xfst.arbt.aon.com Open in urlscan Pro
72.32.173.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://impactondemand.aonbenfield.com/dataManager/Default.aspx
Effective URL:
https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f...
Submission: On March 31 via api (March 31st 2021, 6:14:26 am UTC) from US

Summary HTTP 25 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 25 HTTP transactions. The main IP is 72.32.173.12, located in Greenville, United States and belongs to RMH-14, US. The main domain is xfst.arbt.aon.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 30th 2020. Valid for: a year.

This is the only time xfst.arbt.aon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	98.129.221.236 98.129.221.236	33070 (RMH-14) (RMH-14)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	72.32.173.13 72.32.173.13	33070 (RMH-14) (RMH-14)
4	72.32.173.12 72.32.173.12	33070 (RMH-14) (RMH-14)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	6

12 98.129.221.236 (United States)

ASN33070 (RMH-14, US)

impactondemand.aonbenfield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.32.173.13 (Greenville, United States) 1 redirects

ASN33070 (RMH-14, US)

gsft.arbt.aon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.32.173.12 (Greenville, United States)

ASN33070 (RMH-14, US)

xfst.arbt.aon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	aonbenfield.com impactondemand.aonbenfield.com	219 KB
7	cookielaw.org cdn.cookielaw.org	108 KB
6	aon.com 1 redirects gsft.arbt.aon.com xfst.arbt.aon.com	187 KB
1	onetrust.com geolocation.onetrust.com	521 B
25	4

	Domain	Requested by
12	impactondemand.aonbenfield.com	impactondemand.aonbenfield.com
7	cdn.cookielaw.org	impactondemand.aonbenfield.com cdn.cookielaw.org
4	xfst.arbt.aon.com	impactondemand.aonbenfield.com xfst.arbt.aon.com
2	gsft.arbt.aon.com	1 redirects xfst.arbt.aon.com
1	geolocation.onetrust.com	cdn.cookielaw.org
25	5

This site contains links to these domains. Also see Links.

Domain
gsft.arbt.aon.com
www.aon.com

Subject Issuer	Validity	Valid
impactondemand.aon.com DigiCert Global CA G2	`2020-05-06` - `2021-05-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
xfst.arbt.aon.com DigiCert SHA2 Secure Server CA	`2020-10-30` - `2021-11-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
Frame ID: 9CCE8FE63A4A3C9DB5A54646642D219D
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://impactondemand.aonbenfield.com/dataManager/Default.aspx Page URL
https://gsft.arbt.aon.com/AuthorizationServer/Aon.Arbt.AB.ImpactOnDemand.WebApi/oauth/authorize?client... HTTP 302
https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3d... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Page Statistics

25
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

1
Countries

514 kB
Transfer

2692 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://gsft.arbt.aon.com/Aon.Arbt.Security.SelfServiceWebsite/resetPassword
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://gsft.arbt.aon.com/Aon.Arbt.Security.SelfServiceWebsite
Title: Need help with your account?

Search URL Search Domain Scan URL

URL: http://www.aon.com/
Title: Home

Search URL Search Domain Scan URL

URL: http://www.aon.com/about-aon/privacy.jsp
Title: Privacy

Search URL Search Domain Scan URL

URL: http://www.aon.com/about-aon/contact-us.jsp
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://impactondemand.aonbenfield.com/dataManager/Default.aspx Page URL
https://gsft.arbt.aon.com/AuthorizationServer/Aon.Arbt.AB.ImpactOnDemand.WebApi/oauth/authorize?client_id=implicit-ImpactOnDemandWebApp&redirect_uri=https%3A%2F%2Fimpactondemand.aonbenfield.com%2Fmapping4%2F&response_type=token&scope=public&state=16171712490850.8588674117609143 HTTP 302
https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set Default.aspx Show response
impactondemand.aonbenfield.com/dataManager/ 41 KB
16 KB 2388ms
1963ms Document
text/html 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

8e16eddf0d4d95711b8df4c42151705f6bff62f6d0a3c66b794f6e6a1407da94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Host: impactondemand.aonbenfield.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server
Set-Cookie: DataManageSession=573cc37e-a6aa-4aac-aa6c-ab072c73f6da; path=/; secure; HttpOnly ASP.NET_SessionId=54mgsrvd2yczjcp0jzc5xtij; path=/; HttpOnly; SameSite=Lax
X-Powered-By
color: red
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-UA-Compatible: IE=edge
Date: Wed, 31 Mar 2021 06:14:07 GMT
Content-Length: 15570

GET
H/1.1 200
OK jquery-1.6.4.min.js Show response
impactondemand.aonbenfield.com/dataManager/lib/ 90 KB
40 KB 363ms
152ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/lib/jquery-1.6.4.min.js

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "04c117df8ebd51:0"
X-Powered-By
color: red
Content-Length: 40863
X-XSS-Protection: 1
X-UA-Compatible: IE=edge
Last-Modified: Tue, 25 Feb 2020 16:27:36 GMT
Server
X-Frame-Options: sameorigin
Date: Wed, 31 Mar 2021 06:14:07 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.signalR-2.2.2.min.js Show response
impactondemand.aonbenfield.com/dataManager/lib/ 36 KB
15 KB 1684ms
1424ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/lib/jquery.signalR-2.2.2.min.js

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

fabd2788e4a11ff0c9958bfbc019587becac24a6bb38924087768c38dff4a9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 25 Feb 2020 16:27:36 GMT
Server
X-Powered-By
ETag: "04c117df8ebd51:0"
X-Frame-Options: sameorigin
Content-Type: application/javascript
color: yellow
Date: Wed, 31 Mar 2021 06:14:08 GMT
Accept-Ranges: bytes
Content-Length: 14946
X-XSS-Protection: 1
X-UA-Compatible: IE=edge

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/8d51c194-b578-4807-bad2-5426f3dd657f/ 4 KB
2 KB 171ms
154ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8d51c194-b578-4807-bad2-5426f3dd657f/OtAutoBlock.js

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0b5432d16f378b55d3f513549728f9040145d45c6f3c9f4adb44f60e140495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: QahQzj9iPqnaWm4UlUWT3Q==
vary: Accept-Encoding
content-length: 1445
cf-request-id: 092884084e000097047aa03000000001
x-ms-lease-status: unlocked
last-modified: Tue, 15 Sep 2020 16:13:47 GMT
server: cloudflare
etag: 0x8D859925369C101
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ecc4ec6c-701e-00b7-7e7d-24d7e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f86ec2b9704-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 31ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JAEaYPmlzGBPWdORjSAaYw==
age: 4210
vary: Accept-Encoding
content-length: 5617
cf-request-id: 092884084e0000970452213000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:23 GMT
server: cloudflare
etag: 0x8D8F2581726E85D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0468e94c-d01e-00ba-3d48-2438ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f86ec2c9704-FRA

GET
H/1.1 200
OK Aon.GSF.js Show response
impactondemand.aonbenfield.com/dataManager/resources/lib/ 29 KB
9 KB 1694ms
1434ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/resources/lib/Aon.GSF.js?v=1.0.0.0

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

a6f62a75e2255ace35d0b2cc9af89437a6a36edebb53f60277fc9ae0ee15879c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 25 Feb 2020 16:28:02 GMT
Server
X-Powered-By
ETag: "095908cf8ebd51:0"
X-Frame-Options: sameorigin
Content-Type: application/javascript
color: yellow
Date: Wed, 31 Mar 2021 06:14:08 GMT
Accept-Ranges: bytes
Content-Length: 8629
X-XSS-Protection: 1
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK App.GSF.js Show response
impactondemand.aonbenfield.com/dataManager/resources/lib/ 1 KB
1 KB 1683ms
1423ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/resources/lib/App.GSF.js?v=1.0.0.0

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

081314cbc9d89de39ab83146c550d290e1c502a4a45abab9b3ae2339190fd718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 25 Feb 2020 16:28:02 GMT
Server
X-Powered-By
ETag: "095908cf8ebd51:0"
X-Frame-Options: sameorigin
Content-Type: application/javascript
color: yellow
Date: Wed, 31 Mar 2021 06:14:08 GMT
Accept-Ranges: bytes
Content-Length: 605
X-XSS-Protection: 1
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK loading_spin.gif
impactondemand.aonbenfield.com/dataManager/resources/images/ 14 KB
15 KB 137ms
136ms Image
image/gif 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://impactondemand.aonbenfield.com/dataManager/resources/images/loading_spin.gif

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 20 Mar 2020 01:47:02 GMT
Server
X-Powered-By
ETag: "0af767359fed51:0"
X-Frame-Options: sameorigin
Content-Type: image/gif
color: yellow
Date: Wed, 31 Mar 2021 06:14:08 GMT
Accept-Ranges: bytes
Content-Length: 14577
X-XSS-Protection: 1
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK forge.min.js
impactondemand.aonbenfield.com/dataManager/lib/ 33 KB
0 160ms
160ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/lib/forge.min.js

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "04c117df8ebd51:0"
Last-Modified: Tue, 25 Feb 2020 16:27:36 GMT
Server
X-Powered-By
X-Frame-Options: sameorigin
Content-Type: application/javascript
color: yellow
X-XSS-Protection: 1
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Wed, 31 Mar 2021 06:14:08 GMT
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK jszip.min.js
impactondemand.aonbenfield.com/dataManager/lib/ 100 KB
38 KB 135ms
135ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/lib/jszip.min.js

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 25 Feb 2020 16:27:36 GMT
Server
X-Powered-By
ETag: "04c117df8ebd51:0"
X-Frame-Options: sameorigin
Content-Type: application/javascript
color: yellow
Date: Wed, 31 Mar 2021 06:14:08 GMT
Accept-Ranges: bytes
Content-Length: 38609
X-XSS-Protection: 1
X-UA-Compatible: IE=edge

GET
H2 200 8d51c194-b578-4807-bad2-5426f3dd657f.json
cdn.cookielaw.org/consent/8d51c194-b578-4807-bad2-5426f3dd657f/ 4 KB
2 KB 122ms
109ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8d51c194-b578-4807-bad2-5426f3dd657f/8d51c194-b578-4807-bad2-5426f3dd657f.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: eBePmp0aIPqQj5dp+BM7EQ==
vary: Accept-Encoding
content-length: 1507
cf-request-id: 0928840fc700002b7d430f5000000001
x-ms-lease-status: unlocked
last-modified: Tue, 15 Sep 2020 16:13:47 GMT
server: cloudflare
etag: 0x8D859925374BF8C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cb6c3543-b01e-0162-697d-24d96b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f92df282b7d-FRA

GET
H/1.1 200
OK app.json
impactondemand.aonbenfield.com/dataManager/ 3 KB
1 KB 133ms
132ms XHR
application/x-javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/app.json?_dc=1617171249089

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "07399d759fed51:0"
X-Powered-By
color: red
Content-Length: 920
X-XSS-Protection: 1
X-UA-Compatible: IE=edge
Last-Modified: Fri, 20 Mar 2020 01:49:50 GMT
Server
X-Frame-Options: sameorigin
Date: Wed, 31 Mar 2021 06:14:09 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache
Accept-Ranges: bytes

GET
H/1.1

200
OK

Primary Request / Show response
xfst.arbt.aon.com/adfs/ls/
Redirect Chain

https://gsft.arbt.aon.com/AuthorizationServer/Aon.Arbt.AB.ImpactOnDemand.WebApi/oauth/authorize?client_id=implicit-ImpactOnDemandWebApp&redirect_uri=https%3A%2F%2Fimpactondemand.aonbenfield.com%2Fm...
https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252faut...

77 KB
77 KB

614ms
179ms

Document
text/html

72.32.173.12
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/resources/lib/Aon.GSF.js?v=1.0.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

72.32.173.12 Greenville, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

bb6d03399959714f710b77ef93cc520728d7f32184e52ff3be49daf244c2eb6a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Host: xfst.arbt.aon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://impactondemand.aonbenfield.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Response headers

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 78845
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0
x-frame-options: DENY
Date: Wed, 31 Mar 2021 06:14:09 GMT

Redirect headers

Cache-Control: private,no-cache, no store
Content-Type: text/html; charset=utf-8
Location: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
Server: Hidden
X-Powered-By: ASP.NET
Content-Security-Policy: object-src to 'none'
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Date: Wed, 31 Mar 2021 06:14:08 GMT
Content-Length: 604

GET
H2 200 location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
521 B 33ms
18ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 06:14:09 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 63876f93ac034a85-FRA
cf-request-id: 092884104700004a853191e000000001

GET
H/1.1 200
OK Dm-all_1.css
impactondemand.aonbenfield.com/dataManager/resources/ 327 KB
54 KB 176ms
175ms Stylesheet
text/css 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/resources/Dm-all_1.css?v=4.22.0.12

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "07399d759fed51:0"
X-Powered-By
color: red
Content-Length: 55288
X-XSS-Protection: 1
X-UA-Compatible: IE=edge
Last-Modified: Fri, 20 Mar 2020 01:49:50 GMT
Server
X-Frame-Options: sameorigin
Date: Wed, 31 Mar 2021 06:14:09 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes

GET
H/1.1 200
OK Dm-all_2.css
impactondemand.aonbenfield.com/dataManager/resources/ 156 KB
30 KB 160ms
159ms Stylesheet
text/css 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/resources/Dm-all_2.css?v=4.22.0.12

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 20 Mar 2020 01:49:50 GMT
Server
X-Powered-By
ETag: "07399d759fed51:0"
X-Frame-Options: sameorigin
Content-Type: text/css
color: yellow
Date: Wed, 31 Mar 2021 06:14:08 GMT
Accept-Ranges: bytes
Content-Length: 30199
X-XSS-Protection: 1
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK app.js
impactondemand.aonbenfield.com/dataManager/ 1 MB
0 260ms
156ms Script
application/javascript 98.129.221.236
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://impactondemand.aonbenfield.com/dataManager/app.js?v=4.22.0.12

Requested by

Host: impactondemand.aonbenfield.com
URL: https://impactondemand.aonbenfield.com/dataManager/Default.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

98.129.221.236 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://impactondemand.aonbenfield.com/dataManager/Default.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "e49357c45f60d61:0"
Last-Modified: Wed, 22 Jul 2020 19:39:08 GMT
Server
X-Powered-By
X-Frame-Options: sameorigin
Content-Type: application/javascript
color: yellow
X-XSS-Protection: 1
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Wed, 31 Mar 2021 06:14:08 GMT
X-UA-Compatible: IE=edge

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.6.0/ 338 KB
72 KB 20ms
20ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
age: 3708358
vary: Accept-Encoding
content-length: 73082
cf-request-id: 092884105c000097045c8eb000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
server: cloudflare
etag: 0x8D85529F2EBAD26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75e8843e-f01e-00e2-2e3a-043c94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f93ce159704-FRA
expires: Thu, 08 Apr 2021 06:14:09 GMT

GET
H2 200 en.json
cdn.cookielaw.org/consent/8d51c194-b578-4807-bad2-5426f3dd657f/e0ea0ebf-c6a0-4d47-bba8-4924bd0ae607/ 27 KB
8 KB 123ms
123ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8d51c194-b578-4807-bad2-5426f3dd657f/e0ea0ebf-c6a0-4d47-bba8-4924bd0ae607/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 0GavtOPsAnziOJm6wJvLTg==
vary: Accept-Encoding
content-length: 8329
cf-request-id: 092884107d00002b7de227f000000001
x-ms-lease-status: unlocked
last-modified: Tue, 15 Sep 2020 16:13:56 GMT
server: cloudflare
etag: 0x8D85992592C3A35
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4ec78811-601e-0046-1d7d-240670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f93f8962b7d-FRA

GET
H2 200 otFlat.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 12 KB
4 KB 12ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R7qOr1WClmhADOzbz5s+Bw==
age: 161445
vary: Accept-Encoding
content-length: 3248
cf-request-id: 09288410ff00002b7d393c5000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:24 GMT
server: cloudflare
etag: 0x8D85529EDFDCA3B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b4e00cfc-401e-0111-797d-24a9a8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f94c9612b7d-FRA
expires: Thu, 08 Apr 2021 06:14:09 GMT

GET
H2 200 otPcTab.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 57 KB
14 KB 113ms
112ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://impactondemand.aonbenfield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Mar 2021 06:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: Mg7iJdVoxVGmqw/VwCobbQ==
vary: Accept-Encoding
content-length: 14112
cf-request-id: 09288410ff00002b7d03379000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:26 GMT
server: cloudflare
etag: 0x8D85529EEE93F94
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8339df24-501e-00c6-57f5-25a5da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 63876f94c9632b7d-FRA
expires: Thu, 08 Apr 2021 06:14:09 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK style.css
xfst.arbt.aon.com/adfs/portal/css/ 8 KB
8 KB 339ms
133ms Stylesheet
text/css 72.32.173.12
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://xfst.arbt.aon.com/adfs/portal/css/style.css?id=146BDFDF15533F7C3A93AAD684E526832262A9F4041E11B5978E59609819BC01
Requested by: Host: xfst.arbt.aon.com
URL: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 72.32.173.12 Greenville, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 6c752eff56a5cd6335f5c7ead2a90434ce2d66031b67a9078b6d0914c835621e

Request headers

Referer: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 06:14:09 GMT
Expires: Fri, 30 Apr 2021 06:14:10 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 146BDFDF15533F7C3A93AAD684E526832262A9F4041E11B5978E59609819BC01
Content-Length: 8056
Content-Type: text/css

GET
H/1.1 200
OK logo.png
xfst.arbt.aon.com/adfs/portal/logo/ 4 KB
4 KB 429ms
169ms Image
image/png 72.32.173.12
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xfst.arbt.aon.com/adfs/portal/logo/logo.png?id=8546F5737385E0F5C4212EFB7F185E17AC28F7920B2AAC66F64957BF89260D4D
Requested by: Host: xfst.arbt.aon.com
URL: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 72.32.173.12 Greenville, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 8546f5737385e0f5c4212efb7f185e17ac28f7920b2aac66f64957bf89260d4d

Request headers

Referer: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 06:14:10 GMT
Expires: Fri, 30 Apr 2021 06:14:10 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 8546F5737385E0F5C4212EFB7F185E17AC28F7920B2AAC66F64957BF89260D4D
Content-Length: 4115
Content-Type: image/png

GET
H/1.1 200
OK default.css
gsft.arbt.aon.com/Aon.Security.ADFSExtensions/css/ 10 KB
11 KB 254ms
254ms Stylesheet
text/css 72.32.173.13
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://gsft.arbt.aon.com/Aon.Security.ADFSExtensions/css/default.css

Requested by

Host: xfst.arbt.aon.com
URL: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.32.173.13 Greenville, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

67bed90beb01cc710a183402ffc6814ac54af3c2028e78b176a920e3e80e3a6d

Security Headers

Name	Value
Content-Security-Policy	object-src to 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://xfst.arbt.aon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: object-src to 'none'
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 Mar 2021 15:35:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4d841f29d511d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache, no store
Date: Wed, 31 Mar 2021 06:14:09 GMT
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 10445

GET
H/1.1 200
OK illustration.gif
xfst.arbt.aon.com/adfs/portal/illustration/ 86 KB
86 KB 138ms
138ms Image
image/gif 72.32.173.12
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xfst.arbt.aon.com/adfs/portal/illustration/illustration.gif?id=9C2635F9F84637A07C38EBD3EA70AE6BE0881E3F629A8FFD49C8D4EA43BC8121
Requested by: Host: xfst.arbt.aon.com
URL: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 72.32.173.12 Greenville, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 9c2635f9f84637a07c38ebd3ea70ae6be0881e3f629a8ffd49c8d4ea43bc8121

Request headers

Referer: https://xfst.arbt.aon.com/adfs/ls/?wa=wsignin1.0&wtrealm=urn%3aauthorizationserver&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fAuthorizationServer%252fAon.Arbt.AB.ImpactOnDemand.WebApi%252foauth%252fauthorize%253fclient_id%253dimplicit-ImpactOnDemandWebApp%2526redirect_uri%253dhttps%25253A%25252F%25252Fimpactondemand.aonbenfield.com%25252Fmapping4%25252F%2526response_type%253dtoken%2526scope%253dpublic%2526state%253d16171712490850.8588674117609143&wct=2021-03-31T06%3a14%3a09Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 31 Mar 2021 06:14:10 GMT
Expires: Fri, 30 Apr 2021 06:14:10 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 9C2635F9F84637A07C38EBD3EA70AE6BE0881E3F629A8FFD49C8D4EA43BC8121
Content-Length: 88153
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
gsft.arbt.aon.com
impactondemand.aonbenfield.com
xfst.arbt.aon.com
2606:4700:10::6814:b844
2606:4700::6810:9540
72.32.173.12
72.32.173.13
98.129.221.236
081314cbc9d89de39ab83146c550d290e1c502a4a45abab9b3ae2339190fd718
2b0b5432d16f378b55d3f513549728f9040145d45c6f3c9f4adb44f60e140495
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
67bed90beb01cc710a183402ffc6814ac54af3c2028e78b176a920e3e80e3a6d
6c752eff56a5cd6335f5c7ead2a90434ce2d66031b67a9078b6d0914c835621e
8546f5737385e0f5c4212efb7f185e17ac28f7920b2aac66f64957bf89260d4d
8e16eddf0d4d95711b8df4c42151705f6bff62f6d0a3c66b794f6e6a1407da94
951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5
9c2635f9f84637a07c38ebd3ea70ae6be0881e3f629a8ffd49c8d4ea43bc8121
a6f62a75e2255ace35d0b2cc9af89437a6a36edebb53f60277fc9ae0ee15879c
bb6d03399959714f710b77ef93cc520728d7f32184e52ff3be49daf244c2eb6a
fabd2788e4a11ff0c9958bfbc019587becac24a6bb38924087768c38dff4a9f1

xfst.arbt.aon.com Open in urlscan Pro 72.32.173.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

6 IPs

1 Countries

514 kBTransfer

2692 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

xfst.arbt.aon.com Open in urlscan Pro
72.32.173.12 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

1
Countries

514 kB
Transfer

2692 kB
Size

0
Cookies

25 HTTP transactions
1 data transactions