+bAgoCbYb4rfJwzQCg=

Response headers

Strict-Transport-Security: max-age=16070400
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-NewRelic-App-Data: PxQGVlVUCgYER1BSAwYDVFUDBRFORDQHUjZKA1ZLVVFHDFYPHixlIUt6WAYPDXtcXhATDVtdUhRLcERbByoMBVkMew5RXVpGZQxcFnwOVwcIFBtRSFMUAx5UVFEEAQBfSBwHH0BWJSYDUQxbCH1wc3ddeFhyQx8EBVpEBDs=
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: private
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 905

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/156/ 9 KB
5 KB 16ms
16ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/156/munchkin.js
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 20:22:41 GMT
Server: Apache
ETag: "24e78e4d5137c385c6e3393d80cfd6bf:1568751761"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4198
Expires: Sun, 24 May 2020 17:20:22 GMT

GET
H/1.1 200
OK visitWebPage Show response
382-wio-584.mktoresp.com/webevents/ 2 B
303 B 391ms
100ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://382-wio-584.mktoresp.com/webevents/visitWebPage?_mchNc=1581700822980&_mchCn=&_mchId=382-WIO-584&_mchTk=_mch-aon.com-1581700822980-18956&_mchHo=retiree.aon.com&_mchPo=&_mchRu=%2Fatt&_mchPc=https%3A&_mchVr=156&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://retiree.aon.com/att
Origin: https://retiree.aon.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 14 Feb 2020 17:20:23 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 3f5697c4-03fe-418c-8e80-8179e3d480e1
Content-Type: text/plain; charset=UTF-8

GET nr-spa-1167.min.js
js-agent.newrelic.com/ 0
0

GET
H2 200 iFrame.html
universal.iperceptions.com/ Frame 25E0 0
0 13ms
13ms Document
text/html 192.229.221.253
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.253 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD2) /
Resource Hash

Request headers

:method: GET
:authority: universal.iperceptions.com
:scheme: https
:path: /iFrame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://retiree.aon.com/att
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://retiree.aon.com/att

Response headers

status: 200
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 263373
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
content-type: text/html
date: Fri, 14 Feb 2020 17:20:22 GMT
etag: 0x8D7A40B8ED974A8
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: ECAcc (frc/8FD2)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5b265946-701e-00c6-48f5-e08da1000000
x-ms-version: 2009-09-19
content-length: 681

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/att

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2811
date: Fri, 14 Feb 2020 16:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 14 Feb 2020 18:33:32 GMT

GET
H/1.1 200
OK StoneSans-Medium.woff
retiree.aon.com/CMSCSSStyleSheets/fonts/ 108 KB
109 KB 132ms
132ms Font
application/x-font-woff 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSCSSStyleSheets/fonts/StoneSans-Medium.woff

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/ArheMainScriptsCombined_CE3CF83BE4173943F0E3A8A2C6147F70.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

812d50e965cc923e844024dd16ecfb494dd0f3d6dd0ef174bbf9ca6a1d0f98e9

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/CMSCSSStyleSheets/Arhe/ArheMainCssCombined_6353A3F3EB2A6D20FAAFC12A6F884798.css
Origin: https://retiree.aon.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Tue, 21 Jan 2020 10:36:58 GMT
X-Powered-By: ASP.NET
ETag: "01fcb446d0d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 110356
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK getseal
seal.websecurity.norton.com/ 4 KB
4 KB 7ms
7ms Image
image/gif 2.19.39.221
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal.websecurity.norton.com/getseal?at=0&sealid=0&dn=retiree.aon.com&lang=en&tpt=opaque
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/ArheMainScriptsCombined_CE3CF83BE4173943F0E3A8A2C6147F70.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.39.221 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-39-221.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 276d4e9f6272de1f2bd94950e6e5f2e1c379580bfe1b66dd91fecbbca05f5098

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 17:20:23 GMT
Cache-Control: must-revalidate, max-age=3380
Server: nginx/1.14.0
Connection: keep-alive
ETag: TRUST-20181030193203
Content-Length: 4037
Content-Type: image/gif

GET
H/1.1 200
OK PreloSlab-Light.woff2
retiree.aon.com/CMSCSSStyleSheets/fonts/ 27 KB
27 KB 130ms
130ms Font
application/x-font-woff 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://retiree.aon.com/CMSCSSStyleSheets/fonts/PreloSlab-Light.woff2

Requested by

Host: retiree.aon.com
URL: https://retiree.aon.com/CMSWebParts/AonExchange/GeneratedScripts/ArheMainScriptsCombined_CE3CF83BE4173943F0E3A8A2C6147F70.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

216feb6da1b138bc99aca7032eb01e41b0ec0cbc8471b65cc37fe5cfec57a9a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/CMSCSSStyleSheets/Arhe/ArheMainCssCombined_6353A3F3EB2A6D20FAAFC12A6F884798.css
Origin: https://retiree.aon.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Tue, 21 Jan 2020 10:36:58 GMT
X-Powered-By: ASP.NET
ETag: "01fcb446d0d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 27312
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK birdie.png
retiree.aon.com/AonExchange/media/Image-Gallery/SiteImages/ 6 KB
7 KB 188ms
130ms Image
image/png 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retiree.aon.com/AonExchange/media/Image-Gallery/SiteImages/birdie.png

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

44a0e319dc2c1cb38ee89a291448bd890afe66b19d520712dc49799f431b70e9

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Sat, 21 Sep 2019 14:04:28 GMT
X-Powered-By: ASP.NET
ETag: "b7b7937b8570d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 6492
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK closebirdie.png
retiree.aon.com/AonExchange/media/Image-Gallery/SiteImages/ 324 B
1 KB 298ms
136ms Image
image/png 74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retiree.aon.com/AonExchange/media/Image-Gallery/SiteImages/closebirdie.png

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a9541f9adb61db432f7a65a5a38b40c2f4a5dcd231f9e6cd1b415c4220bcdcd4

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Sat, 21 Sep 2019 14:04:28 GMT
X-Powered-By: ASP.NET
ETag: "91919c7b8570d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:22 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 324
X-Content-Type-Options: nosniff

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1790686630&t=pageview&_s=1&dl=https%3A%2F%2Fretiree.aon.com%2Fatt&ul=en-us&de=UTF-8&dt=CompanyLanding%20%7C%20Aon%20Retiree%20Health%20Exchan...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35873408-1&cid=167217081.1581700823&jid=496966554&_gid=807257718.1581700823&gjid=1673006632&_v=j81&z=1441393303

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35873408-1&cid=167217081.1581700823&jid=496966554&_gid=807257718.1581700823&gjid=1673006632&_v=j81&z=1441393303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 14 Feb 2020 17:20:23 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 17:20:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35873408-1&cid=167217081.1581700823&jid=496966554&_gid=807257718.1581700823&gjid=1673006632&_v=j81&z=1441393303
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 InviteTriggers Show response
api.iperceptions.com/ 0
165 B 131ms
30ms XHR
text/plain 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://retiree.aon.com
Referer: https://retiree.aon.com/att
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: securitytoken

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 17:20:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
status: 200
cache-control: no-cache
access-control-allow-headers: securitytoken
content-length: 0
expires: -1

GET
H2 200 InviteTriggers Show response
api.iperceptions.com/ 241 B
305 B 33ms
33ms XHR
application/json 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86d2398bf05128239d5bfec3e25a81987d2cbac5b445cca3dac4999fa43b48f2

Request headers

Referer: https://retiree.aon.com/att
Origin: https://retiree.aon.com
Sec-Fetch-Dest: empty
SecurityToken: ceeac950-5ba3-4899-848d-46c2da5ccbb6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 17:20:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 241
expires: -1

GET
H2 200 IpEngine_v77.4.js Show response
universal.iperceptions.com/core/ 11 KB
4 KB 8ms
8ms Script
application/javascript 192.229.221.253
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/core/IpEngine_v77.4.js
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.253 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCE) /
Resource Hash: 866c9254d2c8dc4a01bcb69b6cd2dd954c8c3fad3e36a9d9548b23877b7984f2

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 Feb 2020 17:20:23 GMT
content-encoding: gzip
content-md5: pm1ddSmhvySTHVFSZ/u/wg==
age: 261003
x-cache: HIT
status: 200
content-length: 3672
x-ms-lease-status: unlocked
last-modified: Tue, 28 Jan 2020 15:00:06 GMT
server: ECAcc (frc/8FCE)
etag: 0x8D7A402C3103DF4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 59bd7df7-001e-010a-3ffb-e0af41000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19

GET
H2 200 35298_637154761131417717 Show response
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 11 KB
2 KB 1430ms
380ms Script
application/javascript 45.60.87.226
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/35298_637154761131417717
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 59a81732643e40cb516b08c9f52a55b46fc4eb00e13a792cf2286f0f4a6d9608

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 17:20:24 GMT
content-encoding: gzip
last-modified: Fri, 24 Jan 2020 15:21:53 GMT
x-cdn: Incapsula
etag: 0x8D7A0E1245AF558
content-type: application/javascript
status: 200
x-iinfo: 9-145380974-145349931 2VNN RT(1581700824520 0) q(0 0 0 0) r(3 3)
cache-control: max-age=3600, public
content-length: 1385
expires: Fri, 14 Feb 2020 18:20:24 GMT

GET
H/1.1

200
OK

e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48.png
retiree.aon.com/AonExchange/files/e0/
Redirect Chain

https://retiree.aon.com/CMSPages/GetFile.aspx?guid=e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48
https://retiree.aon.com/AonExchange/files/e0/e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48.png

37 KB
37 KB

165ms
165ms

Image
image/png

74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retiree.aon.com/AonExchange/files/e0/e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48.png

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

2cd76955ac0ff5fb6a05f024f88f0258fefae9cf3f2757766760167ae7f75b89

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Sat, 23 Sep 2017 14:15:46 GMT
X-Powered-By: ASP.NET
ETag: "055c2727634d31:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:24 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 37408
X-Content-Type-Options: nosniff

Redirect headers

Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /AonExchange/files/e0/e01ba7c1-ad0b-4bfc-bb8b-a6e94f4b9a48.png
Cache-Control: private
Date: Fri, 14 Feb 2020 17:20:23 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 25323

GET
H/1.1

200
OK

4cbdbec2-30d7-45ca-a4c8-c733c919b9bf.jpg
retiree.aon.com/AonExchange/files/4c/
Redirect Chain

https://retiree.aon.com/CMSPages/GetFile.aspx?guid=4cbdbec2-30d7-45ca-a4c8-c733c919b9bf&1581700824580
https://retiree.aon.com/AonExchange/files/4c/4cbdbec2-30d7-45ca-a4c8-c733c919b9bf.jpg

590 KB
591 KB

143ms
142ms

Image
image/jpeg

74.205.61.46
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retiree.aon.com/AonExchange/files/4c/4cbdbec2-30d7-45ca-a4c8-c733c919b9bf.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

74.205.61.46 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

66e367465727099ffb12ea5f1cf88e9d70127a09ee14a8d4c1216e747a41ccd0

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=16070400
includeSubDomains: preload
Last-Modified: Sat, 23 Sep 2017 14:15:40 GMT
X-Powered-By: ASP.NET
ETag: "0ce2e6f7634d31:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Date: Fri, 14 Feb 2020 17:20:24 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
Accept-Ranges: bytes
Content-Length: 604281
X-Content-Type-Options: nosniff

Redirect headers

Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: /AonExchange/files/4c/4cbdbec2-30d7-45ca-a4c8-c733c919b9bf.jpg
Cache-Control: private
Date: Fri, 14 Feb 2020 17:20:24 GMT
Content-Security-Policy: default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.maps.google.com https://maps.googleapis.com https://maps.gstatic.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.munchkin.marketo.net *.marketo.net *.norton.com *.digicert.com *.msecnd.net *.norton.com *.iperceptions.com *.azureedge.net *.brightcove.com;
includeSubDomains: preload
Content-Length: 25323

GET
H2 200 harvest_35298.js Show response
art.azureedge.net/harvest/ 9 KB
2 KB 28ms
8ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://art.azureedge.net/harvest/harvest_35298.js
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F43) /
Resource Hash: 9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd

Request headers

Referer: https://retiree.aon.com/att
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 14 Feb 2020 17:20:24 GMT
content-encoding: gzip
content-md5: H60ZpvNB4GMbbO835WkX9g==
age: 192260
x-cache: HIT
status: 200
content-length: 2022
x-ms-lease-status: unlocked
last-modified: Mon, 25 Feb 2019 15:58:44 GMT
server: ECAcc (frc/8F43)
etag: 0x8D69B3A1EEC5895
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5aedcbf7-801e-0011-509b-e114b2000000
cache-control: public, max-age=2592000
x-ms-version: 2009-09-19

GET
H2 200 ip.gif Show response
post.iperceptions.com/ 32 B
644 B 192ms
118ms XHR
image/gif 45.60.87.226
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://post.iperceptions.com/ip.gif?sid=cc4f9601-ddbb-c7ee-d577-db6f76c3bd3c&vid=b9dc8e95-9443-817f-20a6-9cf00b964c0a&tkid=ceeac950-5ba3-4899-848d-46c2da5ccbb6&url=https%3A%2F%2Fretiree.aon.com%2Fatt&title=Client%20Landing%20Page
Requested by: Host: retiree.aon.com
URL: https://retiree.aon.com/att
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer: https://retiree.aon.com/att
Origin: https://retiree.aon.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 17:20:24 GMT
last-modified: Mon, 06 Nov 2017 18:05:13 GMT
server: Apache
etag: "576fcca2957d31:0"
status: 200
access-control-allow-methods: GET
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-iinfo: 5-205168031-205088133 pNNN RT(1581700825005 0) q(0 0 0 1) r(1 1) U5
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: *
content-length: 32
x-cdn: Incapsula

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Domain: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1167.min.js

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aon.com/	1970-01-20 00:52:52	Name: _mkto_trk Value: id:382-WIO-584&token:_mch-aon.com-1581700822980-18956
retiree.aon.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_Lw__ Value: ZhluQMx2SdFYVtS93NKjwbjbuynMLrSkerBqf5x+yH+5HziWm7RBVmFAce27xHjfxsixH8uAqVkdTsrsPcUJNbMVAmPcQNKEifbl5+CbbUE=
retiree.aon.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xdqjclsodd1gj5jnjak151n1
retiree.aon.com/	1970-01-19 16:08:43	Name: CMSPreferredCulture Value: en-US

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data:; font-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .google.com .maps.google.com https://maps.googleapis.com https://maps.gstatic.com .gstatic.com .googletagmanager.com .google-analytics.com .munchkin.marketo.net .marketo.net .norton.com .digicert.com .msecnd.net .norton.com .iperceptions.com .azureedge.net .brightcove.com;
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

382-wio-584.mktoresp.com
api.iperceptions.com
art.azureedge.net
edge.fullstory.com
js-agent.newrelic.com
munchkin.marketo.net
post.iperceptions.com
retiree.aon.com
sadmin.brightcove.com
sd.iperceptions.com
seal.websecurity.norton.com
stats.g.doubleclick.net
universal.iperceptions.com
www.google-analytics.com
www.googletagmanager.com
edge.fullstory.com
js-agent.newrelic.com
104.80.15.44
192.229.221.253
192.28.144.124
2.19.39.221
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:400c:c00::9b
45.60.87.226
52.138.200.61
74.205.61.46
95.101.176.176
02dffb520dc302e901721ab6a2a1b601e6a4784d02c10d0e9c79c86f49f9e00b
17ec73eb22274d4d62a23d5b05a69753c3f8ec59ed6a030553c8893cf462c188
216feb6da1b138bc99aca7032eb01e41b0ec0cbc8471b65cc37fe5cfec57a9a7
276d4e9f6272de1f2bd94950e6e5f2e1c379580bfe1b66dd91fecbbca05f5098
27ce7c0e92ec04e8caad9b99f698c0d722ea2f5fc18c41ed0ef86d8584ca60dc
2cd76955ac0ff5fb6a05f024f88f0258fefae9cf3f2757766760167ae7f75b89
37ac95aeac56b8725b006883bc240ac5d3d889ad84dc2b605d3e5c5c281cfdda
37d3a4e166c1ac159b88faf4c86c36f67289628a8d65fb57546126396508bbf7
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3c15b10745e344f1795ad4810c96f0fd1dec492f524f005e5773ed166f81bcfb
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44a0e319dc2c1cb38ee89a291448bd890afe66b19d520712dc49799f431b70e9
5188c2a18861bafe76b232d8169d38a94cbb4992d1293b876a296f52308ab5a3
51ea57da0a7cc207043715dec4b600c90554fbdcd6a5614be0d877610a95ce2c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59a81732643e40cb516b08c9f52a55b46fc4eb00e13a792cf2286f0f4a6d9608
5ca15e8115586d59cb27644aa3cbbb7ef7d059203482b2d3afd7d7ea74ba9fed
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
66e367465727099ffb12ea5f1cf88e9d70127a09ee14a8d4c1216e747a41ccd0
6ffa0284161f60d126e4cd3c3ee76e396ac9d84a4af7ea79c751b5240fe98545
71a949585c0292a4d659687014028ee2c5ec91d480eb9b89371088c438831989
7f48b8c68cfa949c363f6bb2654e0ef46f800f39adf412bf45c755ce0861de00
81015bbab8119a851f5ebfc89748edabcec41a4608697326ce5ac53a1938f703
812d50e965cc923e844024dd16ecfb494dd0f3d6dd0ef174bbf9ca6a1d0f98e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8521fc17ae5b78067a2dfc435335f66d1010a0d6c0010af416cffc0e91a5daa4
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
866c9254d2c8dc4a01bcb69b6cd2dd954c8c3fad3e36a9d9548b23877b7984f2
8687627cf52049bac6e3a169a0b2ce17c9c73307b10e5ab590d035820137501d
86d2398bf05128239d5bfec3e25a81987d2cbac5b445cca3dac4999fa43b48f2
93e7f0bed38bbf7eec033c5fca626f2970b775bacb3be515e5f5fdc8aafc7020
96362c4e2c543bb580f1a2a5dcc4a38c9b01b1945a9ff678ee1623f8549c275a
9aa488df9cbaf702449280f2cecf1ea20a285e4aadb77fbb227da6bb18c610e2
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd
a0542d11d5210be91654a0ba2043a7221c55a660f484cccb3197077918a3aa92
a22e20cc90f4444f8fc18b319e519be54f418a74bf6e9c8104e809a7c7860660
a4a71d51038b457609057190f59e392979cc9ddbec9538421bffca6e0d216730
a513b64b35736a8c2b2f63be80c2a6a3c0d67e80b1d5a23753b27b3455aa5795
a9541f9adb61db432f7a65a5a38b40c2f4a5dcd231f9e6cd1b415c4220bcdcd4
add8209df7fa41ddffb28f1e32628f1a9a8a4c6223a601015847ec014dcd8fa0
b12edb384183937e29144888a2a63a027e44efb5a4f43facc9d2c065cb042c52
b46eb8ced9fbf98d6500c9a6d5538a12638d0347b53998b6bc9241f0bd993882
be126c27107f3bbff55533e1cdc88be036dc9a96ac94ac790625b2ce85c071e5
bf47e49423967ba3d4af98ce977774c86863a787d04d1720aebcc681470440bb
c0ac5da1a50ae59e0fa538d74c87f6a2a2b67c302262ac656d14b8dd6f037946
c1d650211c62243a2e035d40c09b7a2f788272689cd4137de49fe41f19527b7e
c364f26f9e540927b6a31835b0110152964dad05fc50ddf50b5c299281ae6df4
c4d68de83684c000c55db110f0ad8942c912f41b40419ea6445726bc9efeba10
c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8
c9487f65f4e7619665ea6453230873148c007efd4086c12cbaf81594b3383b8b
ca8864e3b70bd66dd305646ce399605da35305cd03583cc4e92820dac800e54c
dd260f1245bca9f35babe648bf2c20302f1713fa0ad6d0b6263451770d16f924
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed3cdc83c1642656af06e86d48854cd7e43be9255245a31983d67474cd7ae696
fac0211c03ef03910d88ed666ce20391b330faf34856cbec3fb56bb94b01a66d

retiree.aon.com Open in urlscan Pro 74.205.61.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

95 %HTTPS

33 %IPv6

12 Domains

15 Subdomains

13 IPs

5 Countries

2385 kBTransfer

3943 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

retiree.aon.com Open in urlscan Pro
74.205.61.46 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

95 %
HTTPS

33 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

2385 kB
Transfer

3943 kB
Size

4
Cookies

40 HTTP transactions
21 data transactions